[Bug 36941] New: Only list the available libraries at login when StaffLoginRestrictBranchByIP is enabled
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Bug ID: 36941 Summary: Only list the available libraries at login when StaffLoginRestrictBranchByIP is enabled Change sponsored?: --- Product: Koha Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Staff interface Assignee: koha-bugs@lists.koha-community.org Reporter: martin.renvoize@ptfs-europe.com QA Contact: testopia@bugs.koha-community.org CC: gmcharlt@gmail.com Depends on: 36934 Currently, we appear to still list all libraries in the dropdown when the `StaffLoginRestrictBranchByIP` preference is enabled.. this is unclear to the end user. We should be able to distinguish the IP range before loading the login page and thus only display valid options in the list (or at least display the invalid options as disabled) Question however.. how should this work for a librarian with increased privileges.. perhaps we should hint they're unavailable but not actually disable their selection for this use case? Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36934 [Bug 36934] "Wrong CSRF" after login rejection (StaffLoginRestrictBranchByIP) -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Only list the available |Highlight that some |libraries at login when |libraries should not be |StaffLoginRestrictBranchByI |available at login when |P is enabled |StaffLoginRestrictBranchByI | |P is enabled -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@ptfs-europe | |.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Nick Clemens (kidclamp) <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Patch complexity|--- |Small patch Status|NEW |Needs Signoff -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 --- Comment #1 from Nick Clemens (kidclamp) <nick@bywatersolutions.com> --- Created attachment 167108 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=167108&action=edit Bug 36941: Limit login branch list when IP restriction enabled This patch adds a new 'ip_limit' option to Koha::Template:Plugin::Branches To test: 1 - Set some branches in the system to have random IPs 2 - Set one branch to have your IP To find the IP in KTD I: Enabled ILS-DI Set ILS-DI:AuthorizedIPs to 1.1.1.1 Visit: http://localhost:8080/cgi-bin/koha/ilsdi.pl?service=GetAvailability&id=248&id_type=biblio And note the unauthorized IP listed 3 - Log out, confirm all branches are listed 4 - Log in, enable StaffLoginRestrictLibraryByIP 5 - Log out, confirm branches with IPs are removed 6 - Confirm branch matching your IP is listed 7 - Choose any of the branches and login 8 - Confirm login works -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Nick Clemens (kidclamp) <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nick@bywatersolutions.com Assignee|koha-bugs@lists.koha-commun |nick@bywatersolutions.com |ity.org | --- Comment #2 from Nick Clemens (kidclamp) <nick@bywatersolutions.com> --- (In reply to Martin Renvoize from comment #0)
Question however.. how should this work for a librarian with increased privileges.. perhaps we should hint they're unavailable but not actually disable their selection for this use case?
Current code also applies to superlibrarians - they can switch to any branch once logged in, but this forces them to use a valid branch at login As I stated elsewhere, I think the intention here was to prevent users from accidentally logging in to the wrong branch if they are not at their usual location. If you think it needs adjustment I think that's a new bug -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #167108|0 |1 is obsolete| | --- Comment #3 from David Nind <david@davidnind.com> --- Created attachment 167201 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=167201&action=edit Bug 36941: Limit login branch list when IP restriction enabled This patch adds a new 'ip_limit' option to Koha::Template:Plugin::Branches To test: 1 - Set some branches in the system to have random IPs 2 - Set one branch to have your IP To find the IP in KTD I: Enabled ILS-DI Set ILS-DI:AuthorizedIPs to 1.1.1.1 Visit: http://localhost:8080/cgi-bin/koha/ilsdi.pl?service=GetAvailability&id=248&id_type=biblio And note the unauthorized IP listed 3 - Log out, confirm all branches are listed 4 - Log in, enable StaffLoginRestrictLibraryByIP 5 - Log out, confirm branches with IPs are removed 6 - Confirm branch matching your IP is listed 7 - Choose any of the branches and login 8 - Confirm login works Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |david@davidnind.com Text to go in the| |This enhancement changes release notes| |the staff interface login | |form so that only valid | |libraries are shown in the | |dropdown list when the | |`StaffLoginRestrictBranchBy | |IP` preference is enabled. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #167201|0 |1 is obsolete| | --- Comment #4 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Created attachment 168196 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=168196&action=edit Bug 36941: Limit login branch list when IP restriction enabled This patch adds a new 'ip_limit' option to Koha::Template:Plugin::Branches To test: 1 - Set some branches in the system to have random IPs 2 - Set one branch to have your IP To find the IP in KTD I: Enabled ILS-DI Set ILS-DI:AuthorizedIPs to 1.1.1.1 Visit: http://localhost:8080/cgi-bin/koha/ilsdi.pl?service=GetAvailability&id=248&id_type=biblio And note the unauthorized IP listed 3 - Log out, confirm all branches are listed 4 - Log in, enable StaffLoginRestrictLibraryByIP 5 - Log out, confirm branches with IPs are removed 6 - Confirm branch matching your IP is listed 7 - Choose any of the branches and login 8 - Confirm login works Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Passed QA --- Comment #5 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Thanks Nick, All works as described, no regressions.. Passing QA -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Passed QA |Pushed to main Version(s)| |24.11.00 released in| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 --- Comment #6 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Pushed for 24.11! Well done everyone, thank you! -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Jonathan Druart <jonathan.druart@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on|36934 | See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=36934 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36934 [Bug 36934] "Wrong CSRF" after login rejection (StaffLoginRestrictBranchByIP) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36941 Lucas Gass (lukeg) <lucas@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to main |RESOLVED CC| |lucas@bywatersolutions.com Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org