[Bug 21336] New: GDPR: Process unsubscribe requests automatically
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Bug ID: 21336 Summary: GDPR: Process unsubscribe requests automatically Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Patrons Assignee: koha-bugs@lists.koha-community.org Reporter: m.de.rooy@rijksmuseum.nl QA Contact: testopia@bugs.koha-community.org CC: gmcharlt@gmail.com, kyle.m.hall@gmail.com This should be a follow-up of bug 20819 (adding a consent form). A script (preferably cleanup_database) should take care of the registered refusals (or unsubscribe requests). Based on some preferences and corresponding time frames, we should lock accounts, anonymize patron data and finally remove patron data. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|koha-bugs@lists.koha-commun |m.de.rooy@rijksmuseum.nl |ity.org | Status|NEW |ASSIGNED -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |20819 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20819 [Bug 20819] GDPR: Add a consent field for processing personal data in account menu and self-registration -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=21191 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |18081 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18081 [Bug 18081] [omnibus] GDPR (General Data Protection Regulation) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |21337 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21337 [Bug 21337] Add Koha::Patrons->delete (trivial wrapper) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #1 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 79165 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=79165&action=edit Bug 21336: Small adjustment in Koha::Token Allow a pattern too in Koha::Token->generate. Only supported length. Does not affect CSRF calls. So tiny change without further impact. Test plan: Run t/Token.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #2 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 79166 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=79166&action=edit Bug 21336: Database revision for borrowers.flgAnonymized This new flag should speak for itself ;) Test plan: Run installer or updatedatabase. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #3 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 79167 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=79167&action=edit Bug 21336: DBIx schema changes Changes for additional column flgAnonymized. No test plan. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #4 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 79168 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=79168&action=edit Bug 21336: Dbrev for new prefs This patch adds three new prefs: - UnsubscribeReflectionDelay - PatronAnonymizeDelay - PatronRemovalDelay Test plan: Run upgrade. Check patrons pref page. Look under Privacy. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #5 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 79169 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=79169&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #6 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 79170 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=79170&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Patch complexity|--- |Small patch -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |21191 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21191 [Bug 21191] GDPR: Script to block inactive users (with no successful logins on a defined period) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Bug 21336 depends on bug 20819, which changed state. Bug 20819 Summary: GDPR: Add a consent field for processing personal data in account menu and self-registration https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20819 What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to Master |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Séverine Queune <severine.queune@bulac.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |severine.queune@bulac.fr -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Michal Denar <black23@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |black23@gmail.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |BLOCKED --- Comment #7 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Still needs some attention. Coming back soon -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|GDPR: Process unsubscribe |GDPR: Handle unsubscribe |requests automatically |requests automatically by | |optional lock, anonymize | |and remove -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|BLOCKED |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #79165|0 |1 is obsolete| | --- Comment #8 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80201 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80201&action=edit Bug 21336: Small adjustment in Koha::Token Allow a pattern too in Koha::Token->generate. Only supported length. Does not affect CSRF calls. So tiny change without further impact. Test plan: Run t/Token.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #79166|0 |1 is obsolete| | --- Comment #9 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80202 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80202&action=edit Bug 21336: Database revision for borrowers.flgAnonymized This new flag should speak for itself ;) Test plan: Run installer or updatedatabase. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #79167|0 |1 is obsolete| | --- Comment #10 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80203 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80203&action=edit Bug 21336: DBIx schema changes Changes for additional column flgAnonymized. No test plan. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #79168|0 |1 is obsolete| | --- Comment #11 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80204 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80204&action=edit Bug 21336: Dbrev for new prefs This patch adds three new prefs: - UnsubscribeReflectionDelay - PatronAnonymizeDelay - PatronRemovalDelay Test plan: Run upgrade. Check patrons pref page. Look under Privacy. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #12 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80205 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80205&action=edit Bug 21336: Do not increase login_attempts after locking If an account has been locked, there is no use to keep increasing this number. It is not true too; after the pref number has been reached, we can not really speak of login attempts anymore. The credentials are just ignored. Adding a dbrev to put existing values in line. And a simple test in Auth.t to confirm that login_attempts stop increasing. Note: It feels safe to keep the '>=' condition in account_locked. But it could obviously be changed to '=='. (Added a test for that.) Note: Adding a mock_preference in Auth.t too for GDPR_Policy. Since not all tests will pass when the pref is enabled (though disabled by default). Test plan: Run dbrev with updatedatabase.pl. Run t/db_dependent/Koha/Patrons.t Run t/db_dependent/Auth.