Evergreen.git
19 months agoAllow QP tester to run without a full stack in simple situations
Mike Rylander [Fri, 11 Nov 2022 19:38:55 +0000 (14:38 -0500)]
Allow QP tester to run without a full stack in simple situations

Signed-off-by: Mike Rylander <mrylander@gmail.com>
Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
19 months agoLP#1775958: Rework pullup mechanism to flatten more nested queries
Mike Rylander [Fri, 12 Oct 2018 18:43:26 +0000 (14:43 -0400)]
LP#1775958: Rework pullup mechanism to flatten more nested queries

The bulk of this commit reworks the query tree pullup logic, which is
responsible for simplifying the query tree that is used to generate the
SQL query for search.  In particular, we now do a better job of finding
opportunities to merge adjacent parts of the query that have the same
requested_class (pre-dealiasing) in the face of boolean OR operators,
explicit grouping, and alternating requested_class values.  The result
is fewer joins in the SQL, which should speed up all but the most
trivial searches, and generally help protect the database from mis- or
mal-constructed queries.  We also now use CTEs to separate branches of
the logical search tree into descrete subqueries, which helps reduce
the total core query JOINs, and provides the planner with more options
for join order.

This also does away with the conversion of a negated atom into an
"un-phrase".  Instead, we just detect and handle those directly as atoms
with a prefix, as appropriate.  This allows single negated words to be
used directly in the core tsquery construct, rather than having them
require a separate join and special where clause.

Additionally, this commit handles phrases differently at both the QP and
SQL level, making use of Postgres's phrase support in modern versions
and simplifying how they're handled within the base parse tree
structure.

Signed-off-by: Mike Rylander <mrylander@gmail.com>
Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
19 months agoLP#1908576: Stamp Upgrade Script
Jason Boyer [Wed, 17 May 2023 14:59:17 +0000 (10:59 -0400)]
LP#1908576: Stamp Upgrade Script

Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
19 months agoLogin redirect restriction release notes
Mike Rylander [Tue, 21 Feb 2023 22:04:49 +0000 (17:04 -0500)]
Login redirect restriction release notes

Signed-off-by: Mike Rylander <mrylander@gmail.com>
Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
19 months agoLP#1908576: Restrict login redirection
Mike Rylander [Thu, 1 Dec 2022 19:13:35 +0000 (14:13 -0500)]
LP#1908576: Restrict login redirection

This commit implements a new global flag: opac.login_redirect_domains
When this flag is enabled, redirection from login via redirect_to will
be restricted to local URLs.  For local URLs, they must either start
with a / (provide an absolute path) or the hostname in the URL must
match the current hostname and have a scheme of http, https, ftp, or
ftps.

The value for the global flag can be set to a list of comma-separated
domain names.  Redirection to these domains, and subdomains/hosts
thereof, will also be allowed.  For all non-local URLs allowed by the
global flag value, the scheme must be one of http, https, ftp, or ftps.

Signed-off-by: Mike Rylander <mrylander@gmail.com>
Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
19 months agoTranslation updates - xtb files - 3.10
Galen Charlton [Wed, 17 May 2023 13:47:26 +0000 (09:47 -0400)]
Translation updates - xtb files - 3.10

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoTranslation updates - po files - 3.10
Galen Charlton [Wed, 17 May 2023 13:29:36 +0000 (09:29 -0400)]
Translation updates - po files - 3.10

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP#2019150: link to AngularJS Patron Requests interface
Galen Charlton [Wed, 10 May 2023 19:45:05 +0000 (15:45 -0400)]
LP#2019150: link to AngularJS Patron Requests interface

Due to a presumed timing issue in 2018, the AngularJS patron purchase
request interface created in bug 1774277 was never linked to from the
Angular navbar (only the AngularJS one).

This patch fixes this.

To test
-------
[1] Apply the patch.
[2] From the Angular menu, go to Acquisitions -> Patron Requests
    and verify that it loads the AngularJS interface rather
    than the legacy Dojo one.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
19 months agoLP2009092 Line item list checkbox labels
Stephanie Leary [Tue, 9 May 2023 18:46:15 +0000 (18:46 +0000)]
LP2009092 Line item list checkbox labels

Adds <label>s for the line item ID checkboxes in the PO list.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
19 months agoLP1915326: Followup to Silence Offline / Shared Worker Errors
Jason Boyer [Fri, 12 May 2023 17:44:14 +0000 (13:44 -0400)]
LP1915326: Followup to Silence Offline / Shared Worker Errors

The user agent string hasn't been 'PhantomJS' for quite some time, so look for
'Headless' and add that to the Firefox launcher. Also redirect requests for
offline-db-worker.js to the current directory.

Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
19 months agoLP#1915326: fix AngularJS test suite
Galen Charlton [Fri, 12 May 2023 14:48:45 +0000 (10:48 -0400)]
LP#1915326: fix AngularJS test suite

Several tests of egOrg started failing when Lovefield
was added as a dependency. This patch fixes them by
ensuring that Lovefield is loaded.

To test
-------
[1] Go to Open-ILS/web/js/ui/default/staff and run
    `npm run test`. Note that six tests fail because
    'lf' is undefined.
[2] Apply the patch and repeat step 1. This time, all
    of the tests should pass.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
19 months agoTranslation updates - newpot - rel_3_10
Galen Charlton [Fri, 12 May 2023 20:23:59 +0000 (16:23 -0400)]
Translation updates - newpot - rel_3_10

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP#1778567: don't return cached list/tree before updating
Jeff Davis [Tue, 7 Feb 2023 19:33:07 +0000 (11:33 -0800)]
LP#1778567: don't return cached list/tree before updating

The absorbList function can be used to append items to an existing
cached list (and ditto for absorbTree), so we shouldn't start off by
returning the cached version.

