[open-ils-commits] [GIT] Evergreen ILS branch tags/rel_2_3_3 created. 00d35fcc7c586fb7ac8483d6dc0c2423458ffe26
Evergreen Git
git at git.evergreen-ils.org
Wed Jan 16 14:59:47 EST 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, tags/rel_2_3_3 has been created
at 00d35fcc7c586fb7ac8483d6dc0c2423458ffe26 (commit)
- Log -----------------------------------------------------------------
commit 00d35fcc7c586fb7ac8483d6dc0c2423458ffe26
Author: Bill Erickson <berick at esilibrary.com>
Date: Wed Jan 16 12:04:29 2013 -0500
Bumping version numbers, adding Upgrade Script and Changelog
Signed-off-by: Bill Erickson <berick at esilibrary.com>
diff --git a/ChangeLog b/ChangeLog
index 1f72b2c..6fa9dae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,1027 @@
-Evergreen doesn't keep a GNU-style ChangeLog except in release tarballs.
-Those seeking a change log are encouraged to run 'git log -v', or read
-it online at: http://git.evergreen-ils.org/?p=Evergreen.git;a=log
+commit 07db4ff1bc0d5e833a0c95a967bc39092629224e
+Author: Galen Charlton <gmc at esilibrary.com>
+Date: Tue Jan 15 11:30:41 2013 -0500
+
+ LP#1098377: protect against even more cstore segfaults
+
+ Following up on the preceding patch, passing null
+ as the savepoint name to savepoint.release and
+ savepoint.rollback would also segfault cstore.
+
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+
+12 0 Open-ILS/src/c-apps/oils_sql.c
+
+commit b2c3597d607756523e08932731fd2768d8ecb4d3
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Tue Jan 15 10:58:16 2013 -0500
+
+ Verify savepoint name is non-null
+
+ Before we attempt to mangle the name, let's ensure that it's non-null.
+ Otherwise, segfaults ensue.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
+
+6 0 Open-ILS/src/c-apps/oils_sql.c
+
+commit 217d29fbfb02913d387a969fe4063cd1d9f3a3c7
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Fri Jan 11 01:32:13 2013 -0500
+
+ Protect against overly long savepoint names
+
+ Per http://postgresql.org/docs/9.1/static/sql-syntax-lexical.html#SQL-SYNTAX-IDENTIFIERS,
+ the maximum identifier length works out to being 63 bytes (+1 for the
+ null terminator), so to avoid potential memory pressure by a 10GB string
+ somehow being passed in as the savepoint name, malloc no more than 64
+ bytes and copy no more than 63 bytes from the incoming name to the
+ escaped name.
+
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
+
+16 2 Open-ILS/src/c-apps/oils_sql.c
+
+commit 1215411812407ee8d74473a04154cd09ca90c18a
+Author: Galen Charlton <gmc at esilibrary.com>
+Date: Fri Jan 11 02:30:50 2013 -0500
+
+ LP#1098377: sanitize savepoint names
+
+ When invoking open-ils.{cstore,pcrud,rstore}.savepoint.*, the
+ caller supplies a name for the savepoint. However, the savepoint
+ names could be constructed so that the caller could execute
+ arbitrary SQL. This patch sanitizes the name so that it contains
+ only alphanumeric and underscore characters.
+
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+
+37 3 Open-ILS/src/c-apps/oils_sql.c
+
+commit 098477e17693160743382d069adfc5bda73bf549
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Wed Jan 16 11:04:23 2013 -0500
+
+ 2.3.3 translations : repair Finnish translator email
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+1 1 build/i18n/po/AutoFieldWidget.js/fi-FI.po
+1 1 build/i18n/po/Searcher.js/fi-FI.po
+1 1 build/i18n/po/TranslatorPopup.js/fi-FI.po
+1 1 build/i18n/po/User.js/fi-FI.po
+1 1 build/i18n/po/XULTermLoader.js/fi-FI.po
+1 1 build/i18n/po/admin.properties/fi-FI.po
+1 1 build/i18n/po/auth.properties/fi-FI.po