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #13 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80206 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80206&action=edit Bug 21336: Introduce administrative lockout As a preparation for Koha::Patron->lock, we add the concept of administrative lockout. The account is locked just as it would have been by too much failed login attempts. This is handled by a negative value in borrowers.login_attempts. Test plan: Run t/db_dependent/Auth.t -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #79169|0 |1 is obsolete| | --- Comment #14 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80207 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80207&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #79170|0 |1 is obsolete| | --- Comment #15 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80208 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80208&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #16 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Marcel de Rooy from comment #7)
Still needs some attention. Coming back soon
Mainly added two patches in the middle. Introducing the term "administrative lockout" in order to distinguish from lockout by typing wrong passwords. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|GDPR: Handle unsubscribe |GDPR: Handle unsubscribe |requests automatically by |requests automatically by |optional lock, anonymize |optional (administrative) |and remove |lock, anonymize and remove -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Michal Denar <black23@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |josef.moravec@gmail.com, | |rbit@rbit.cz -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Text to go in the| |Add preferences release notes| |UnsubscribeReflectionDelay, | |PatronAnonymizeDelay and | |PatronRemovalDelay. | |Add db | |column | |borrowers.flgAnonymized. | |Add Koha::Patron->lock for | |administrative lockout. | |Add | |Koha::Patron->anonymize for | |scrambing patron data. | |Actions are controlled by | |preferences and run by | |cleanup_database cron job. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Text to go in the|Add preferences |Add preferences release notes|UnsubscribeReflectionDelay, |UnsubscribeReflectionDelay, |PatronAnonymizeDelay and |PatronAnonymizeDelay and |PatronRemovalDelay. |PatronRemovalDelay. |Add db |Add db |column |column |borrowers.flgAnonymized. |borrowers.flgAnonymized. |Add Koha::Patron->lock for |Add Koha::Patron->lock for |administrative lockout. |administrative lockout. |Add |Add |Koha::Patron->anonymize for |Koha::Patron->anonymize for |scrambing patron data. |scrambling patron data. |Actions are controlled by |Actions are controlled by |preferences and run by |preferences and run by |cleanup_database cron job. |cleanup_database cron job. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #17 from Michal Denar <black23@gmail.com> --- Hi Marcel, patch looks very useful. I've just one notice. Is possible to add some e-mail report with list of anonymised borrower records? Because libraries still use paper contracts and after "digital" anynomisation we should remove "paper" information too. Thank You Mike -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80207|0 |1 is obsolete| | --- Comment #18 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80213 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80213&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80208|0 |1 is obsolete| | --- Comment #19 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80214 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80214&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #20 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Made the test search_anonymized a tiny bit smarter :) Just changed two lines.. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #21 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Michal Denar from comment #17)
Hi Marcel, patch looks very useful. I've just one notice. Is possible to add some e-mail report with list of anonymised borrower records? Because libraries still use paper contracts and after "digital" anynomisation we should remove "paper" information too.
Will have a look -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |21533 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21533 [Bug 21533] Do not allow password recovery for administrative locked patrons (see 21336) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |21535 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21535 [Bug 21535] Anonymize function in Patron should not scramble email addresses -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |21312 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21312 [Bug 21312] Show lockout on Patrons form -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #22 from M. Tompsett <mtompset@hotmail.com> --- Comment on attachment 80214 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80214 Bug 21336: Adjust cleanup_database.pl Review of attachment 80214: --> (https://bugs.koha-community.org/bugzilla3/page.cgi?id=splinter.html&bug=21336&attachment=80214) ----------------------------------------------------------------- ::: misc/cronjobs/cleanup_database.pl @@ +308,5 @@
+Koha::Patrons->search_unsubscribed->lock({ expire => 1, remove => 1, verbose => $verbose }); +# Anonymize patron data, depending on PatronAnonymizeDelay +Koha::Patrons->search_anonymize_candidates({ locked => 1 })->anonymize({ verbose => $verbose }); +# Remove patron data, depending on PatronRemovalDelay (will raise an exception if problem encountered +eval { Koha::Patrons->search_anonymized->delete({ verbose => $verbose }) };
Eval may mask output, which the user should see. Though, I understand the use of eval, since the code should keep going. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80214|0 |1 is obsolete| | --- Comment #23 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80386 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80386&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added then warn $@ line in cleanup_database.pl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #24 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to M. Tompsett from comment #22)
Eval may mask output, which the user should see. Though, I understand the use of eval, since the code should keep going.