Thanks to James Fournie for catching this.

Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
Signed-off-by: Ruth Frasur <rfrasur@library.in.gov>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP2002363 Aria labels for catalog search +/- buttons
Stephanie Leary [Wed, 3 May 2023 17:39:41 +0000 (17:39 +0000)]
LP2002363 Aria labels for catalog search +/- buttons

Adds aria-label to the staff catalog search row plus/minus buttons. The
labels match the title attributes on the buttons, to allow dictation
users to identify the phrases that should be spoken to select the
buttons.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Chrystal Messam <messamc@liveoakpl.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP1808016: improve error handling by open-ils.pcrud
Jane Sandberg [Mon, 6 Mar 2023 00:57:50 +0000 (16:57 -0800)]
LP1808016: improve error handling by open-ils.pcrud

This patch ensures that requests to open-ils.pcrud return
an error code (before the request completion code) when
a permissions or constraint check fails.

To test
-------
[1] Make an invalid request, e.g., by attempting to create a claim
    type whose owner is not set in the Acquisitions Claiming admin
    interface.
[2] Note that the user interface reports that the action succeeds
    (although the new claim type is not actually created).
[3] Apply the patch and repeat step 1. This time, the admin interface
    shoudl report that the creation failed.

Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP2008918: (follow-up) standardize on the info cyan for the modal headers
Galen Charlton [Wed, 10 May 2023 15:53:35 +0000 (11:53 -0400)]
LP2008918: (follow-up) standardize on the info cyan for the modal headers

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP2008918: use new default colors for modal headers
Jane Sandberg [Fri, 3 Mar 2023 02:30:27 +0000 (18:30 -0800)]
LP2008918: use new default colors for modal headers

Signed-off-by: Jane Sandberg <js7389@princeton.edu>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP2008918: default modal background color
Jane Sandberg [Wed, 1 Mar 2023 17:37:32 +0000 (09:37 -0800)]
LP2008918: default modal background color

To test:
1) Open the holdings editor in the angular staff catalog
2) right click on an item
3) select Add/Manage Item notes
4) Note that you can't see the text at the top of the modal, nor can you see the close button
5) Apply this patch and repeat steps 1-3
6) Note that the modal header is a darker color, so the text and close button are again visible.

Signed-off-by: Jane Sandberg <js7389@princeton.edu>
Signed-off-by: Stephanie Leary <stephanie.leary@equinoxOLI.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP#1901072 Menus Don't Recognize Max Recent Patrons Setting
Dan Briem [Sat, 4 Mar 2023 21:10:44 +0000 (21:10 +0000)]
LP#1901072 Menus Don't Recognize Max Recent Patrons Setting

On the Angular menu, both Retrieve Last Patron and Recent Patrons
links appear under Circulation, regardless of what the "Number of
Retrievable Recent Patrons" setting is set to.

On both the AngularJS and Angular menus, both links appear under
Circulation (Experimental).

On the Angular menu, Circulation->Retrieve Recent Patrons links
to the Angular interface instead of the AngularJS interface.

To test this fix:
1. Set Enable Angular Circulation Menu setting to True
2. Set Number of Retrievable Recent Patrons setting to 0
   - Retrieve Last Patron and Recent Patrons links don't appear
3. Set to 1 or unset (default fallback is 1)
   - Retrieve Last Patron link appears only
4. Set to greather than 1
   - both links appear
   - Circulation->Retrieve Recent Patrons loads the AngJS interface

Signed-off-by: Dan Briem <dbriem@wlsmail.org>
Signed-off-by: Susan Morrison <smorrison@georgialibraries.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
19 months agoLP2015137 Tab order for admin splash link tables
Stephanie Leary [Mon, 8 May 2023 22:37:27 +0000 (22:37 +0000)]
LP2015137 Tab order for admin splash link tables

Replaces row/column logic with CSS columns in the link table component
used in settings screens. This allows the user to tab through the
settings in alphabetical order, rather than the three-across groupings
that previously broke up similarly named settings.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
19 months agoLP#2013223: quiet browser console noise from some AngularJS grids
Galen Charlton [Wed, 29 Mar 2023 16:09:32 +0000 (12:09 -0400)]
LP#2013223: quiet browser console noise from some AngularJS grids

This patch quells console error noise from certain AngularJS grids.

To test
-------
[1] Go to the AngularJS Renew Items, Holds Shelf, or patron holds list
    pages.
[2] Note that the brower console has a lot of "TypeError: action.handler is undefined"
    error messages.
[3] Apply the patch and repeat step 1. This time, the "action.handler"
    errors should be gone.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
19 months agoLP#1920826: Add release notes and stamp upgrade script
Chris Sharp [Tue, 9 May 2023 15:08:25 +0000 (11:08 -0400)]
LP#1920826: Add release notes and stamp upgrade script

Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
19 months agoLP#1920826: ensure that some DB updates missed in 3.6.0 are included
Galen Charlton [Fri, 31 Mar 2023 22:11:36 +0000 (18:11 -0400)]
LP#1920826: ensure that some DB updates missed in 3.6.0 are included

This patch fixes a situation where an Evergreen database that had
been been upgraded to 3.6.0 at some point in its past using the
3.5.1-3.6.0 DB update script may be missing some DB revisions.

