[Bug 20956] New: BorrowersLog is not logging permission changes
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Bug ID: 20956 Summary: BorrowersLog is not logging permission changes Change sponsored?: --- Product: Koha Version: 17.05 Hardware: All OS: All Status: NEW Severity: major Priority: P5 - low Component: Staff Client Assignee: koha-bugs@lists.koha-community.org Reporter: cbrannon@cdalibrary.org QA Contact: testopia@bugs.koha-community.org CC: gmcharlt@gmail.com I made changes to permissions, and I can see that it is not being logged. This is a security issue and should be fixed immediately. We cannot have people changing permissions undetected. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Josef Moravec <josef.moravec@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |josef.moravec@gmail.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jonathan.druart@bugs.koha-c | |ommunity.org Version|17.05 |master --- Comment #1 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- It sounds more like an enhancement request. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=20813 Severity|major |enhancement CC| |katrin.fischer@bsz-bw.de --- Comment #2 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- I agree with both Christopher and Jonathan. We never logged permissions and this has never come up before, so I would also classify this as an enhancement. But at the same time I think it would be a very good and valuable addition. Currently there is some work done on permissions, we might want to wait for bug 20813 before implementing this. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Christopher Brannon <cbrannon@cdalibrary.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |20813 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20813 [Bug 20813] Revamp user permissions system -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #3 from Christopher Brannon <cbrannon@cdalibrary.org> --- I'm fine with waiting. Added dependency. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |22794 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22794 [Bug 22794] Omnibus: Improve and extend logging in Koha -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #4 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- It looks like bug 20813 is not happening, we might want to come back to this. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisetteslatah@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lisetteslatah@gmail.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Liz Rea <wizzyrea@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |wizzyrea@gmail.com --- Comment #5 from Liz Rea <wizzyrea@gmail.com> --- We definitely want to come back to this, there is a whole slew of legislation out right now that is going to require certifications that changes such as this can be audited (at least in the US, and I presume elsewhere). -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Liz Rea <wizzyrea@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - low |P2 Severity|enhancement |major --- Comment #6 from Liz Rea <wizzyrea@gmail.com> --- Also, due to the legalities, this is an actual missing feature that qualifies as a bug. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |tomascohen@gmail.com --- Comment #7 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Should it be in the action_logs? Maybe another table? -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Kyle M Hall <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kyle@bywatersolutions.com --- Comment #8 from Kyle M Hall <kyle@bywatersolutions.com> --- It would be good to also log permission changes via Koha::Logger with a namespace so these changes can be logged to external facilities. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #9 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- I think action_logs would be the logical place for it as it also has the other changes to the patron account for the librarians as it can be looked up easily then, but something extermal might be nice additionally. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcook@prosentient.com.au --- Comment #10 from David Cook <dcook@prosentient.com.au> --- I reckon we log it in action_logs, but just make it so that it can't be toggled off. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #11 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- There are scripts that delete older entries from action_logs, something to think about if you don't want these to be deleted by accident. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #12 from David Cook <dcook@prosentient.com.au> --- (In reply to Katrin Fischer from comment #11)
There are scripts that delete older entries from action_logs, something to think about if you don't want these to be deleted by accident.
I suppose that's a problem we'll face with any kind of logging potentially. But that does explain Kyle's suggestion of logging it outside of Koha. Log rotation would be up to the sysadmins. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #13 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- We just had a case where this kind of log would have been very useful. (In reply to Katrin Fischer from comment #11)
There are scripts that delete older entries from action_logs, something to think about if you don't want these to be deleted by accident.
We can limit deletions now to certain modules and even actions I think. So that should no longer be a problem. To be on the save side we could create a PermissionLog maybe? Keep it separate from other changes to the patron record and a separate module. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Kyle M Hall <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=16436 -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette.scheer@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lisette.scheer@bywatersolut | |ions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Magnus Enger <magnus@libriotech.no> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |magnus@libriotech.no --- Comment #14 from Magnus Enger <magnus@libriotech.no> --- How verbose should we do the logging? As far as I can tell, the information about permissions is stored in a combination of borrowers.flags and the user_permissions table. The information from the user_permissions table could probably be logged as is, and be pretty readable. But the flags is just a number, that needs to be interpreted in some way to make sense. Should we log just the number, or the interpretation? -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #15 from Kyle M Hall <kyle@bywatersolutions.com> --- (In reply to Magnus Enger from comment #14)
How verbose should we do the logging? As far as I can tell, the information about permissions is stored in a combination of borrowers.flags and the user_permissions table.
The information from the user_permissions table could probably be logged as is, and be pretty readable.
But the flags is just a number, that needs to be interpreted in some way to make sense. Should we log just the number, or the interpretation?
My initial concern was performance, but considering user permissions changes are not a frequent activity I think either solution is reasonable. Either decode it and store it as a list of key/value pairs or just log the binary representation with a link to a wiki page where we can explain how to decode it. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #16 from Christopher Brannon <cbrannon@cdalibrary.org> --- (In reply to Magnus Enger from comment #14)
How verbose should we do the logging? As far as I can tell, the information about permissions is stored in a combination of borrowers.flags and the user_permissions table.
The information from the user_permissions table could probably be logged as is, and be pretty readable.
But the flags is just a number, that needs to be interpreted in some way to make sense. Should we log just the number, or the interpretation?
If this is a log that a non-admin should be able to interpret, it should be the interpretation. You could log both, especially for debugging, but the interpretation should definitely be there. Why put only the number and make people jump through hoops to interpret if the system can do it without sacrificing performance? -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #17 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- I agree that we need a nice display in the log viewer at least, if we store it somewhat machine readable I would not mind that much as long as it display nicely in the GUI. Please also keep translatability in mind (also a pro for a template side solution). -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Fiona Borthwick <fiona.borthwick@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fiona.borthwick@ptfs-europe | |.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #18 from Fiona Borthwick <fiona.borthwick@ptfs-europe.com> --- Would like to resurrect this one please. Not storing changes to patron permissions is a security concern. We are also finding this requirement coming up in tenders. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #19 from Lisette Scheer <lisette@bywatersolutions.com> --- Now that we store the diff in the json, maybe we can tie this into Bug 36698 to make a nice diff view of permission changes? -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #20 from David Cook <dcook@prosentient.com.au> --- (In reply to Lisette Scheer from comment #19)
Now that we store the diff in the json, maybe we can tie this into Bug 36698 to make a nice diff view of permission changes?