Right. Added warn $@ if $@ -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80386|0 |1 is obsolete| | --- Comment #25 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80387 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80387&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added the warn $@ line in cleanup_database.pl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80387|0 |1 is obsolete| | --- Comment #26 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 80403 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=80403&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added the warn $@ line in cleanup_database.pl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Bug 21336 depends on bug 21337, which changed state. Bug 21337 Summary: Add Koha::Patrons->delete (trivial wrapper) https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21337 What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to Master |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80201|0 |1 is obsolete| | --- Comment #27 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81112 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81112&action=edit Bug 21336: Small adjustment in Koha::Token Allow a pattern too in Koha::Token->generate. Only supported length. Does not affect CSRF calls. So tiny change without further impact. Test plan: Run t/Token.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80202|0 |1 is obsolete| | --- Comment #28 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81113 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81113&action=edit Bug 21336: Database revision for borrowers.flgAnonymized This new flag should speak for itself ;) Test plan: Run installer or updatedatabase. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80203|0 |1 is obsolete| | --- Comment #29 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81114 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81114&action=edit Bug 21336: DBIx schema changes Changes for additional column flgAnonymized. No test plan. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80204|0 |1 is obsolete| | --- Comment #30 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81115 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81115&action=edit Bug 21336: Dbrev for new prefs This patch adds three new prefs: - UnsubscribeReflectionDelay - PatronAnonymizeDelay - PatronRemovalDelay Test plan: Run upgrade. Check patrons pref page. Look under Privacy. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80205|0 |1 is obsolete| | --- Comment #31 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81116 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81116&action=edit Bug 21336: Do not increase login_attempts after locking If an account has been locked, there is no use to keep increasing this number. It is not true too; after the pref number has been reached, we can not really speak of login attempts anymore. The credentials are just ignored. Adding a dbrev to put existing values in line. And a simple test in Auth.t to confirm that login_attempts stop increasing. Note: It feels safe to keep the '>=' condition in account_locked. But it could obviously be changed to '=='. (Added a test for that.) Note: Adding a mock_preference in Auth.t too for GDPR_Policy. Since not all tests will pass when the pref is enabled (though disabled by default). Test plan: Run dbrev with updatedatabase.pl. Run t/db_dependent/Koha/Patrons.t Run t/db_dependent/Auth.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80206|0 |1 is obsolete| | --- Comment #32 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81117 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81117&action=edit Bug 21336: Introduce administrative lockout As a preparation for Koha::Patron->lock, we add the concept of administrative lockout. The account is locked just as it would have been by too much failed login attempts. This is handled by a negative value in borrowers.login_attempts. Test plan: Run t/db_dependent/Auth.t -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80213|0 |1 is obsolete| | --- Comment #33 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81118 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81118&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #80403|0 |1 is obsolete| | --- Comment #34 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81119 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81119&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added the warn $@ line in cleanup_database.pl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #35 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Trivial rebase -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Bug 21336 depends on bug 21337, which changed state. Bug 21337 Summary: Add Koha::Patrons->delete (trivial wrapper) https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21337 What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED |--- -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #36 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81270 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81270&action=edit Bug 21336: (follow-up) Fix last line after PatronRemovalDelay in pref file Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81270|0 |1 is obsolete| | --- Comment #37 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81474 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81474&action=edit Bug 21336: (follow-up) Fix last line after PatronRemovalDelay in pref file Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81112|0 |1 is obsolete| | --- Comment #38 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81475 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81475&action=edit Bug 21336: Small adjustment in Koha::Token Allow a pattern too in Koha::Token->generate. Only supported length. Does not affect CSRF calls. So tiny change without further impact. Test plan: Run t/Token.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81113|0 |1 is obsolete| | --- Comment #39 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81476 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81476&action=edit Bug 21336: Database revision for borrowers.flgAnonymized This new flag should speak for itself ;) Test plan: Run installer or updatedatabase. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #40 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81477 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81477&action=edit Bug 21336: DBIx changes -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81115|0 |1 is obsolete| | --- Comment #41 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81478 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81478&action=edit Bug 21336: Dbrev for new prefs This patch adds three new prefs: - UnsubscribeReflectionDelay - PatronAnonymizeDelay - PatronRemovalDelay Test plan: Run upgrade. Check patrons pref page. Look under Privacy. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81116|0 |1 is obsolete| | --- Comment #42 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81479 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81479&action=edit Bug 21336: Do not increase login_attempts after locking If an account has been locked, there is no use to keep increasing this number. It is not true too; after the pref number has been reached, we can not really speak of login attempts anymore. The credentials are just ignored. Adding a dbrev to put existing values in line. And a simple test in Auth.t to confirm that login_attempts stop increasing. Note: It feels safe to keep the '>=' condition in account_locked. But it could obviously be changed to '=='. (Added a test for that.) Note: Adding a mock_preference in Auth.t too for GDPR_Policy. Since not all tests will pass when the pref is enabled (though disabled by default). Test plan: Run dbrev with updatedatabase.pl. Run t/db_dependent/Koha/Patrons.t Run t/db_dependent/Auth.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81117|0 |1 is obsolete| | --- Comment #43 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81480 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81480&action=edit Bug 21336: Introduce administrative lockout As a preparation for Koha::Patron->lock, we add the concept of administrative lockout. The account is locked just as it would have been by too much failed login attempts. This is handled by a negative value in borrowers.login_attempts. Test plan: Run t/db_dependent/Auth.t -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81118|0 |1 is obsolete| | --- Comment #44 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81481 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81481&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81119|0 |1 is obsolete| | --- Comment #45 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81482 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81482&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added the warn $@ line in cleanup_database.pl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81474|0 |1 is obsolete| | --- Comment #46 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 81483 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=81483&action=edit Bug 21336: (follow-up) Fix last line after PatronRemovalDelay in pref file Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81114|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |21712 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21712 [Bug 21712] Report anonymized patron records -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #47 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Michal Denar from comment #17)
Hi Marcel, patch looks very useful. I've just one notice. Is possible to add some e-mail report with list of anonymised borrower records? Because libraries still use paper contracts and after "digital" anynomisation we should remove "paper" information too.
Thank You
Mike
Moved this to its own new report. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #48 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Marcel de Rooy from comment #47)
(In reply to Michal Denar from comment #17) Moved this to its own new report.