To test
-------
[1] Locate a test database that had been upgraded to 3.6.0 at some point
    and is missing some or all of DB revisions 1236-1240.
[2] Run the DB update in this patch.
[3] Verify that the DB revisions are in place and that the following
    bugs are resolved:

    - https://bugs.launchpad.net/evergreen/+bug/1788260 (1236)
    - https://bugs.launchpad.net/evergreen/+bug/1908727 (1237)
    - https://bugs.launchpad.net/evergreen/+bug/1835127 (1238)
    - https://bugs.launchpad.net/evergreen/+bug/1910891 (also 1238)
    - https://bugs.launchpad.net/evergreen/+bug/1882825 (1239)
    - https://bugs.launchpad.net/evergreen/+bug/1096209 (1240)

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
19 months agoLP#2003946 Add Release Note
Michele Morgan [Tue, 9 May 2023 14:31:33 +0000 (10:31 -0400)]
LP#2003946 Add Release Note

Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
19 months agoLP2003946 LI ID in Search jumps to item detail page
Tiffany Little [Thu, 26 Jan 2023 14:18:01 +0000 (09:18 -0500)]
LP2003946 LI ID in Search jumps to item detail page

Signed-off-by: Tiffany Little <tlittle@georgialibraries.org>
Signed-off-by: Christine Morgan <cmorgan@noblenet.org>
Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
19 months agoLP1972917: fix circ modifier column in course materials grid
Jane Sandberg [Fri, 3 Mar 2023 23:55:43 +0000 (15:55 -0800)]
LP1972917: fix circ modifier column in course materials grid

To test:
1. Add a circulation modifier to your system if it doesn't
already have some.
2. In Local Admin > Course Materials > Edit Course > Course
Materials, turn on the circ modifier column in the grid.
3. Associate an item with the course using its barcode.
Make sure you have selected a circulation modifier and
checked the circulation modifier box.
4. Press the "Add Material" button.
5. Note that the circulation modifier column says
"[Object object]"
6. Apply this patch and repeat steps 2-4.
7. Note that the column now has the name of the circulation
modifier.

Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
Signed-off-by: Jennifer Pringle <jennifer.pringle@bc.libraries.coop>
Signed-off-by: Beth Willis <willis@noblenet.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP2001728 - Don't display circ_staff for opac and autorenewals
Michele Morgan [Wed, 1 Mar 2023 17:18:09 +0000 (12:18 -0500)]
LP2001728 - Don't display circ_staff for opac and autorenewals

Item Status Circ History List: Displays the placeholder <OPAC Renewal>
or <Auto-renewal> instead of the patron information in the Check Out
Staff field.

Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
Signed-off-by: Gina Monti <gmonti@biblio.org>
Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
19 months agoLP#2004052 Hold Shelf Actions Menu Includes Irrelevant Actions
Dan Briem [Thu, 16 Mar 2023 18:21:03 +0000 (14:21 -0400)]
LP#2004052 Hold Shelf Actions Menu Includes Irrelevant Actions

Removes Activate, Suspend, Set Top of Queue, Un-Set Top of Queue,
Set Desired Item Quality, Transfer to Marked Title from the
actions menu on the Holds Shelf grid.

Signed-off-by: Dan Briem <dbriem@wlsmail.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
19 months agoLP2015481: Re-align Labels for Circ History
Jason Boyer [Thu, 6 Apr 2023 14:46:54 +0000 (10:46 -0400)]
LP2015481: Re-align Labels for Circ History

Move Call number to the end of the Circ History table to match Items Out
and also correct the label order for narrow screen CSS.

Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
19 months agoLP2015141 Labels for email record math captcha
Stephanie Leary [Wed, 3 May 2023 12:46:15 +0000 (12:46 +0000)]
LP2015141 Labels for email record math captcha

Adds a <label> tag surrounding the math problem shown to users who are
not logged in when they email a record from the OPAC.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP#2018534: treat year as numeric when retrieving item circs by year
Jeff Davis [Thu, 4 May 2023 18:13:42 +0000 (11:13 -0700)]
LP#2018534: treat year as numeric when retrieving item circs by year

The open-ils.pcrud.search.circbyyr API uses EXTRACT to extract the year
from circulation timestamps.  In recent versions of Postgres, the return
type for EXTRACT was changed from double precision to numeric (thanks to
Jason Boyer for noticing this!); for obscure reasons, this causes pcrud
to return the year as a string instead of a number.  So, let's get the
staff client to force those values to be numbers before doing math with
them.

Signed-off-by: Jeff Davis <jeff.davis@bc.libraries.coop>
Signed-off-by: Mike Rylander <mrylander@gmail.com>
19 months agoLP2018208 Empty alt for result record images, icons
Stephanie Leary [Wed, 3 May 2023 17:18:59 +0000 (17:18 +0000)]
LP2018208 Empty alt for result record images, icons

Adds empty alt attributes for jacket images and format icons that are
immediately followed by equivalent text representations, and are
therefore redundant for screen reader users.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoTranslation updates - newpot - rel_3_10
Galen Charlton [Wed, 3 May 2023 15:34:03 +0000 (11:34 -0400)]
Translation updates - newpot - rel_3_10

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
19 months agoLP2018326 Contrast fix for catalog pagination
Stephanie Leary [Tue, 2 May 2023 18:36:59 +0000 (18:36 +0000)]
LP2018326 Contrast fix for catalog pagination

Adds explicit background color styles in the staff catalog pagination
component to prevent blue-on-blue links for the current page.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
19 months agoUpdating fonts and sounds settings
Gina Monti [Tue, 14 Feb 2023 16:07:04 +0000 (11:07 -0500)]
Updating fonts and sounds settings

No LP, DIG revamp project.