Yeah, that could be nice. I think in the past I was concerned about using action_logs since they can be truncated periodically, but something would also be better than nothing, and this would be a nice way to do it. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Katie Bliss <kebliss@dmpl.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kebliss@dmpl.org -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 George Williams (NEKLS) <george@nekls.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |george@nekls.org -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Rebecca Coert <rcoert@arlingtonva.us> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rcoert@arlingtonva.us -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|major |normal -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Chip Halvorsen <Chip.Halvorsen@WestlakeLibrary.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |Chip.Halvorsen@WestlakeLibr | |ary.org -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Chris Rowlands <chris.rowlands6@nhs.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |chris.rowlands6@nhs.net -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |caroline.cyr-la-rose@inlibr | |o.com, | |hammat.wele@inlibro.com, | |philippe.blouin@inlibro.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #21 from Hammat wele <hammat.wele@inlibro.com> --- Created attachment 182955 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=182955&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to the flags field in the borrowers table are currently not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This represents a security issue. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = borrowernumber. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|koha-bugs@lists.koha-commun |hammat.wele@inlibro.com |ity.org | -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Blou <philippe.blouin@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on|20813 | Status|NEW |Needs Signoff Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20813 [Bug 20813] Revamp user permissions system -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #22 from Blou <philippe.blouin@inlibro.com> --- This doesn't need to depend on Bug 20813 for a quick, simple solution. I removed the dependency -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Failed QA --- Comment #23 from Lisette Scheer <lisette@bywatersolutions.com> --- Great start! I'm glad to see this is moving. A few issues: The action log should also follow the coding guideline for the diff column: https://wiki.koha-community.org/wiki/Coding_Guidelines#ACTN1:_New_additions_... Per Comment 10 it shouldn't be toggleable, so it should not follow the borrowers log sys pref. Additionally only the top level permissions are saved, not if there are changes to subpermissions. You'll get something like this: { "flags" : { "after" : 32, "before" : 32 } } Please see also the discussion in comments 14-17 about how those flags/subpermissions should ideally display as readable versions instead of just numbers that need to be decoded. I'm really excited about this getting some movement. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Laura O'Neil <laura@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |laura@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #182955|0 |1 is obsolete| | --- Comment #24 from Hammat wele <hammat.wele@inlibro.com> --- Created attachment 185483 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=185483&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #185483|0 |1 is obsolete| | --- Comment #25 from David Nind <david@davidnind.com> --- Created attachment 185491 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=185491&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |david@davidnind.com --- Comment #26 from David Nind <david@davidnind.com> --- Testing notes (using KTD): 1. For step 2 of the test plan, <borrowernumber> is the actual borrower number of the patron you changed. For me, I changed the permissions for Henry Acevedo - the borrow number to enter in the object field is 19. 2. For step 8 of the test plan, what shows in the log viewer and the SQL results: 2.1 If I add superlibrarian permissions to Henry: - The log viewer info column shows: {"superlibrarian":"Access to all librarian functions"} - The database query result: {"D":{"superlibrarian":{"A":"Access to all librarian functions"}}} 2.2 If I remove superlibrarian permissions from Henry: - The log viewer info column shows: {} - The database query result: {"D":{"superlibrarian":{"R":"Access to all librarian functions"}}} -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Failed QA CC| |m.de.rooy@rijksmuseum.nl --- Comment #27 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- [FAIL] C4/Log.pm SKIP spelling FAIL tidiness File is not tidy, please run `perl misc/devel/tidy.pl C4/Log.pm` [FAIL] members/member-flags.pl SKIP spelling FAIL tidiness File is not tidy, please run `perl misc/devel/tidy.pl members/member-flags.pl` [FAIL] t/db_dependent/Log.t SKIP spelling FAIL tidiness File is not tidy, please run `perl misc/devel/tidy.pl t/db_dependent/Log.t` -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #185491|0 |1 is obsolete| | --- Comment #28 from Hammat wele <hammat.wele@inlibro.com> --- Created attachment 186388 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=186388&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #29 from Jonathan Druart <jonathan.druart@gmail.com> --- I have not followed the last changes in this area (logging), but I don't think you should take care of the changes in C4/Logs.pm Well, I do think we should centralize it, but not without discussion and advertising. For instance, here is the call from Koha::Patron->store to_json( $info, { utf8 => 1, pretty => 1, canonical => 1 } ) It's bad (to_json is slower), but it uses pretty and canonical, what you don't. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #30 from Lisette Scheer <lisette@bywatersolutions.com> --- (In reply to Jonathan Druart from comment #29)
I have not followed the last changes in this area (logging), but I don't think you should take care of the changes in C4/Logs.pm
The coding guidelines for action logs https://wiki.koha-community.org/wiki/Coding_Guidelines#ACTN1:_New_additions_... which was added after https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25159 does appear to use C4/Log Should we add this to the agenda for the September 24 dev meeting? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |In Discussion --- Comment #31 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- In view of former comments, changing status to In discussion. Please provide arguments to get this further while addressing raised questions. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #32 from Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> --- The coding guideline was briefly discussed at the last dev meeting (https://koha-hedgedoc.servers.llownd.net/Development_IRC_meeting_24_Septembe...) but nothing came of it as far as I could tell. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Kyle M Hall (khall) <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #186388|0 |1 is obsolete| | --- Comment #33 from Kyle M Hall (khall) <kyle@bywatersolutions.com> --- Created attachment 187592 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=187592&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #34 from Kyle M Hall (khall) <kyle@bywatersolutions.com> --- Created attachment 187593 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=187593&action=edit Bug 20956: [QA Follow-up] Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Kyle M Hall (khall) <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|In Discussion |Passed QA --- Comment #35 from Kyle M Hall (khall) <kyle@bywatersolutions.com> --- (In reply to Jonathan Druart from comment #29)
I have not followed the last changes in this area (logging), but I don't think you should take care of the changes in C4/Logs.pm
Well, I do think we should centralize it, but not without discussion and advertising.
For instance, here is the call from Koha::Patron->store to_json( $info, { utf8 => 1, pretty => 1, canonical => 1 } )
It's bad (to_json is slower), but it uses pretty and canonical, what you don't.