== bug 21712 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Bug 21336 depends on bug 21337, which changed state. Bug 21337 Summary: Add Koha::Patrons->delete https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21337 What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to Master |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81475|0 |1 is obsolete| | --- Comment #49 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 82051 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=82051&action=edit Bug 21336: Small adjustment in Koha::Token Allow a pattern too in Koha::Token->generate. Only supported length. Does not affect CSRF calls. So tiny change without further impact. Test plan: Run t/Token.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81476|0 |1 is obsolete| | --- Comment #50 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 82052 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=82052&action=edit Bug 21336: Database revision for borrowers.flgAnonymized This new flag should speak for itself ;) Test plan: Run installer or updatedatabase. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81477|0 |1 is obsolete| | --- Comment #51 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 82053 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=82053&action=edit Bug 21336: DBIx changes -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81478|0 |1 is obsolete| | --- Comment #52 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 82054 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=82054&action=edit Bug 21336: Dbrev for new prefs This patch adds three new prefs: - UnsubscribeReflectionDelay - PatronAnonymizeDelay - PatronRemovalDelay Test plan: Run upgrade. Check patrons pref page. Look under Privacy. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81479|0 |1 is obsolete| | --- Comment #53 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 82055 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=82055&action=edit Bug 21336: Do not increase login_attempts after locking If an account has been locked, there is no use to keep increasing this number. It is not true too; after the pref number has been reached, we can not really speak of login attempts anymore. The credentials are just ignored. Adding a dbrev to put existing values in line. And a simple test in Auth.t to confirm that login_attempts stop increasing. Note: It feels safe to keep the '>=' condition in account_locked. But it could obviously be changed to '=='. (Added a test for that.) Note: Adding a mock_preference in Auth.t too for GDPR_Policy. Since not all tests will pass when the pref is enabled (though disabled by default). Test plan: Run dbrev with updatedatabase.pl. Run t/db_dependent/Koha/Patrons.t Run t/db_dependent/Auth.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81480|0 |1 is obsolete| | --- Comment #54 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 82056 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=82056&action=edit Bug 21336: Introduce administrative lockout As a preparation for Koha::Patron->lock, we add the concept of administrative lockout. The account is locked just as it would have been by too much failed login attempts. This is handled by a negative value in borrowers.login_attempts. Test plan: Run t/db_dependent/Auth.t -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81481|0 |1 is obsolete| | --- Comment #55 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 82057 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=82057&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81482|0 |1 is obsolete| | --- Comment #56 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 82058 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=82058&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added the warn $@ line in cleanup_database.pl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81483|0 |1 is obsolete| | --- Comment #57 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 82059 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=82059&action=edit Bug 21336: (follow-up) Fix last line after PatronRemovalDelay in pref file Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #82051|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |21998 --- Comment #58 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- First patch moved to 21998 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21998 [Bug 21998] Add pattern parameter in Koha::Token -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #82052|0 |1 is obsolete| | --- Comment #59 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 83202 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=83202&action=edit Bug 21336: Database revision for borrowers.flgAnonymized This new flag should speak for itself ;) Test plan: Run installer or updatedatabase. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #82053|0 |1 is obsolete| | --- Comment #60 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 83203 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=83203&action=edit Bug 21336: DBIx changes -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #82054|0 |1 is obsolete| | --- Comment #61 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 83204 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=83204&action=edit Bug 21336: Dbrev for new prefs This patch adds three new prefs: - UnsubscribeReflectionDelay - PatronAnonymizeDelay - PatronRemovalDelay Test plan: Run upgrade. Check patrons pref page. Look under Privacy. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #82055|0 |1 is obsolete| | --- Comment #62 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 83205 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=83205&action=edit Bug 21336: Do not increase login_attempts after locking If an account has been locked, there is no use to keep increasing this number. It is not true too; after the pref number has been reached, we can not really speak of login attempts anymore. The credentials are just ignored. Adding a dbrev to put existing values in line. And a simple test in Auth.t to confirm that login_attempts stop increasing. Note: It feels safe to keep the '>=' condition in account_locked. But it could obviously be changed to '=='. (Added a test for that.) Note: Adding a mock_preference in Auth.t too for GDPR_Policy. Since not all tests will pass when the pref is enabled (though disabled by default). Test plan: Run dbrev with updatedatabase.pl. Run t/db_dependent/Koha/Patrons.t Run t/db_dependent/Auth.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #82056|0 |1 is obsolete| | --- Comment #63 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 83206 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=83206&action=edit Bug 21336: Introduce administrative lockout As a preparation for Koha::Patron->lock, we add the concept of administrative lockout. The account is locked just as it would have been by too much failed login attempts. This is handled by a negative value in borrowers.login_attempts. Test plan: Run t/db_dependent/Auth.t -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #82057|0 |1 is obsolete| | --- Comment #64 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 83207 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=83207&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #82058|0 |1 is obsolete| | --- Comment #65 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 83208 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=83208&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added the warn $@ line in cleanup_database.pl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #82059|0 |1 is obsolete| | --- Comment #66 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 83209 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=83209&action=edit Bug 21336: (follow-up) Fix last line after PatronRemovalDelay in pref file Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #67 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Rebased -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |BLOCKED --- Comment #68 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Issue in anonymize with strict sql mode -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|BLOCKED |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #69 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 83256 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=83256&action=edit Bug 21336: (follow-up) Handle strict SQL mode in _anonymize_column When a field is not nullable we should pass empty string, zero or today to a char, numeric or date column. The mandatory parameter does not refer to a database constraint but a Koha preference. Only for strings we generate a random value. Test plan: Enable strict_sql_modes. Run t/db_dependent/Koha/Patrons.t again. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Josef Moravec <josef.moravec@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Failed QA --- Comment #70 from Josef Moravec <josef.moravec@gmail.com> --- Just one small think: database update should use column_exists on adding flgAnonymized column but otherwise looking good for me... -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jonathan.druart@bugs.koha-c | |ommunity.org --- Comment #71 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- (In reply to Marcel de Rooy from comment #63)
As a preparation for Koha::Patron->lock, we add the concept of administrative lockout. The account is locked just as it would have been by too much failed login attempts. This is handled by a negative value in borrowers.login_attempts.