Changing to Disable Sounds

Fixing typo.

Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
20 months agoLP1615707 ARIA landmarks for staff interface
Stephanie Leary [Mon, 12 Dec 2022 20:27:26 +0000 (14:27 -0600)]
LP1615707 ARIA landmarks for staff interface

Adds the following ARIA landmarks and roles to the Angular staff
interface:

* <main> and role="main" for the content container
* <nav> and role="navigation" for the navbar
* role="form" for the catalog search form (which lacks a <form> tag)
* role="search" for the search tab panel inside the form
* type="search" and role="searchbox" for the search term input field
* a custom region for the bib record summary box
* <aside> and role="complementary" for the facet sidebar

To construct the ARIA label for the bib record summary, I've added an ID
to the header row of the bib summary component so the screen reader can
use the localized text.

Since the staff interface doesn't really have a header section other
than the navigation, and there is no footer, I've left out these
landmarks.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxOLI.org>
Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
20 months agoDocs: updates to record buckets
Britta Dorsey [Wed, 26 Apr 2023 15:58:14 +0000 (11:58 -0400)]
Docs: updates to record buckets

Signed-off-by: Britta Dorsey <bdorsey@library.in.gov>
Signed-off-by: Andrea Buntz Neiman <abneiman@equinoxinitiative.org>
20 months agoLP#1791791: remove a regression regression on bug 1923225
Galen Charlton [Thu, 30 Mar 2023 18:11:26 +0000 (14:11 -0400)]
LP#1791791: remove a regression regression on bug 1923225

This was introduced on the Bootstrap side by the patch for
bug 1955403.

To test:

[0] This applies to the Bootstrap OPAC skin.
[1] Perform a search on ISBN.
[2] Note that on the record page, the ISBN (under more details)
    is not properly highlighted.
[3] Apply the patch and repeat step 1. This time, the ISBN
    should be highlighted.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1791791: prevent regression on bug 1923225
Galen Charlton [Thu, 30 Mar 2023 18:06:35 +0000 (14:06 -0400)]
LP#1791791: prevent regression on bug 1923225

Ensures that when doing an ISBN search, the ISBN on the record
page is properly highlighted.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP1791791: Google book previews not displaying from a bib linked from a search.
Garry Collum [Sun, 19 Dec 2021 01:31:22 +0000 (20:31 -0500)]
LP1791791: Google book previews not displaying from a bib linked from a search.

The javascript that queries Google Books Preview looks for ISBN(s) wrapped in
a rdetail_value class.  There was a line of code in which the isbn variable
 was not enclosed in this class.  This patch just wraps that stray variable
into a <span> with the class.

To test:
0. Use the TPAC skin - this bug does not affect the Bootstrap skin
1. Perform a keyword search for an bib that should have a google book's link.
   As of March 2023, ISBN 9780786496570 has previews enabled.
2. Go to the bib display and notice that there is no link.
3. Remove the ';query=something' text from the url and notice that the
google book information displays.
4. Apply the patch.
5. Perform the same search.  The google book information should now display.

Signed-off-by: Garry Collum <gcollum@gmail.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1863387: multi-select now allows filtering shelving locations by owner
Galen Charlton [Fri, 9 Sep 2022 16:55:22 +0000 (12:55 -0400)]
LP#1863387: multi-select now allows filtering shelving locations by owner

The Angular multi-select component now has a special case for
shelving locations: when the IDL class of "acpl" is selected,
rather than just displaying a combobox, the item-location-select
component followed by an org selector is displayed and checkbox.

The org selector defaults to workstation OU and is used to restrict
the list of shelving locations displayed in the shelving location
combobox to the context org unit and its ancestors. If the checkbox
is also selected, descendants of the context OU are included as well.

The effect of this is to allow large consortial to more efficiently
select the shelving locations to be used by a carousel.

To test
-------
[1] Apply the patch.
[2] Create or edit carousel definitions. Verify that the widget
    for the carousel's shelving locations now displays both a
    combobox for the location selector as well as one for the
    location owning library. Further verify that when the OU
    selector for the owning library is changed, that the list
    of available shelving locations reflects the locations available
    at the ancestors of the filter OU. Also verify that the
    "Include descendants?" checkbox updates the list of available
    locations as well.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
fix

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
20 months agoforward-port 3.10.0 database update script (belatedly, for rel_3_10)
Galen Charlton [Wed, 16 Nov 2022 00:12:45 +0000 (19:12 -0500)]
forward-port 3.10.0 database update script (belatedly, for rel_3_10)

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1970946: add release notes
Galen Charlton [Wed, 19 Apr 2023 14:11:58 +0000 (10:11 -0400)]
LP#1970946: add release notes

This change exists only in rel_3_10 since this will
be included in a maintenance release.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1970946: stamp schema update
Galen Charlton [Wed, 19 Apr 2023 14:05:13 +0000 (10:05 -0400)]
LP#1970946: stamp schema update

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP1970946 Adjust color contrast in result highlights
Stephanie Leary [Mon, 9 Jan 2023 19:46:53 +0000 (13:46 -0600)]
LP1970946 Adjust color contrast in result highlights

Lowers the contrast on search result match highlights in the staff
catalog, and changes the highlight tag from <b> (PostgreSQL's default),
to <mark> (new in HTML5).