As lisette referenced, this topic was discussed and approved via bug 25159 and the corresponding ACTN1 coding guideline which was approved at a developers meeting. A good next step would be to centralize permissions changes within Koha::Patron but I think that is out of scope for this bug ( but would be a great next step ). -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Kyle M Hall (khall) <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- QA Contact|testopia@bugs.koha-communit |kyle@bywatersolutions.com |y.org | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Kyle M Hall (khall) <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #187593|0 |1 is obsolete| | --- Comment #36 from Kyle M Hall (khall) <kyle@bywatersolutions.com> --- Created attachment 187594 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=187594&action=edit Bug 20956: [QA Follow-up] Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lucas Gass (lukeg) <lucas@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Passed QA |Failed QA CC| |lucas@bywatersolutions.com --- Comment #37 from Lucas Gass (lukeg) <lucas@bywatersolutions.com> --- The sub introduced in Patron.pm is called permissions but the POD says: =head3 get_permissions -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #187592|0 |1 is obsolete| | --- Comment #38 from Hammat wele <hammat.wele@inlibro.com> --- Created attachment 188260 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=188260&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #187594|0 |1 is obsolete| | --- Comment #39 from Hammat wele <hammat.wele@inlibro.com> --- Created attachment 188261 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=188261&action=edit Bug 20956: [QA Follow-up] Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #40 from Hammat wele <hammat.wele@inlibro.com> --- Created attachment 188262 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=188262&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Hammat wele <hammat.wele@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #188262|0 |1 is obsolete| | --- Comment #41 from Hammat wele <hammat.wele@inlibro.com> --- Created attachment 188263 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=188263&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm Signed-off-by: Hammat Wele <hammat.wele@inlibro.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@openfifth.c | |o.uk -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |BLOCKED --- Comment #42 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Looking here -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- QA Contact|kyle@bywatersolutions.com |m.de.rooy@rijksmuseum.nl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #43 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Tests are failing: * Proving /usr/share/koha/t/db_dependent/Koha/Patron.t FAIL # Failed test 'Patron has catalogue permission' # at /usr/share/koha/t/db_dependent/Koha/Patron.t line 826. # got: undef # expected: '1' # Looks like you failed 1 test of 2. # Failed test 'is_superlibrarian() tests' # at /usr/share/koha/t/db_dependent/Koha/Patron.t line 829. # Failed test 'no warnings' # at /usr/share/perl/5.36/Test/Builder.pm line 193. # There were 1 warning(s) # Previous test 0 '' # Reference found where even-sized list expected at /usr/share/koha/t/db_dependent/Koha/Patron.t line 823. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #44 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- Koha::Patron +sub permissions { + my ($self) = @_; + + my $dbh = C4::Context->dbh; + my $sth = $dbh->prepare("SELECT bit, flag FROM userflags ORDER BY bit"); + $sth->execute(); The idea of Koha::Object[s] was to remove SQL statements. So we should not just add them here. We could create a simple Koha object for userflags and permissions? Or we can use Koha::Database->new->schema->resultset(..) as is done elsewhere in this module too. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|BLOCKED |Failed QA -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #45 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- (In reply to Marcel de Rooy from comment #44)
Koha::Patron
+sub permissions { + my ($self) = @_; + + my $dbh = C4::Context->dbh; + my $sth = $dbh->prepare("SELECT bit, flag FROM userflags ORDER BY bit"); + $sth->execute();
The idea of Koha::Object[s] was to remove SQL statements. So we should not just add them here. We could create a simple Koha object for userflags and permissions? Or we can use Koha::Database->new->schema->resultset(..) as is done elsewhere in this module too.
We have Koha::Auth::Permissions already, though I'm not entirely sold on it's semantics either, to be honest. I'd be tempted to start migrating the perms code into Koha::Patron or possibly Koha::Patron::Permissions? I do think there's more work needed here, regardless.. I'm going to post a couple of follow-ups shortly and maybe the rest can be submitted as follow-up bugs -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Needs Signoff Patch complexity|--- |Small patch -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #188260|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #188261|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #188263|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #46 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 190686 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=190686&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #47 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 190687 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=190687&action=edit Bug 20956: (QA follow-up) Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #48 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 190688 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=190688&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm Signed-off-by: Hammat Wele <hammat.wele@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #49 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 190689 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=190689&action=edit Bug 20956: (QA follow-up) Fix tests and refactor to use ORM This patch addresses several QA concerns: 1. Fixed duplicate subtest name - renamed second "is_superlibrarian() tests" to "permissions() tests" which accurately reflects what it tests 2. Fixed incorrect hash assignment - permissions() returns a hashref, not a hash. Changed `my %permissions` to `my $permissions` 3. Improved test coverage - expanded from 2 to 8 assertions covering: - Hashref return type verification - Single flag permission - No permissions - Multiple flags - Granular subpermissions from user_permissions table 4. Refactored permissions() method to use DBIx::Class ORM instead of raw SQL queries, following Koha::Object architecture principles All tests now pass without warnings. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm the test now properly validates the intended behavior Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #50 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 190690 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=190690&action=edit Bug 20956: (QA follow-up) Match getuserflags() return structure This patch changes Koha::Patron->permissions() to return the same structure as C4::Auth::getuserflags() for architectural consistency. Previously, permissions() only returned granted permissions: { catalogue => 1, circulate => { override_renewals => 1 } } Now it returns ALL flags (matching getuserflags()): { superlibrarian => 0, catalogue => 1, circulate => { override_renewals => 1 }, borrowers => 0, ... } This provides several benefits: 1. Consistency - Matches established C4::Auth::getuserflags() pattern 2. Simpler checks - Can use "if ($flags->{module})" instead of "if (exists $flags->{module})" 3. Future compatibility - Enables eventual deprecation of getuserflags() in favor of the ORM-based $patron->permissions() 4. Helper compatibility - Works with existing _dispatch() logic The logging functionality still works correctly - the diff will now show explicit changes from 0 to 1 rather than absence to presence. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm permissions() now returns all flags with 0/1 values Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |andrew@bywatersolutions.com | |, | |aude.charillon@openfifth.co | |.uk, | |lucy.vaux-harvey@openfifth. | |co.uk -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #51 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Any interest here now the xmas quiet period has come to an end? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #52 from David Nind <david@davidnind.com> --- Still sitting as "Signed Off", should this be "Passed QA"? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- QA Contact|m.de.rooy@rijksmuseum.nl |lisette@bywatersolutions.co | |m Status|Signed Off |Patch doesn't apply --- Comment #53 from Lisette Scheer <lisette@bywatersolutions.com> --- Patch doesn't apply today. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #54 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 191472 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=191472&action=edit Bug 20956: fixup syntax error -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #190686|0 |1 is obsolete| | --- Comment #55 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 191473 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=191473&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #190687|0 |1 is obsolete| | --- Comment #56 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 191474 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=191474&action=edit Bug 20956: (QA follow-up) Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #190688|0 |1 is obsolete| | --- Comment #57 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 191475 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=191475&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm Signed-off-by: Hammat Wele <hammat.wele@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #190689|0 |1 is obsolete| | --- Comment #58 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 191476 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=191476&action=edit Bug 20956: (QA follow-up) Fix tests and refactor to use ORM This patch addresses several QA concerns: 1. Fixed duplicate subtest name - renamed second "is_superlibrarian() tests" to "permissions() tests" which accurately reflects what it tests 2. Fixed incorrect hash assignment - permissions() returns a hashref, not a hash. Changed `my %permissions` to `my $permissions` 3. Improved test coverage - expanded from 2 to 8 assertions covering: - Hashref return type verification - Single flag permission - No permissions - Multiple flags - Granular subpermissions from user_permissions table 4. Refactored permissions() method to use DBIx::Class ORM instead of raw SQL queries, following Koha::Object architecture principles All tests now pass without warnings. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm the test now properly validates the intended behavior Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #190690|0 |1 is obsolete| | --- Comment #59 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 191477 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=191477&action=edit Bug 20956: (QA follow-up) Match getuserflags() return structure This patch changes Koha::Patron->permissions() to return the same structure as C4::Auth::getuserflags() for architectural consistency. Previously, permissions() only returned granted permissions: { catalogue => 1, circulate => { override_renewals => 1 } } Now it returns ALL flags (matching getuserflags()): { superlibrarian => 0, catalogue => 1, circulate => { override_renewals => 1 }, borrowers => 0, ... } This provides several benefits: 1. Consistency - Matches established C4::Auth::getuserflags() pattern 2. Simpler checks - Can use "if ($flags->{module})" instead of "if (exists $flags->{module})" 3. Future compatibility - Enables eventual deprecation of getuserflags() in favor of the ORM-based $patron->permissions() 4. Helper compatibility - Works with existing _dispatch() logic The logging functionality still works correctly - the diff will now show explicit changes from 0 to 1 rather than absence to presence. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm permissions() now returns all flags with 0/1 values Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #191472|0 |1 is obsolete| | --- Comment #60 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 191478 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=191478&action=edit Bug 20956: fixup syntax error -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Patch doesn't apply |Needs Signoff CC| |ayoub.glizi-vicioso@inLibro | |.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Failed QA --- Comment #61 from David Nind <david@davidnind.com> --- The tests for prove t/db_dependent/Koha/Patron.t fail for me (latest main): prove t/db_dependent/Koha/Patron.t t/db_dependent/Koha/Patron.t .. 6/46 # Failed test 'Patron has catalogue permission' # at t/db_dependent/Koha/Patron.t line 826. # got: undef # expected: '1' # Looks like you failed 1 test of 2. # Failed test 'is_superlibrarian() tests' # at t/db_dependent/Koha/Patron.t line 829. t/db_dependent/Koha/Patron.t .. 46/46 # Failed test 'no warnings' # at /usr/share/perl/5.36/Test/Builder.pm line 193. # There were 1 warning(s) # Previous test 0 '' # Reference found where even-sized list expected at t/db_dependent/Koha/Patron.t line 823. # at t/db_dependent/Koha/Patron.t line 823. # main::__ANON__() called at /usr/share/perl/5.36/Test/Builder.pm line 374 # eval {...} called at /usr/share/perl/5.36/Test/Builder.pm line 374 # Test::Builder::subtest(Test::Builder=HASH(0x5fc68e942028), "is_superlibrarian() tests", CODE(0x5fc68e7698f0)) called at /usr/share/perl/5.36/Test/More.pm line 809 # Test::More::subtest("is_superlibrarian() tests", CODE(0x5fc68e7698f0)) called at t/db_dependent/Koha/Patron.t line 829 # # Looks like you planned 46 tests but ran 47. # Looks like you failed 2 tests of 47 run. t/db_dependent/Koha/Patron.t .. Dubious, test returned 2 (wstat 512, 0x200) Failed 1/46 subtests Test Summary Report ------------------- t/db_dependent/Koha/Patron.t (Wstat: 512 (exited 2) Tests: 47 Failed: 2) Failed tests: 11, 47 Non-zero exit status: 2 Parse errors: Bad plan. You planned 46 tests but ran 47. Files=1, Tests=47, 44 wallclock secs ( 0.09 usr 0.02 sys + 28.55 cusr 13.86 csys = 42.52 CPU) Result: FAIL -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #62 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- I'll take a look.. it's not even 3 weeks since I worked on this , yet it's already a distant memory. Hopefully it all comes flooding back once I'm in the code again. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #191473|0 |1 is obsolete| | --- Comment #63 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 192506 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192506&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #191474|0 |1 is obsolete| | --- Comment #64 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 192507 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192507&action=edit Bug 20956: (QA follow-up) Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #191475|0 |1 is obsolete| | --- Comment #65 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 192508 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192508&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm Signed-off-by: Hammat Wele <hammat.wele@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #191476|0 |1 is obsolete| | --- Comment #66 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 192509 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192509&action=edit Bug 20956: (QA follow-up) Fix tests and refactor to use ORM This patch addresses several QA concerns: 1. Fixed duplicate subtest name - renamed second "is_superlibrarian() tests" to "permissions() tests" which accurately reflects what it tests 2. Fixed incorrect hash assignment - permissions() returns a hashref, not a hash. Changed `my %permissions` to `my $permissions` 3. Improved test coverage - expanded from 2 to 8 assertions covering: - Hashref return type verification - Single flag permission - No permissions - Multiple flags - Granular subpermissions from user_permissions table 4. Refactored permissions() method to use DBIx::Class ORM instead of raw SQL queries, following Koha::Object architecture principles All tests now pass without warnings. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm the test now properly validates the intended behavior Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #191477|0 |1 is obsolete| | --- Comment #67 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 192510 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192510&action=edit Bug 20956: (QA follow-up) Match getuserflags() return structure This patch changes Koha::Patron->permissions() to return the same structure as C4::Auth::getuserflags() for architectural consistency. Previously, permissions() only returned granted permissions: { catalogue => 1, circulate => { override_renewals => 1 } } Now it returns ALL flags (matching getuserflags()): { superlibrarian => 0, catalogue => 1, circulate => { override_renewals => 1 }, borrowers => 0, ... } This provides several benefits: 1. Consistency - Matches established C4::Auth::getuserflags() pattern 2. Simpler checks - Can use "if ($flags->{module})" instead of "if (exists $flags->{module})" 3. Future compatibility - Enables eventual deprecation of getuserflags() in favor of the ORM-based $patron->permissions() 4. Helper compatibility - Works with existing _dispatch() logic The logging functionality still works correctly - the diff will now show explicit changes from 0 to 1 rather than absence to presence. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm permissions() now returns all flags with 0/1 values Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #191478|0 |1 is obsolete| | --- Comment #68 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 192511 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192511&action=edit Bug 20956: fixup syntax error -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #69 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 192512 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192512&action=edit Bug 20956: Fix test failures -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192506|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192507|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192508|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192509|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192510|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192511|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192512|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #70 from David Nind <david@davidnind.com> --- Created attachment 192604 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192604&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #71 from David Nind <david@davidnind.com> --- Created attachment 192605 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192605&action=edit Bug 20956: (QA follow-up) Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #72 from David Nind <david@davidnind.com> --- Created attachment 192606 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192606&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm Signed-off-by: Hammat Wele <hammat.wele@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #73 from David Nind <david@davidnind.com> --- Created attachment 192607 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192607&action=edit Bug 20956: (QA follow-up) Fix tests and refactor to use ORM This patch addresses several QA concerns: 1. Fixed duplicate subtest name - renamed second "is_superlibrarian() tests" to "permissions() tests" which accurately reflects what it tests 2. Fixed incorrect hash assignment - permissions() returns a hashref, not a hash. Changed `my %permissions` to `my $permissions` 3. Improved test coverage - expanded from 2 to 8 assertions covering: - Hashref return type verification - Single flag permission - No permissions - Multiple flags - Granular subpermissions from user_permissions table 4. Refactored permissions() method to use DBIx::Class ORM instead of raw SQL queries, following Koha::Object architecture principles All tests now pass without warnings. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm the test now properly validates the intended behavior Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #74 from David Nind <david@davidnind.com> --- Created attachment 192608 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192608&action=edit Bug 20956: (QA follow-up) Match getuserflags() return structure This patch changes Koha::Patron->permissions() to return the same structure as C4::Auth::getuserflags() for architectural consistency. Previously, permissions() only returned granted permissions: { catalogue => 1, circulate => { override_renewals => 1 } } Now it returns ALL flags (matching getuserflags()): { superlibrarian => 0, catalogue => 1, circulate => { override_renewals => 1 }, borrowers => 0, ... } This provides several benefits: 1. Consistency - Matches established C4::Auth::getuserflags() pattern 2. Simpler checks - Can use "if ($flags->{module})" instead of "if (exists $flags->{module})" 3. Future compatibility - Enables eventual deprecation of getuserflags() in favor of the ORM-based $patron->permissions() 4. Helper compatibility - Works with existing _dispatch() logic The logging functionality still works correctly - the diff will now show explicit changes from 0 to 1 rather than absence to presence. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm permissions() now returns all flags with 0/1 values Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #75 from David Nind <david@davidnind.com> --- Created attachment 192609 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192609&action=edit Bug 20956: fixup syntax error Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #76 from David Nind <david@davidnind.com> --- Created attachment 192610 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=192610&action=edit Bug 20956: Fix test failures Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #77 from David Nind <david@davidnind.com> --- I've signed off, but one thing I don't really understand is what should be shown in the log viewer - versus what is recorded in the database. For example: 1. I added and removed superlibrarian permissions for Henry. 2. What is shown in the log viewer vs what is in the database: - Added: . Log viewer: {"superlibrarian":1} . Database diff column: {"D":{"superlibrarian":{"A":1}}} - Removed: . Log viewer: {} . Database diff column: {"D":{"superlibrarian":{"R":1}}} 3. What is shown in the info column in the log viewer is almost meaningless/useless for a "normal" staff patrons - unless you know what it means, or can access the database/run a report to show the diff. Which, in my view, defeats the purpose of logging permission changes. While you can show the diff column, the info column should at least provide reasonably understandable information on what was changed, for example: XYZ permission added or removed. Also, as I am not a developer, I have no idea for the test patches how to: - Confirm the test now properly validates the intended behavour - Confirm permissions() now returns all flags with 0/1 values Feel free to change back to needs sign off if this is something that you require a tester to do. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #78 from David Nind <david@davidnind.com> --- Apologies, I think I came across as a bit grumpy in the previous comment (now that I have re-read it) 8-(... -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Michelle Spinney <mspinney@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mspinney@clamsnet.org -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Failed QA --- Comment #79 from Lisette Scheer <lisette@bywatersolutions.com> --- There's a couple of failures from the Koha Testing Docker QA tool: [FAIL] Koha/Patron.pm WARN spelling Exemple ==> Example FAIL tidiness File is not tidy, please run `perl misc/devel/tidy.pl Koha/Patron.pm` [PASS] members/member-flags.pl [FAIL] t/db_dependent/Koha/Patron.t FAIL tidiness File is not tidy, please run `perl misc/devel/tidy.pl t/db_dependent/Koha/Patron.t` Additionally, if you have a lot of permissions (say all but one of the tool permissions) it doesn't line break for a long time and makes the table way too wide. if you USE JSON (qw to_json); and within the logaction replace $permissions_after: to_json($permissions_after, { utf8 => 1, pretty => 1, canonical => 1 }) similar to the members log around line 409, it does break nicely, but the diff no longer works for me, so that's not the whole solution. I highly recommend using Koha testing docker and running the QA script before attaching patches as it can catch things that cause failures, as well as tidying the commit as needed when you git commit. You can find instructions at the gitlab and please feel free to reach out if you need help setting it up. https://gitlab.com/koha-community/koha-testing-docker -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Johanna Räisä <johanna.raisa@koha-suomi.fi> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |johanna.raisa@koha-suomi.fi -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|hammat.wele@inlibro.com |ayoub.glizi-vicioso@inLibro | |.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Failed QA |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192604|0 |1 is obsolete| | --- Comment #80 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 194527 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194527&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192605|0 |1 is obsolete| | --- Comment #81 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 194528 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194528&action=edit Bug 20956: (QA follow-up) Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192606|0 |1 is obsolete| | --- Comment #82 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 194529 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194529&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm Signed-off-by: Hammat Wele <hammat.wele@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192607|0 |1 is obsolete| | --- Comment #83 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 194530 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194530&action=edit Bug 20956: (QA follow-up) Fix tests and refactor to use ORM This patch addresses several QA concerns: 1. Fixed duplicate subtest name - renamed second "is_superlibrarian() tests" to "permissions() tests" which accurately reflects what it tests 2. Fixed incorrect hash assignment - permissions() returns a hashref, not a hash. Changed `my %permissions` to `my $permissions` 3. Improved test coverage - expanded from 2 to 8 assertions covering: - Hashref return type verification - Single flag permission - No permissions - Multiple flags - Granular subpermissions from user_permissions table 4. Refactored permissions() method to use DBIx::Class ORM instead of raw SQL queries, following Koha::Object architecture principles All tests now pass without warnings. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm the test now properly validates the intended behavior Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192608|0 |1 is obsolete| | --- Comment #84 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 194531 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194531&action=edit Bug 20956: (QA follow-up) Match getuserflags() return structure This patch changes Koha::Patron->permissions() to return the same structure as C4::Auth::getuserflags() for architectural consistency. Previously, permissions() only returned granted permissions: { catalogue => 1, circulate => { override_renewals => 1 } } Now it returns ALL flags (matching getuserflags()): { superlibrarian => 0, catalogue => 1, circulate => { override_renewals => 1 }, borrowers => 0, ... } This provides several benefits: 1. Consistency - Matches established C4::Auth::getuserflags() pattern 2. Simpler checks - Can use "if ($flags->{module})" instead of "if (exists $flags->{module})" 3. Future compatibility - Enables eventual deprecation of getuserflags() in favor of the ORM-based $patron->permissions() 4. Helper compatibility - Works with existing _dispatch() logic The logging functionality still works correctly - the diff will now show explicit changes from 0 to 1 rather than absence to presence. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm permissions() now returns all flags with 0/1 values Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192609|0 |1 is obsolete| | --- Comment #85 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 194532 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194532&action=edit Bug 20956: fixup syntax error Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #192610|0 |1 is obsolete| | --- Comment #86 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 194533 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194533&action=edit Bug 20956: Fix test failures Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #87 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Created attachment 194534 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194534&action=edit Bug 20956: (QA follow-up) Fix display of permission logs -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #88 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- Updated patch to address QA and usability feedback: Readability: Enabled pretty JSON formatting in both the "Info" and "Diff" columns to resolve table width issues. Clarity: Enhanced the "Diff" display by replacing raw 0/1 values with explicit Added ✅ and Removed ❌ labels. Standards: Ran tidy script and fixed spelling errors to meet Koha coding standards. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #89 from Lisette Scheer <lisette@bywatersolutions.com> --- (In reply to Ayoub Glizi-Vicioso from comment #88)
Updated patch to address QA and usability feedback:
Readability: Enabled pretty JSON formatting in both the "Info" and "Diff" columns to resolve table width issues.