I am not sure about that, it sounds better to me to have another attribute. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #72 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Jonathan Druart from comment #71)
I am not sure about that, it sounds better to me to have another attribute.
I would strongly prefer to do that on another report now. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #83202|0 |1 is obsolete| | Attachment #83203|0 |1 is obsolete| | Attachment #83204|0 |1 is obsolete| | Attachment #83205|0 |1 is obsolete| | Attachment #83206|0 |1 is obsolete| | Attachment #83207|0 |1 is obsolete| | Attachment #83208|0 |1 is obsolete| | Attachment #83209|0 |1 is obsolete| | Attachment #83256|0 |1 is obsolete| | --- Comment #73 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87158 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87158&action=edit Bug 21336: Database revision for borrowers.flgAnonymized This new flag should speak for itself ;) Test plan: Run installer or updatedatabase. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #74 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87159 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87159&action=edit Bug 21336: Dbrev for new prefs This patch adds three new prefs: - UnsubscribeReflectionDelay - PatronAnonymizeDelay - PatronRemovalDelay Test plan: Run upgrade. Check patrons pref page. Look under Privacy. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #75 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87160 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87160&action=edit Bug 21336: Do not increase login_attempts after locking If an account has been locked, there is no use to keep increasing this number. It is not true too; after the pref number has been reached, we can not really speak of login attempts anymore. The credentials are just ignored. Adding a dbrev to put existing values in line. And a simple test in Auth.t to confirm that login_attempts stop increasing. Note: It feels safe to keep the '>=' condition in account_locked. But it could obviously be changed to '=='. (Added a test for that.) Note: Adding a mock_preference in Auth.t too for GDPR_Policy. Since not all tests will pass when the pref is enabled (though disabled by default). Test plan: Run dbrev with updatedatabase.pl. Run t/db_dependent/Koha/Patrons.t Run t/db_dependent/Auth.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #76 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87161 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87161&action=edit Bug 21336: Introduce administrative lockout As a preparation for Koha::Patron->lock, we add the concept of administrative lockout. The account is locked just as it would have been by too much failed login attempts. This is handled by a negative value in borrowers.login_attempts. Test plan: Run t/db_dependent/Auth.t -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #77 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87162 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87162&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #78 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87163 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87163&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added the warn $@ line in cleanup_database.pl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #79 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87164 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87164&action=edit Bug 21336: (follow-up) Fix last line after PatronRemovalDelay in pref file Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #80 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87165 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87165&action=edit Bug 21336: (follow-up) Handle strict SQL mode in _anonymize_column When a field is not nullable we should pass empty string, zero or today to a char, numeric or date column. The mandatory parameter does not refer to a database constraint but a Koha preference. Only for strings we generate a random value. Test plan: Enable strict_sql_modes. Run t/db_dependent/Koha/Patrons.t again. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #81 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87166 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87166&action=edit Bug 21336: [DO_NOT_PUSH] DBIx changes MariaDB somehow turns current_timestamp into current_timestamp(). The needed change is for column flgAnonymized. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87166|0 |1 is obsolete| | --- Comment #82 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87167 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87167&action=edit Bug 21336: (QA follow-up) Add column_exists in db revision As requested by Josef on comment70. Test plan: Run db revision twice. No warnings. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #83 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Created attachment 87168 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87168&action=edit Bug 21336: [DO_NOT_PUSH] DBIx changes MariaDB somehow turns current_timestamp into current_timestamp(). The needed change is for column flgAnonymized. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Needs Signoff --- Comment #84 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Josef Moravec from comment #70)
Just one small think:
database update should use column_exists on adding flgAnonymized column
but otherwise looking good for me...