As an additional consequence, the color contrast for highlighted
search terms in the Bootstrap OPAC (using default styles) improves
from 4.38 to 17.12.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxOLI.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP2009865 Revised search result headings & source order
Stephanie Leary [Thu, 9 Mar 2023 16:08:40 +0000 (16:08 +0000)]
LP2009865 Revised search result headings & source order

Revises the hierarchy of headings in the search results. In combination
with the H1 provided in in bug #1994711, the result is now:

h1. Staff Catalog
h2. Search Results (N)
(repeat for each result:)
h3. [Title] [Author]
h2. Facets
(repeat for each facet box:)
h3. [Facet title]

The source order of the results list and facet sidebar have been
swapped. The facets still appear on the left visually, but now fall
after the results in the document.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP1994711 Restore <eg-title> to staff banner
Stephanie Leary [Mon, 17 Apr 2023 20:24:36 +0000 (20:24 +0000)]
LP1994711 Restore <eg-title> to staff banner

Restores <eg-title> to staff-banner.component.html for pages that don't
have their titles set by any other method.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP1994711 Semantic H1 headings for page titles
Stephanie Leary [Fri, 14 Apr 2023 19:27:26 +0000 (19:27 +0000)]
LP1994711 Semantic H1 headings for page titles

Patch alters the markup within <eg-staff-banner> to include H1 headings
for page titles.

The patch also includes a new CSS file for the course page component,
which appears to be the only component taking advantage of the custom
classes and icons for page titles. I've made archived course titles gray
and italicized.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1996651: treat empty string as null for preferred name/alias in wide_hold_data
Jeff Davis [Tue, 15 Nov 2022 23:11:49 +0000 (15:11 -0800)]
LP#1996651: treat empty string as null for preferred name/alias in wide_hold_data

This prevents the patron name from appearing blank in the hold shelf
"User Display Name" or "User Alias or Display Name" columns when the
alias or preferred name fields are empty strings.

Signed-off-by: Jeff Davis <jeff.davis@bc.libraries.coop>
Signed-off-by: Susan Morrison <smorrison@georgialibraries.org>
Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
20 months agoLP2016341 Fix duplicate ID in staff catalog record
Stephanie Leary [Fri, 14 Apr 2023 21:43:02 +0000 (21:43 +0000)]
LP2016341 Fix duplicate ID in staff catalog record

Gives the actions button area a different ID than the navigation.

Signed-off-by: Stephanie Leary <stephanie.leary@equinoxoli.org>
Signed-off-by: Jane Sandberg <js7389@princeton.edu>
20 months agoLP1889916 SMS Carrier does not include region in borrower edit screen
Garry Collum [Fri, 13 Aug 2021 17:41:02 +0000 (13:41 -0400)]
LP1889916 SMS Carrier does not include region in borrower edit screen

Displays the region next to the carrier name and in the borrower edit and
create screens.  Also sorts the carrier names alphabetically.

Signed-off-by: Garry Collum <gcollum@gmail.com>
Signed-off-by: Josh Stompro <stomproj@larl.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1716479: (follow-up) fix handling of onSave callbacks for AngularJS MARC edit
Galen Charlton [Tue, 4 Apr 2023 15:10:21 +0000 (11:10 -0400)]
LP#1716479: (follow-up) fix handling of onSave callbacks for AngularJS MARC edit

This patch fixes an issue that has been present for a while but
clarified by Beth Wills in the course of testing the base patch
for this bug.

Specifically, the routine to process onSave callbacks was
not bound to the scope properly, meaning that the wrong onSave
callbacks could be run when dealing with mutiple active
egMarcEditRecords.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP1716479: Make sure authority linker works in embedded MARC editors
Jane Sandberg [Thu, 29 Aug 2019 01:09:35 +0000 (18:09 -0700)]
LP1716479: Make sure authority linker works in embedded MARC editors

1) Perform a z39.50 search
2) Select a record
3) Click Edit then Import
4) Click on the link next to any authorizable field.
5) You will see a mysteriously data-free heading: {{bibField.tag}} {{bibField.ind1}}{{bibField.ind2}}
6) Clicking on the "Immediately" and "Create and edit" buttons doesn't work.
7) Apply this patch and repeat steps 1-6.
8) Note that the heading is now correct, and the buttons work.

Signed-off-by: Jane Sandberg <sandbej@linnbenton.edu>
Signed-off-by: Jennifer Weston <jennifer.weston@equinoxOLI.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoDocs: More README Cleanup
Jason Stephenson [Mon, 3 Apr 2023 16:40:46 +0000 (12:40 -0400)]
Docs: More README Cleanup

Fix "Installing PostgreSQL server packages" heading.  It was showing
up as a list entry.

Drop the text about installing additional packages for the database,
since there are none to install at this time.  (We could replace that
with a subsection on the packages required for a standalong databse
server without all of Evergreen installed on it.)

Add a "Create the Evergreen PostgreSQL user" heading above the
instructions to creat the evergreen user in the database.

Co-authored-by: Ben Shum <ben@evergreener.net>
Signed-off-by: Jason Stephenson <jason@sigio.com>
20 months agoDocs: Remove extraneous blank line from README introduced by LP1947728
Jason Stephenson [Mon, 3 Apr 2023 15:52:08 +0000 (11:52 -0400)]
Docs: Remove extraneous blank line from README introduced by LP1947728

When processing the README with asciidoc the following message appears:

asciidoc: WARNING: README: line 82: list item index: expected 1 got 3

This is caused by a blank line on line 74 introduced in the
removal of the Debian Stretch prerequisites.