Clarity: Enhanced the "Diff" display by replacing raw 0/1 values with explicit Added ✅ and Removed ❌ labels.
Standards: Ran tidy script and fixed spelling errors to meet Koha coding standards.
This is looking great! I haven't finished testing, but I'd like another sign off since it's a big visual change. I think a lot of the pretty work could be adapted on 36698 and I've posted a screenshot over there to get some feedback for a wider adoption down the road. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #90 from David Nind <david@davidnind.com> --- Created attachment 194612 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194612&action=edit Log viewer results - after patch Sorry, I'm not seeing the diff as shown in the screenshot on bug 36698. Screenshot attached showing what I see in the log viewer. I have applied the patch, run yarn build, restarted everything, and cleared the browser cache. I even shutdown KTD and restarted with the patch applied in case it was a build thing. Testing notes (using KTD): 1. Go to a staff interface. 2. Search for a patron and change their permissions (note their borrower number) (for example: Henry Acevedo (23529000035676), borrower number 19, add and remove "Access to all librarian functions (superlibrarian)" 3. Go to Tools > Additional tools > Log viewer. 4. Filter the log entries as follows: - Module = Patrons - Object = <borrowernumber> (for example, 19) 5. Click on submit: ==> There are no log entries for permission changes 6. Apply the patch, rebuild everything (yarn build), restart everything (restart_all), and clear your browser cache. 7. Repeat steps 1 to 5: ==> Permission changes are now logged [1] 8. Check that the diff column in the database contains the full details of the changes: [2] select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; 9. The tests pass: 9.1 prove t/db_dependent/Koha/Patron.t 9.2 prove t/db_dependent/Log.t [1] Log viewer information: See the screenshot: Modify Henry Acevedo (19) {} Modify Henry Acevedo (19) { "superlibrarian" : 1 } [2] select diff from action_logs where object=19; +----------------------------------+ | diff | +----------------------------------+ | {"D":{"superlibrarian":{"A":1}}} | | {"D":{"superlibrarian":{"R":1}}} | +----------------------------------+ -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=36698 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #91 from Ayoub Glizi-Vicioso <ayoub.glizi-vicioso@inLibro.com> --- (In reply to David Nind from comment #90)
Created attachment 194612 [details] Log viewer results - after patch
Sorry, I'm not seeing the diff as shown in the screenshot on bug 36698.
Screenshot attached showing what I see in the log viewer.
I have applied the patch, run yarn build, restarted everything, and cleared the browser cache. I even shutdown KTD and restarted with the patch applied in case it was a build thing.
Testing notes (using KTD): 1. Go to a staff interface. 2. Search for a patron and change their permissions (note their borrower number) (for example: Henry Acevedo (23529000035676), borrower number 19, add and remove "Access to all librarian functions (superlibrarian)" 3. Go to Tools > Additional tools > Log viewer. 4. Filter the log entries as follows: - Module = Patrons - Object = <borrowernumber> (for example, 19) 5. Click on submit: ==> There are no log entries for permission changes 6. Apply the patch, rebuild everything (yarn build), restart everything (restart_all), and clear your browser cache. 7. Repeat steps 1 to 5: ==> Permission changes are now logged [1] 8. Check that the diff column in the database contains the full details of the changes: [2] select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; 9. The tests pass: 9.1 prove t/db_dependent/Koha/Patron.t 9.2 prove t/db_dependent/Log.t
[1] Log viewer information:
See the screenshot:
Modify Henry Acevedo (19) {}
Modify Henry Acevedo (19) { "superlibrarian" : 1 }
[2]
select diff from action_logs where object=19; +----------------------------------+ | diff | +----------------------------------+ | {"D":{"superlibrarian":{"A":1}}} | | {"D":{"superlibrarian":{"R":1}}} | +----------------------------------+
Hi David, Regarding the missing diff display: Since your SQL query confirms that the data is correctly recorded in the action_logs table, it is possible that the column is simply hidden in the interface. To check this, you can: 1- Look for the "Columns" drop-down menu in the table's action bar (usually located at the top of the results table). Note that there is a cog icon (⚙️) right before the "Columns" label. 2- Ensure that the "Diff" checkbox is checked. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #92 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- This introduced another special case.. I'd rather we solved the diff view generically to all diffs display 'nicer'.. I've added a patch and screenshot to bug 36698 that works for all logs containing a diff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #93 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- The actions logs are such a mixed bag still right now.. I don't think we should be introducing further special cases and different code paths. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |40136 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=40136 [Bug 40136] Record diff in action logs when modifying a patron -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #94 from David Nind <david@davidnind.com> --- (In reply to Ayoub Glizi-Vicioso from comment #91)
1- Look for the "Columns" drop-down menu in the table's action bar (usually located at the top of the results table). Note that there is a cog icon (⚙️) right before the "Columns" label.
2- Ensure that the "Diff" checkbox is checked.
Ah, that was it! Thanks! David -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #95 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- I'm going to move that final patch to the other bug.. and I have some further QA considerations here. I think we need to keep the action distinct.. i.e have a 'MODIFY_PERMISSIONS' as apposed to reusing the 'MODIFY'.. else were going to end up with two quite different forms of data mingled in the borrowers MODIFY logs. (This matters more now I'm working on bug 40136) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #96 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Either MODIFY_PERMISSIONS.. or we stick to MODIFY but we nest the object inside a 'permissions' field maybe -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #97 from Lisette Scheer <lisette@bywatersolutions.com> --- (In reply to Martin Renvoize (ashimema) from comment #95)
I'm going to move that final patch to the other bug.. and I have some further QA considerations here.