Rebased all stuff. Added a follow-up for the column_exists. Could you add your signoff line please? Hopefully we can get another QAer to have a look in the next weeks. This code runs in production with me for about four months. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Josef Moravec <josef.moravec@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Josef Moravec <josef.moravec@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87158|0 |1 is obsolete| | Attachment #87159|0 |1 is obsolete| | Attachment #87160|0 |1 is obsolete| | Attachment #87161|0 |1 is obsolete| | Attachment #87162|0 |1 is obsolete| | Attachment #87163|0 |1 is obsolete| | Attachment #87164|0 |1 is obsolete| | Attachment #87165|0 |1 is obsolete| | Attachment #87167|0 |1 is obsolete| | Attachment #87168|0 |1 is obsolete| | --- Comment #85 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87176 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87176&action=edit Bug 21336: Database revision for borrowers.flgAnonymized This new flag should speak for itself ;) Test plan: Run installer or updatedatabase. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #86 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87177 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87177&action=edit Bug 21336: Dbrev for new prefs This patch adds three new prefs: - UnsubscribeReflectionDelay - PatronAnonymizeDelay - PatronRemovalDelay Test plan: Run upgrade. Check patrons pref page. Look under Privacy. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #87 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87178 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87178&action=edit Bug 21336: Do not increase login_attempts after locking If an account has been locked, there is no use to keep increasing this number. It is not true too; after the pref number has been reached, we can not really speak of login attempts anymore. The credentials are just ignored. Adding a dbrev to put existing values in line. And a simple test in Auth.t to confirm that login_attempts stop increasing. Note: It feels safe to keep the '>=' condition in account_locked. But it could obviously be changed to '=='. (Added a test for that.) Note: Adding a mock_preference in Auth.t too for GDPR_Policy. Since not all tests will pass when the pref is enabled (though disabled by default). Test plan: Run dbrev with updatedatabase.pl. Run t/db_dependent/Koha/Patrons.t Run t/db_dependent/Auth.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #88 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87179 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87179&action=edit Bug 21336: Introduce administrative lockout As a preparation for Koha::Patron->lock, we add the concept of administrative lockout. The account is locked just as it would have been by too much failed login attempts. This is handled by a negative value in borrowers.login_attempts. Test plan: Run t/db_dependent/Auth.t Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #89 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87180 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87180&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #90 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87181 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87181&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added the warn $@ line in cleanup_database.pl Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #91 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87182 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87182&action=edit Bug 21336: (follow-up) Fix last line after PatronRemovalDelay in pref file Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #92 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87183 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87183&action=edit Bug 21336: (follow-up) Handle strict SQL mode in _anonymize_column When a field is not nullable we should pass empty string, zero or today to a char, numeric or date column. The mandatory parameter does not refer to a database constraint but a Koha preference. Only for strings we generate a random value. Test plan: Enable strict_sql_modes. Run t/db_dependent/Koha/Patrons.t again. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #93 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87184 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87184&action=edit Bug 21336: (QA follow-up) Add column_exists in db revision As requested by Josef on comment70. Test plan: Run db revision twice. No warnings. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #94 from Josef Moravec <josef.moravec@gmail.com> --- Created attachment 87185 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87185&action=edit Bug 21336: [DO_NOT_PUSH] DBIx changes MariaDB somehow turns current_timestamp into current_timestamp(). The needed change is for column flgAnonymized. Signed-off-by: Josef Moravec <josef.moravec@gmail.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Patch complexity|Small patch |Medium patch -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- QA Contact|testopia@bugs.koha-communit |martin.renvoize@ptfs-europe |y.org |.com Status|Signed Off |Failed QA CC| |martin.renvoize@ptfs-europe | |.com --- Comment #95 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- QA Script is complaining.. though I'm not entirely sure what it means: FAIL Koha/Patron.pm FAIL valid Constant subroutine Koha::Patron::ADMINISTRATIVE_LOCKOUT redefined Any thoughts? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off --- Comment #96 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Martin Renvoize from comment #95)
QA Script is complaining.. though I'm not entirely sure what it means:
FAIL Koha/Patron.pm FAIL valid Constant subroutine Koha::Patron::ADMINISTRATIVE_LOCKOUT redefined
Any thoughts?
Look at Koha/Patron.pm without these patches. And run perl -cw You will see lots of redefines warnings due to some circular inheritance issue there. The new constant suffers from this problem too. So this is a false negative. Back to SO -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #97 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Comment on attachment 87176 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87176 Bug 21336: Database revision for borrowers.flgAnonymized Review of attachment 87176: --> (https://bugs.koha-community.org/bugzilla3/page.cgi?id=splinter.html&bug=21336&attachment=87176) ----------------------------------------------------------------- ::: installer/data/mysql/atomicupdate/bug_21336a.perl @@ +1,3 @@
+$DBversion = 'XXX'; # will be replaced by the RM +if( CheckVersion( $DBversion ) ) { + $dbh->do( "ALTER TABLE borrowers ADD COLUMN flgAnonymized tinyint DEFAULT 0" );
Sorry chaps.. we need the if column exists adding here to make it idempotent. @@ +1,4 @@
+$DBversion = 'XXX'; # will be replaced by the RM +if( CheckVersion( $DBversion ) ) { + $dbh->do( "ALTER TABLE borrowers ADD COLUMN flgAnonymized tinyint DEFAULT 0" ); + $dbh->do( "ALTER TABLE deletedborrowers ADD COLUMN flgAnonymized tinyint DEFAULT 0" );