Co-authored-by: Ben Shum <ben@evergreener.net>
Signed-off-by: Jason Stephenson <jason@sigio.com>
20 months agodocs: (follow-up) tweak OpenAthens doc
Galen Charlton [Fri, 31 Mar 2023 18:01:02 +0000 (14:01 -0400)]
docs: (follow-up) tweak OpenAthens doc

- fix a warning for a NOTE block
- link to the navigation

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoAdd files via upload
spmorrison [Thu, 16 Mar 2023 17:35:42 +0000 (13:35 -0400)]
Add files via upload

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoDocs: Configuring sign-on to OpenAthens
spmorrison [Thu, 16 Mar 2023 17:31:28 +0000 (13:31 -0400)]
Docs: Configuring sign-on to OpenAthens

Adding new page for OpenAthens configuration. Used documentation from 3.10 release notes, with the addition of a couple screenshots.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP1970476: Restore Localization Function Wrapper
Jason Stephenson [Fri, 10 Feb 2023 15:06:03 +0000 (10:06 -0500)]
LP1970476: Restore Localization Function Wrapper

The previous commit removed the l() function wrapper from two bits of
text when it probably should not have.  This commiet restores it.

Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: John Amundson <jamundson@cwmars.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP1970476 Where filter in Bootstrap Catalog Produces Unwanted Results
Terran McCanna [Wed, 19 Oct 2022 14:54:19 +0000 (10:54 -0400)]
LP1970476 Where filter in Bootstrap Catalog Produces Unwanted Results

Prior to this change, the Advanced Search page split the library selector
and the "Where" scope selector into two separate dropdown lists that
produced unexpected results when both were used.

This change uses the same approach as the combined dropdown on the Basic
search page instead.

Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org>
Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
Signed-off-by: John Amundson <jamundson@cwmars.org>
Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1981774: (follow-up) fix a straggling "opac-button"
Galen Charlton [Fri, 31 Mar 2023 14:10:55 +0000 (10:10 -0400)]
LP#1981774: (follow-up) fix a straggling "opac-button"

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1981774: use Bootstrap CSS classes for buttons instead of opac-button
Jeff Davis [Fri, 15 Jul 2022 22:28:24 +0000 (15:28 -0700)]
LP#1981774: use Bootstrap CSS classes for buttons instead of opac-button

Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
Signed-off-by: Garry Collum <gcollum@gmail.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1981774: fix button CSS on curbside in Bootstrap OPAC
Jeff Davis [Fri, 15 Jul 2022 22:32:28 +0000 (15:32 -0700)]
LP#1981774: fix button CSS on curbside in Bootstrap OPAC

Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
Signed-off-by: Garry Collum <gcollum@gmail.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1752334: (follow-up) adjust to allow "0" as a note
Galen Charlton [Fri, 31 Mar 2023 13:43:53 +0000 (09:43 -0400)]
LP#1752334: (follow-up) adjust to allow "0" as a note

Also ignore the additional note parameter if all it has
are zero or more whitespace characters.

It's unlikely that a client would want to set the additional
note to "0", but it's nonetheless a good idea to distinguish
between difference versions of Perl's false value.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
20 months agoLP#1752334 - BadContact, use additional note if provided.
Josh Stompro [Thu, 28 Feb 2019 16:41:01 +0000 (10:41 -0600)]
LP#1752334 - BadContact, use additional note if provided.

If an additional note is provided when marking a contact invalid,
then that note should be appended to the penalty note field.

This change adds that functionality.  This doesn't change the results
for staff that are using the invalidate buttons in the client, since
there isn't a chance to add an additional note from that interface.

But if someone is calling open-ils.actor.invalidate.email via some other
method, then you can specify the additional note.

I would like to be able to add extra notes when automatically processing
bounced emails, to give staff a clue as to why the email failed.  Such as
"<email> Account over quota for past 3 weeks, ask patron to check their account."

Includes a new perl live test to check the new behavior, along with all
the open-ils.actor.invalidate.* call options.

Testing plan:

Before fix.
1. Choose a patron with an email address and note their patron id number.
2. Run an srfsh shell.
3. Login to get an auth token 'login username password'
4. Run the invalidate email command to mark the users email invalid, including
   an addition note value.
  srfsh# request open-ils.actor open-ils.actor.invalidate.email "<authtoken>" "<patronid>" "Testing Additional Note"
5. Take a look at the patron account and see that the penalty message only
   includes a copy of the email address that was marked invalid.

After fix.
1. Restart the opensrf actor service if needed to re-read the changed perl module.
  osrf_control -l --service open-ils.actor --restart
2. Remove the penalty and re-add email address to test patron's account.
3. Run an srfsh shell.
4. Login to get an auth token 'login username password'
5. Run the invalidate email command to mark the users email invalid,
   including an addition note value.
  srfsh# request open-ils.actor open-ils.actor.invalidate.email "<authtoken>" "<patronid>" "Testing Additional Note"
6. Take a look at the patron account and see that the penalty message note
   now includes the additional note.

Run the live test at Evergreen/Open-ILS/src/perlmods/live_t
perl ./36-lp1752334-badcontact.t

Signed-off-by: Josh Stompro <stomproj@larl.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP1879517: Surveys shouldn't end before they begin
Jane Sandberg [Thu, 21 Jul 2022 00:00:24 +0000 (20:00 -0400)]
LP1879517: Surveys shouldn't end before they begin

To test:
1. Go to Admin > Local > Surveys.
2. Create a new survey.
3. Attempt to create a survey where the end date
comes before the start date.  Without this patch, you will get
no notice that this is invalid, and you can save the invalid
record.
4. Edit an existing survey.
5. Repeat step 3 while editing the existing survey.
6. Apply the patch.
7. Repeat steps 1-5.  Note that you now get a notice and
cannot save if the end date is before the start date.