I think we need to keep the action distinct.. i.e have a 'MODIFY_PERMISSIONS' as apposed to reusing the 'MODIFY'.. else were going to end up with two quite different forms of data mingled in the borrowers MODIFY logs. (This matters more now I'm working on bug 40136)
I was going to split the patch because part of it is fixing no line breaks in the info, which makes the table to wide. Your nesting/new action makes sense. New action makes it easier to filter on in the table. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194527|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194528|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194529|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194530|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194531|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194532|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194533|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194534|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #98 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 194865 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194865&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #99 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 194866 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194866&action=edit Bug 20956: (QA follow-up) Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #100 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 194867 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194867&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm Signed-off-by: Hammat Wele <hammat.wele@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #101 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 194868 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194868&action=edit Bug 20956: (QA follow-up) Fix tests and refactor to use ORM This patch addresses several QA concerns: 1. Fixed duplicate subtest name - renamed second "is_superlibrarian() tests" to "permissions() tests" which accurately reflects what it tests 2. Fixed incorrect hash assignment - permissions() returns a hashref, not a hash. Changed `my %permissions` to `my $permissions` 3. Improved test coverage - expanded from 2 to 8 assertions covering: - Hashref return type verification - Single flag permission - No permissions - Multiple flags - Granular subpermissions from user_permissions table 4. Refactored permissions() method to use DBIx::Class ORM instead of raw SQL queries, following Koha::Object architecture principles All tests now pass without warnings. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm the test now properly validates the intended behavior Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #102 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 194869 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194869&action=edit Bug 20956: (QA follow-up) Match getuserflags() return structure This patch changes Koha::Patron->permissions() to return the same structure as C4::Auth::getuserflags() for architectural consistency. Previously, permissions() only returned granted permissions: { catalogue => 1, circulate => { override_renewals => 1 } } Now it returns ALL flags (matching getuserflags()): { superlibrarian => 0, catalogue => 1, circulate => { override_renewals => 1 }, borrowers => 0, ... } This provides several benefits: 1. Consistency - Matches established C4::Auth::getuserflags() pattern 2. Simpler checks - Can use "if ($flags->{module})" instead of "if (exists $flags->{module})" 3. Future compatibility - Enables eventual deprecation of getuserflags() in favor of the ORM-based $patron->permissions() 4. Helper compatibility - Works with existing _dispatch() logic The logging functionality still works correctly - the diff will now show explicit changes from 0 to 1 rather than absence to presence. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm permissions() now returns all flags with 0/1 values Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #103 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 194870 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194870&action=edit Bug 20956: Fix test failures Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #104 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 194871 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194871&action=edit Bug 20956: (follow-up) Nest permissions data under 'permissions' key in MEMBERS/MODIFY log Changes to patron permissions via member-flags.pl are logged as MEMBERS/MODIFY, indistinguishable from regular patron field edits. This patch wraps the before/after permission hashes under a 'permissions' key so that the diff renderer displays changes as 'permissions.cataloguing' etc., making it clear the diff relates to permissions rather than first-level patron fields. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #105 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- (In reply to Lisette Scheer from comment #97)
(In reply to Martin Renvoize (ashimema) from comment #95)
I'm going to move that final patch to the other bug.. and I have some further QA considerations here.
I think we need to keep the action distinct.. i.e have a 'MODIFY_PERMISSIONS' as apposed to reusing the 'MODIFY'.. else were going to end up with two quite different forms of data mingled in the borrowers MODIFY logs. (This matters more now I'm working on bug 40136)
I was going to split the patch because part of it is fixing no line breaks in the info, which makes the table to wide.
Your nesting/new action makes sense. New action makes it easier to filter on in the table.
I went with Nesting... and I think in another bug we should quickly add the 'diff' to the search options.. then you you do 'MODIFY' + 'permission' in the diff as your search to filter easily -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #106 from Lisette Scheer <lisette@bywatersolutions.com> --- I restored the info pretty code to allow the text to wrap as other logs do -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #107 from Lisette Scheer <lisette@bywatersolutions.com> --- Created attachment 194882 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194882&action=edit Bug 20956: (QA follow-up) Restore info pretty I restored the pretty code for the info file because the page needs to be able to wrap, like it does for other logs. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194865|0 |1 is obsolete| | --- Comment #108 from David Nind <david@davidnind.com> --- Created attachment 194883 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194883&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194866|0 |1 is obsolete| | --- Comment #109 from David Nind <david@davidnind.com> --- Created attachment 194884 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194884&action=edit Bug 20956: (QA follow-up) Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194867|0 |1 is obsolete| | --- Comment #110 from David Nind <david@davidnind.com> --- Created attachment 194885 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194885&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm Signed-off-by: Hammat Wele <hammat.wele@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194868|0 |1 is obsolete| | --- Comment #111 from David Nind <david@davidnind.com> --- Created attachment 194886 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194886&action=edit Bug 20956: (QA follow-up) Fix tests and refactor to use ORM This patch addresses several QA concerns: 1. Fixed duplicate subtest name - renamed second "is_superlibrarian() tests" to "permissions() tests" which accurately reflects what it tests 2. Fixed incorrect hash assignment - permissions() returns a hashref, not a hash. Changed `my %permissions` to `my $permissions` 3. Improved test coverage - expanded from 2 to 8 assertions covering: - Hashref return type verification - Single flag permission - No permissions - Multiple flags - Granular subpermissions from user_permissions table 4. Refactored permissions() method to use DBIx::Class ORM instead of raw SQL queries, following Koha::Object architecture principles All tests now pass without warnings. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm the test now properly validates the intended behavior Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194869|0 |1 is obsolete| | --- Comment #112 from David Nind <david@davidnind.com> --- Created attachment 194887 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194887&action=edit Bug 20956: (QA follow-up) Match getuserflags() return structure This patch changes Koha::Patron->permissions() to return the same structure as C4::Auth::getuserflags() for architectural consistency. Previously, permissions() only returned granted permissions: { catalogue => 1, circulate => { override_renewals => 1 } } Now it returns ALL flags (matching getuserflags()): { superlibrarian => 0, catalogue => 1, circulate => { override_renewals => 1 }, borrowers => 0, ... } This provides several benefits: 1. Consistency - Matches established C4::Auth::getuserflags() pattern 2. Simpler checks - Can use "if ($flags->{module})" instead of "if (exists $flags->{module})" 3. Future compatibility - Enables eventual deprecation of getuserflags() in favor of the ORM-based $patron->permissions() 4. Helper compatibility - Works with existing _dispatch() logic The logging functionality still works correctly - the diff will now show explicit changes from 0 to 1 rather than absence to presence. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm permissions() now returns all flags with 0/1 values Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194870|0 |1 is obsolete| | --- Comment #113 from David Nind <david@davidnind.com> --- Created attachment 194888 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194888&action=edit Bug 20956: Fix test failures Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194871|0 |1 is obsolete| | --- Comment #114 from David Nind <david@davidnind.com> --- Created attachment 194889 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194889&action=edit Bug 20956: (follow-up) Nest permissions data under 'permissions' key in MEMBERS/MODIFY log Changes to patron permissions via member-flags.pl are logged as MEMBERS/MODIFY, indistinguishable from regular patron field edits. This patch wraps the before/after permission hashes under a 'permissions' key so that the diff renderer displays changes as 'permissions.cataloguing' etc., making it clear the diff relates to permissions rather than first-level patron fields. Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194882|0 |1 is obsolete| | --- Comment #115 from David Nind <david@davidnind.com> --- Created attachment 194890 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194890&action=edit Bug 20956: (QA follow-up) Restore info pretty I restored the pretty code for the info file because the page needs to be able to wrap, like it does for other logs. Signed-off-by: David Nind <david@davidnind.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Passed QA -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194883|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194884|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194885|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194886|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194887|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194888|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194889|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194890|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #116 from Lisette Scheer <lisette@bywatersolutions.com> --- Created attachment 194892 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194892&action=edit Bug 20956: BorrowersLog is not logging permission changes Changes to permissions are not logged in the Koha action_logs, making it impossible to trace changes to staff permissions. This patch ensures that all changes to permissions are logged. Test plan: 1. Go to a staff interface 2. Search for a patron and change their permissions (note their borrowernumber) 3. Go to tools/Log viewer 4. Filter by Module = Patrons, Object = <borrowernumber>. 5. Click on submit ==> No permission changes are logged. 6. Apply the patch 7. Repeat step 1, 2, 3, 4, 5 ==> Permission changes are now logged 8. Check that the diff column contains the change: select diff from action_logs where object= <borrowernumber> order by action_id desc limit 1; Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lisette Scheer <lisette@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #117 from Lisette Scheer <lisette@bywatersolutions.com> --- Created attachment 194893 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194893&action=edit Bug 20956: (QA follow-up) Move subs to Koha::Patron, add unit tests Subroutines in members/member-flags.pl are combined and moved to Koha::Patron Removed the html-based english description of each permission from the logging Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lisette Scheer <lisette@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #118 from Lisette Scheer <lisette@bywatersolutions.com> --- Created attachment 194894 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194894&action=edit Bug 20956: (follow-up) Tidyness and fix no pod coverage in Koha/Patron.pm Signed-off-by: Hammat Wele <hammat.wele@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@openfifth.co.uk> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lisette Scheer <lisette@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #119 from Lisette Scheer <lisette@bywatersolutions.com> --- Created attachment 194895 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194895&action=edit Bug 20956: (QA follow-up) Fix tests and refactor to use ORM This patch addresses several QA concerns: 1. Fixed duplicate subtest name - renamed second "is_superlibrarian() tests" to "permissions() tests" which accurately reflects what it tests 2. Fixed incorrect hash assignment - permissions() returns a hashref, not a hash. Changed `my %permissions` to `my $permissions` 3. Improved test coverage - expanded from 2 to 8 assertions covering: - Hashref return type verification - Single flag permission - No permissions - Multiple flags - Granular subpermissions from user_permissions table 4. Refactored permissions() method to use DBIx::Class ORM instead of raw SQL queries, following Koha::Object architecture principles All tests now pass without warnings. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm the test now properly validates the intended behavior Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lisette Scheer <lisette@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #120 from Lisette Scheer <lisette@bywatersolutions.com> --- Created attachment 194896 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194896&action=edit Bug 20956: (QA follow-up) Match getuserflags() return structure This patch changes Koha::Patron->permissions() to return the same structure as C4::Auth::getuserflags() for architectural consistency. Previously, permissions() only returned granted permissions: { catalogue => 1, circulate => { override_renewals => 1 } } Now it returns ALL flags (matching getuserflags()): { superlibrarian => 0, catalogue => 1, circulate => { override_renewals => 1 }, borrowers => 0, ... } This provides several benefits: 1. Consistency - Matches established C4::Auth::getuserflags() pattern 2. Simpler checks - Can use "if ($flags->{module})" instead of "if (exists $flags->{module})" 3. Future compatibility - Enables eventual deprecation of getuserflags() in favor of the ORM-based $patron->permissions() 4. Helper compatibility - Works with existing _dispatch() logic The logging functionality still works correctly - the diff will now show explicit changes from 0 to 1 rather than absence to presence. Test plan: 1. prove t/db_dependent/Koha/Patron.t 2. prove t/db_dependent/Log.t 3. Verify all tests pass 4. Confirm permissions() now returns all flags with 0/1 values Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lisette Scheer <lisette@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #121 from Lisette Scheer <lisette@bywatersolutions.com> --- Created attachment 194897 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194897&action=edit Bug 20956: Fix test failures Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lisette Scheer <lisette@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #122 from Lisette Scheer <lisette@bywatersolutions.com> --- Created attachment 194898 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194898&action=edit Bug 20956: (follow-up) Nest permissions data under 'permissions' key in MEMBERS/MODIFY log Changes to patron permissions via member-flags.pl are logged as MEMBERS/MODIFY, indistinguishable from regular patron field edits. This patch wraps the before/after permission hashes under a 'permissions' key so that the diff renderer displays changes as 'permissions.cataloguing' etc., making it clear the diff relates to permissions rather than first-level patron fields. Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lisette Scheer <lisette@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #123 from Lisette Scheer <lisette@bywatersolutions.com> --- Created attachment 194899 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194899&action=edit Bug 20956: (QA follow-up) Restore info pretty I restored the pretty code for the info file because the page needs to be able to wrap, like it does for other logs. Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lisette Scheer <lisette@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Text to go in the| |This patch adds permission release notes| |changes to the members log. | |Permission changes are | |always logged, similar to | |the System Administration | |logging. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Lisette Scheer <lisette@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |42085 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=42085 [Bug 42085] Permissions should be logged when a patron is deleted -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks|42085 | Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=42085 [Bug 42085] Permissions should be logged when a patron is deleted -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Passed QA |Pushed to main Version(s)| |26.05.00 released in| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 --- Comment #124 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Thanks for all the hard work! Pushed to main for the next 26.05.00 release as RM Assistant -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 David Nind <david@davidnind.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Text to go in the|This patch adds permission |This enhancement adds release notes|changes to the members log. |logging of patron |Permission changes are |permission changes when |always logged, similar to |BorrowersLog is enabled. |the System Administration |Detailed information about |logging. |the changes is now included | |in the log viewer tool info | |and diff columns. Before | |this change, permission | |changes were not logged. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20956 Jacob O'Mara <jacob.omara@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to main |Needs documenting --- Comment #125 from Jacob O'Mara <jacob.omara@openfifth.co.uk> --- This will not be backported to 25.11.x due to it being deemed an enhancement or a dependancy not being met -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org