and here... -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #98 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Ignore that.. I somehow missed it in the qa followup. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Failed QA --- Comment #99 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- I think we're missing a test for the account_locked method for the administrative lockout case (i.e. the negative integer for login_attempts case) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87176|0 |1 is obsolete| | --- Comment #100 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87387 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87387&action=edit Bug 21336: Database revision for borrowers.flgAnonymized This new flag should speak for itself ;) Test plan: Run installer or updatedatabase. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87177|0 |1 is obsolete| | --- Comment #101 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87388 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87388&action=edit Bug 21336: Dbrev for new prefs This patch adds three new prefs: - UnsubscribeReflectionDelay - PatronAnonymizeDelay - PatronRemovalDelay Test plan: Run upgrade. Check patrons pref page. Look under Privacy. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87178|0 |1 is obsolete| | --- Comment #102 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87389 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87389&action=edit Bug 21336: Do not increase login_attempts after locking If an account has been locked, there is no use to keep increasing this number. It is not true too; after the pref number has been reached, we can not really speak of login attempts anymore. The credentials are just ignored. Adding a dbrev to put existing values in line. And a simple test in Auth.t to confirm that login_attempts stop increasing. Note: It feels safe to keep the '>=' condition in account_locked. But it could obviously be changed to '=='. (Added a test for that.) Note: Adding a mock_preference in Auth.t too for GDPR_Policy. Since not all tests will pass when the pref is enabled (though disabled by default). Test plan: Run dbrev with updatedatabase.pl. Run t/db_dependent/Koha/Patrons.t Run t/db_dependent/Auth.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87179|0 |1 is obsolete| | --- Comment #103 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87390 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87390&action=edit Bug 21336: Introduce administrative lockout As a preparation for Koha::Patron->lock, we add the concept of administrative lockout. The account is locked just as it would have been by too much failed login attempts. This is handled by a negative value in borrowers.login_attempts. Test plan: Run t/db_dependent/Auth.t Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87180|0 |1 is obsolete| | --- Comment #104 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87391 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87391&action=edit Bug 21336: Search, lock and anonymize methods Add Koha::Patron->lock and anonymize. Add Koha::Patrons methods search_unsubscribed, search_anonymize_candidates and search_anonymized. And wrappers for lock and anonymize. Add unit tests. Test plan: Run t/db_dependent/Koha/Patrons.t Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87181|0 |1 is obsolete| | --- Comment #105 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87392 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87392&action=edit Bug 21336: Adjust cleanup_database.pl Add the new Patron routines to this cron job. Actions are performed only if preferences are set. Note: No specific command line flags for these actions are added here (and probably not needed too). So no crontab changes too. Test plan: Add a new patron. Enable GDPR_Policy and refuse consent on OPAC for this patron. Set only the first delay to zero (0) for immediate action. Run cleanup_database.pl --logs (or any other flag) for the first time. Check lock and expiration. Set the second delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the second time. Check anonymization. Set the third delay to zero (0) for immediate action. Run cleanup_database.pl --logs for the third time. Check removal. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Amended: Added the warn $@ line in cleanup_database.pl Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87182|0 |1 is obsolete| | --- Comment #106 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87393 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87393&action=edit Bug 21336: (follow-up) Fix last line after PatronRemovalDelay in pref file Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87183|0 |1 is obsolete| | --- Comment #107 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87394 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87394&action=edit Bug 21336: (follow-up) Handle strict SQL mode in _anonymize_column When a field is not nullable we should pass empty string, zero or today to a char, numeric or date column. The mandatory parameter does not refer to a database constraint but a Koha preference. Only for strings we generate a random value. Test plan: Enable strict_sql_modes. Run t/db_dependent/Koha/Patrons.t again. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87184|0 |1 is obsolete| | --- Comment #108 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87395 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87395&action=edit Bug 21336: (QA follow-up) Add column_exists in db revision As requested by Josef on comment70. Test plan: Run db revision twice. No warnings. Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #109 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87396 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87396&action=edit Bug 21336: (QA follow-up) Add tests for administrative lockout Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87185|0 |1 is obsolete| | --- Comment #110 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87397 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87397&action=edit Bug 21336: [DO_NOT_PUSH] DBIx changes MariaDB somehow turns current_timestamp into current_timestamp(). The needed change is for column flgAnonymized. Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Passed QA --- Comment #111 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- OK, I added a QA followup for that final failure.. No regressions found, QA script is happy and tests are all passing. Passing QA -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87396|0 |1 is obsolete| | --- Comment #112 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87400 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87400&action=edit Bug 21336: (QA follow-up) Add tests for administrative lockout Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #87397|0 |1 is obsolete| | --- Comment #113 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 87401 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87401&action=edit Bug 21336: [DO_NOT_PUSH] DBIx changes MariaDB somehow turns current_timestamp into current_timestamp(). The needed change is for column flgAnonymized. Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |Manual -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #114 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Martin Renvoize from comment #111)
OK, I added a QA followup for that final failure..
No regressions found, QA script is happy and tests are all passing.
Passing QA
Thanks Martin ! -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nick@bywatersolutions.com Status|Passed QA |Pushed to Master --- Comment #115 from Nick Clemens <nick@bywatersolutions.com> --- Awesome work all! Pushed to master for 19.05 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #116 from Nick Clemens <nick@bywatersolutions.com> --- One note here: When the anonymization is run, the changes are captured in the action_logs - so you get a mapping from the old values to the new values - maybe we need a way to not log this change? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #117 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- (In reply to Nick Clemens from comment #116)
One note here: When the anonymization is run, the changes are captured in the action_logs - so you get a mapping from the old values to the new values - maybe we need a way to not log this change?