This commit generalizes a validator already present in the booking
module, and corrects several small bugs related to the datetime-select
component.

Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
Signed-off-by: Susan Morrison <smorrison@georgialibraries.org>
Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
21 months agoLP#1964986: encourage distinct results when querying the ahopl IDL source
blake [Tue, 15 Mar 2022 16:48:12 +0000 (11:48 -0500)]
LP#1964986: encourage distinct results when querying the ahopl IDL source

This patch addresses a now-theoretical issue where a direct PCRUD
query of ahopl could return duplicate rows in cases where the patron
linked to the hold request has multiple penalties attached.

The significance of this change is likely minor nowadays, as ahopl
was directly used by Evergreen only by the Dojo and AngularJS hold
pull lists, and as of 3.8 the Evergreen Angular pull list uses a
different approach for querying the pull list. However, until such
time as ahopl is deprecated and removed, this change may help
local integrations.

Signed-off-by: blake <blake@mobiusconsortium.org>
Signed-off-by: Jennifer Weston <jennifer.weston@equinoxOLI.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP#1972738: add release note entry
Galen Charlton [Mon, 27 Mar 2023 19:55:32 +0000 (15:55 -0400)]
LP#1972738: add release note entry

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP#1972738: stamp schema update
Galen Charlton [Mon, 27 Mar 2023 19:53:31 +0000 (15:53 -0400)]
LP#1972738: stamp schema update

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP#1972738: add an ANALYZE after the index gets created
Galen Charlton [Mon, 27 Mar 2023 19:52:18 +0000 (15:52 -0400)]
LP#1972738: add an ANALYZE after the index gets created

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP1972738: Add index on hopeless date
Jason Stephenson [Tue, 10 May 2022 15:07:25 +0000 (11:07 -0400)]
LP1972738: Add index on hopeless date

Add an index on action.hold_request hopeless_date column to speed up
hopeless holds processing.

Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP#1369345: de-duplicate ILS events and clean up whitespace
Chris Sharp [Wed, 8 Mar 2023 16:25:01 +0000 (11:25 -0500)]
LP#1369345: de-duplicate ILS events and clean up whitespace

Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoclear RELEASE_NOTES_NEXT after release of 3.10.1
Galen Charlton [Mon, 27 Mar 2023 15:51:07 +0000 (11:51 -0400)]
clear RELEASE_NOTES_NEXT after release of 3.10.1

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoforward-port 3.10 upgrade scripts
Galen Charlton [Mon, 27 Mar 2023 15:46:58 +0000 (11:46 -0400)]
forward-port 3.10 upgrade scripts

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoforward-port version upgrade scripts
Galen Charlton [Mon, 27 Mar 2023 15:46:18 +0000 (11:46 -0400)]
forward-port version upgrade scripts

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agofix title of the 3.10 release notes document
Galen Charlton [Mon, 27 Mar 2023 15:43:49 +0000 (11:43 -0400)]
fix title of the 3.10 release notes document

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoTranslation updates - newpot
Galen Charlton [Fri, 24 Mar 2023 18:39:25 +0000 (14:39 -0400)]
Translation updates - newpot

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoDocs: 3.10.1 release notes - edited
Michele Morgan [Fri, 24 Mar 2023 17:01:35 +0000 (13:01 -0400)]
Docs: 3.10.1 release notes - edited

Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoDocs: 3.9.2 release notes - edited
Michele Morgan [Fri, 24 Mar 2023 17:00:00 +0000 (13:00 -0400)]
Docs: 3.9.2 release notes - edited

Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoupdate 3.8.3 release notes to include security fix information
Galen Charlton [Fri, 24 Mar 2023 17:42:39 +0000 (13:42 -0400)]
update 3.8.3 release notes to include security fix information

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoupdate 3.9.2 release notes to include security fix information
Galen Charlton [Fri, 24 Mar 2023 17:41:24 +0000 (13:41 -0400)]
update 3.9.2 release notes to include security fix information

Also fixes a typo

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoupdate 3.10.1 release notes to include security fix
Galen Charlton [Fri, 24 Mar 2023 17:39:53 +0000 (13:39 -0400)]
update 3.10.1 release notes to include security fix

Also fixes a typo.

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoDocs: 3.10.1 release notes
Andrea Buntz Neiman [Thu, 23 Mar 2023 22:38:13 +0000 (18:38 -0400)]
Docs: 3.10.1 release notes

Signed-off-by: Andrea Buntz Neiman <abneiman@equinoxinitiative.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoadd 3.10 release notes to rel_3_10
Galen Charlton [Fri, 24 Mar 2023 17:47:22 +0000 (13:47 -0400)]
add 3.10 release notes to rel_3_10

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoDocs: 3.9.2 release notes
Andrea Buntz Neiman [Thu, 23 Mar 2023 21:18:12 +0000 (17:18 -0400)]
Docs: 3.9.2 release notes

Signed-off-by: Andrea Buntz Neiman <abneiman@equinoxinitiative.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoDocs: 3.8.3 release notes
Andrea Buntz Neiman [Thu, 23 Mar 2023 19:11:35 +0000 (15:11 -0400)]
Docs: 3.8.3 release notes

Signed-off-by: Andrea Buntz Neiman <abneiman@equinoxinitiative.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP#1361782: (follow-up) fix the default search limit in seed data
Galen Charlton [Thu, 23 Mar 2023 21:22:54 +0000 (17:22 -0400)]
LP#1361782: (follow-up) fix the default search limit in seed data

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP#1361782: stamp DB update
Galen Charlton [Thu, 23 Mar 2023 19:11:49 +0000 (15:11 -0400)]
LP#1361782: stamp DB update

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoDoS protection release notes
Mike Rylander [Tue, 21 Feb 2023 20:36:46 +0000 (15:36 -0500)]
DoS protection release notes

Signed-off-by: Mike Rylander <mrylander@gmail.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP#1361782: Add DoS protection
Mike Rylander [Tue, 22 Nov 2022 21:38:03 +0000 (16:38 -0500)]
LP#1361782: Add DoS protection

This commit adds two types of simple DoS protection:

 * Limit concurrent search requests per client IP address, regardless of
 the searches being performed.  This helps address issues of accidental
 spamming from a malfunctioning OPAC workstation, or crawlers of various
 types.  The limit is controlled by a global flag called
 "opac.max_concurrent_search.ip".

 * Limit the global concurrent search requests for the same query.  This
 helps address both simple and distributed DoS that send the same search
 request over and over.  The limit is controlled by a global flag called
 "opac.max_concurrent_search.query", and defaults to 20.

When the limit is exceeded in either case the client receives an HTTP
429 "Too many requests" response from the web server, and the connection
is ended.

Signed-off-by: Mike Rylander <mrylander@gmail.com>
Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoqtype CGI param protection release notes
Mike Rylander [Tue, 21 Feb 2023 21:53:53 +0000 (16:53 -0500)]
qtype CGI param protection release notes

Signed-off-by: Mike Rylander <mrylander@gmail.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP#1811685: qtype CGI parameter checking
Mike Rylander [Thu, 17 Nov 2022 22:11:38 +0000 (17:11 -0500)]
LP#1811685: qtype CGI parameter checking

With this commit we throw away searches with invalid qtype value based
on configured classes and aliases.  Invalid qtype values have been seen
in the wild as part of attempted (but failed) SQL injection attacks, so
we will tighten up what we accept.

As an additional (unrelated) bonus, this commit also avoids prepending
the search class on basic search when the class (from qytpe) is not
exactly "keyword".

Signed-off-by: Mike Rylander <mrylander@gmail.com>
Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP # 1965447: adjust scoping of item tags Angular Holdings Editor
Jessica Woolford [Fri, 9 Dec 2022 15:54:43 +0000 (10:54 -0500)]
LP # 1965447: adjust scoping of item tags Angular Holdings Editor

Scopes to the org unit and ancestors of the signed-in
user's workstation when adding a new item tag.

Signed-off-by: Jessica Woolford <jwoolford@biblio.org>
Signed-off-by: Beth Willis <willis@noblenet.org>
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
21 months agoLP#2012105 - Comment typo in AddedContent.pm
Josh Stompro [Fri, 17 Mar 2023 19:14:43 +0000 (14:14 -0500)]
LP#2012105 - Comment typo in AddedContent.pm

Small tiny comment typo HTPP istead of HTTP

Signed-off-by: Josh Stompro <stompro@stompro.org>
Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
21 months agoLP#2002435 release note
Michele Morgan [Fri, 17 Mar 2023 13:10:59 +0000 (09:10 -0400)]
LP#2002435 release note

Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
21 months agoLP2002435: Add optional undelete action to basic admin page
Jane Sandberg [Fri, 3 Feb 2023 00:15:32 +0000 (16:15 -0800)]
LP2002435: Add optional undelete action to basic admin page

By default, this undelete action is only enabled on the shelving
location editor.

Also, only show admin page delete button if everything
selected is deleteable

Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
21 months agoLP2002435: Don't allow shelving location fm-editor to change delete flag
Jane Sandberg [Wed, 11 Jan 2023 03:17:18 +0000 (19:17 -0800)]
LP2002435: Don't allow shelving location fm-editor to change delete flag

To test:
1. Go to the Local Admin > Shelving Locations Editor screen
2. Select a location and edit it.
3. Note that with this patch in place, the Delete checkbox
is no longer editable.

Signed-off-by: Jane Sandberg <sandbergja@gmail.com>
Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
21 months agoDocs: Update describing_your_organization.adoc
spmorrison [Wed, 8 Mar 2023 19:59:21 +0000 (14:59 -0500)]
Docs: Update describing_your_organization.adoc

Updated the Create and edit Organization Unit Types section as well as the Organization Units sections to update text and add screenshots. Also added instructions for hours of operation notes (released in 3.10).

Signed-off-by: Jane Sandberg <js7389@princeton.edu>
21 months agoUpdating best practices for web browser to include turning off Google Translate
Gina Monti [Tue, 14 Feb 2023 15:49:32 +0000 (10:49 -0500)]
Updating best practices for web browser to include turning off Google Translate

For the DIG revamp project.  No LP.

Signed-off-by: Jane Sandberg <js7389@princeton.edu>
21 months agoDocs: removing XUL reference from web staff client intro page
Andrea Buntz Neiman [Wed, 8 Mar 2023 21:33:42 +0000 (16:33 -0500)]
Docs: removing XUL reference from web staff client intro page

Signed-off-by: Andrea Buntz Neiman <abneiman@equinoxinitiative.org>