Wow.. good catch.. I missed that entirely. Probably a very sensible thing to clean up.. perhaps we need to log a new bug for it -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |katrin.fischer@bsz-bw.de -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #118 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Nick Clemens from comment #116)
One note here: When the anonymization is run, the changes are captured in the action_logs - so you get a mapping from the old values to the new values - maybe we need a way to not log this change?
Will have a look at that. Thx -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #119 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 88198 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=88198&action=edit Bug 21336: (QA follow-up) Rename flgAnonymized column for anonymized This patch renames the flgAnonymized column for anonymized, and it also sets it to - TINYINT(1) - NOT NULL The ALTER TABLE updatedatabase entries are adjusted to make sure the column will be added after overdrive_... always, and preventing backporting issues. Just in case. Tests are adjusted to reflect the changes, as well as Koha::Patrons Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #120 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 88199 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=88199&action=edit Bug 21336: Fix the API Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |tomascohen@gmail.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #88198|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #88199|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #121 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 88217 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=88217&action=edit Bug 21336: Fix the API Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #122 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 88218 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=88218&action=edit Bug 21336: Add borrowers.flgAnonymized in an explicit position Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |additional_work_needed --- Comment #123 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Moving the patches that rename the column to a separate bug for proper discussion in context. Keeping a minor fix on the schema and fixes to the API. @RM: I tested with and without my updatedatabase.pl patch and the results are the same. It is just safer, just in case someone backports in the wrong order. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |22729 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22729 [Bug 22729] flgAnonymized shouldn't be NULL and should be renamed anonymized -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #124 from Nick Clemens <nick@bywatersolutions.com> --- (In reply to Tomás Cohen Arazi from comment #123)
Moving the patches that rename the column to a separate bug for proper discussion in context. Keeping a minor fix on the schema and fixes to the API.
@RM: I tested with and without my updatedatabase.pl patch and the results are the same. It is just safer, just in case someone backports in the wrong order.
Last two patches pushed to aster for 19.05 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Version(s)| |19.05.00 released in| | Resolution|--- |FIXED Status|Pushed to Master |RESOLVED --- Comment #125 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Enhancement will not be backported to 18.11.x series. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Bug 21336 depends on bug 21998, which changed state. Bug 21998 Summary: Add pattern parameter in Koha::Token https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21998 What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to Stable |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #126 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- (In reply to Marcel de Rooy from comment #72)
(In reply to Jonathan Druart from comment #71)
I am not sure about that, it sounds better to me to have another attribute.
I would strongly prefer to do that on another report now.
Should we discuss that now then? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=22854 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #127 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Jonathan Druart from comment #126)
Should we discuss that now then? Moved to bug 22854
-- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|additional_work_needed | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #128 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- Got the following error during an upgrade: DBD::mysql::db do failed: Truncated incorrect DOUBLE value: '' [for Statement "UPDATE borrowers SET login_attempts = ? WHERE login_attempts > ?"] at installer/data/mysql/updatedatabase.pl line 18091. Please fix, see bug 23867. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |23867 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23867 [Bug 23867] 18.12.00.051 fails with "Truncated incorrect DOUBLE value" -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #129 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- I do not see a good reason to warn from the module, the script must done that job. Especially because misc/cronjobs/cleanup_database.pl uses print (STDOUT). Can you explain this choice? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #130 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Jonathan Druart from comment #129)
I do not see a good reason to warn from the module, the script must done that job. Especially because misc/cronjobs/cleanup_database.pl uses print (STDOUT).
Can you explain this choice?
Probably simpler in the first place. And if this is indeed about the existing issues warn, it is not just an informational print line. Surely, it can be done differently. In other places too? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 claire.hernandez@biblibre.com <claire.hernandez@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |claire.hernandez@biblibre.c | |om -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |24114 --- Comment #131 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- (In reply to Marcel de Rooy from comment #130)
(In reply to Jonathan Druart from comment #129)
I do not see a good reason to warn from the module, the script must done that job. Especially because misc/cronjobs/cleanup_database.pl uses print (STDOUT).
Can you explain this choice?
Probably simpler in the first place. And if this is indeed about the existing issues warn, it is not just an informational print line. Surely, it can be done differently. In other places too?
Which other places? I do not think there were any before this patchset. I have opened bug 24114 to deal with the verbose flag. Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24114 [Bug 24114] modules must not warn -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 --- Comment #132 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to Jonathan Druart from comment #131)
(In reply to Marcel de Rooy from comment #130)
(In reply to Jonathan Druart from comment #129)
I do not see a good reason to warn from the module, the script must done that job. Especially because misc/cronjobs/cleanup_database.pl uses print (STDOUT).
Can you explain this choice?
Probably simpler in the first place. And if this is indeed about the existing issues warn, it is not just an informational print line. Surely, it can be done differently. In other places too?
Which other places? I do not think there were any before this patchset.
I have opened bug 24114 to deal with the verbose flag.
Answer on the new report. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Jonathan Druart <jonathan.druart+koha@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |31937 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31937 [Bug 31937] Prevent cleanup_database.pl from locking too many accounts -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21336 Andrew Fuerste-Henry <andrew@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |39913 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39913 [Bug 39913] Fully delete patrons when removing due to refused GDPR consent -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org