+1 1 build/i18n/po/authority.js/fi-FI.po
+1 1 build/i18n/po/capture.js/fi-FI.po
+1 1 build/i18n/po/cat.properties/fi-FI.po
+1 1 build/i18n/po/circ.properties/fi-FI.po
+1 1 build/i18n/po/common.properties/fi-FI.po
+1 1 build/i18n/po/conify.dtd/fi-FI.po
+1 1 build/i18n/po/conify.js/fi-FI.po
+1 1 build/i18n/po/db.seed/fi-FI.po
+1 1 build/i18n/po/fm_IDL.dtd/fi-FI.po
+1 1 build/i18n/po/ils_events.xml/fi-FI.po
+1 1 build/i18n/po/lang.dtd/fi-FI.po
+1 1 build/i18n/po/offline.properties/fi-FI.po
+1 1 build/i18n/po/opac.dtd/fi-FI.po
+1 1 build/i18n/po/opac.js/fi-FI.po
+1 1 build/i18n/po/patron.properties/fi-FI.po
+1 1 build/i18n/po/pickup_and_return.js/fi-FI.po
+1 1 build/i18n/po/pull_list.js/fi-FI.po
+1 1 build/i18n/po/register.js/fi-FI.po
+1 1 build/i18n/po/reports.dtd/fi-FI.po
+1 1 build/i18n/po/reports.js/fi-FI.po
+1 1 build/i18n/po/reservation.js/fi-FI.po
+1 1 build/i18n/po/selfcheck.js/fi-FI.po
+1 1 build/i18n/po/serial.properties/fi-FI.po
+
+commit e391d0d04d68ee6f66bc94ecc7b09f951b1e22ce
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Wed Jan 16 10:39:31 2013 -0500
+
+ 2.3.3 translations : newpot
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+120 120 build/i18n/po/db.seed/db.seed.pot
+9 9 build/i18n/po/tpac/tpac.pot
+
+commit 1399c93e2636523fadf7c37daa6355a5d514e967
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Wed Jan 16 10:35:33 2013 -0500
+
+ 2.3.3 translations : update profiles
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+6 6 build/i18n/po/AutoFieldWidget.js/fi-FI.po
+6 6 build/i18n/po/Searcher.js/fi-FI.po
+6 6 build/i18n/po/TranslatorPopup.js/fi-FI.po
+6 6 build/i18n/po/User.js/fi-FI.po
+6 6 build/i18n/po/XULTermLoader.js/fi-FI.po
+7 7 build/i18n/po/admin.properties/fi-FI.po
+7 7 build/i18n/po/auth.properties/fi-FI.po
+6 6 build/i18n/po/authority.js/fi-FI.po
+8 8 build/i18n/po/capture.js/fi-FI.po
+54 125 build/i18n/po/cat.properties/fi-FI.po
+17 5 build/i18n/po/circ.properties/cs-CZ.po
+15 3 build/i18n/po/circ.properties/de-DE.po
+15 3 build/i18n/po/circ.properties/en-CA.po
+15 3 build/i18n/po/circ.properties/en-GB.po
+15 3 build/i18n/po/circ.properties/es-ES.po
+53 35 build/i18n/po/circ.properties/fi-FI.po
+16 4 build/i18n/po/circ.properties/fr-CA.po
+15 3 build/i18n/po/circ.properties/hy-AM.po
+15 3 build/i18n/po/circ.properties/oc-FR.po
+15 3 build/i18n/po/circ.properties/pt-BR.po
+15 3 build/i18n/po/circ.properties/ru-RU.po
+203 63 build/i18n/po/circ.properties/tr-TR.po
+9 5 build/i18n/po/common.properties/cs-CZ.po
+7 3 build/i18n/po/common.properties/de-DE.po
+7 3 build/i18n/po/common.properties/en-CA.po
+9 5 build/i18n/po/common.properties/en-GB.po
+9 5 build/i18n/po/common.properties/es-ES.po
+14 31 build/i18n/po/common.properties/fi-FI.po
+7 3 build/i18n/po/common.properties/fr-CA.po
+7 3 build/i18n/po/common.properties/hy-AM.po
+7 3 build/i18n/po/common.properties/oc-FR.po
+7 3 build/i18n/po/common.properties/pt-BR.po
+7 3 build/i18n/po/common.properties/ru-RU.po
+7 7 build/i18n/po/conify.dtd/fi-FI.po
+8 7 build/i18n/po/conify.js/fi-FI.po
+719 719 build/i18n/po/db.seed/cs-CZ.po
+719 719 build/i18n/po/db.seed/de-DE.po
+719 719 build/i18n/po/db.seed/en-CA.po
+719 719 build/i18n/po/db.seed/en-GB.po
+719 719 build/i18n/po/db.seed/es-ES.po
+11 11 build/i18n/po/db.seed/fi-FI.po
+719 719 build/i18n/po/db.seed/fr-CA.po
+719 719 build/i18n/po/db.seed/hy-AM.po
+719 719 build/i18n/po/db.seed/oc-FR.po
+719 719 build/i18n/po/db.seed/pt-BR.po
+719 719 build/i18n/po/db.seed/ru-RU.po
+719 719 build/i18n/po/db.seed/tr-TR.po
+1378 1374 build/i18n/po/fm_IDL.dtd/cs-CZ.po
+1375 1371 build/i18n/po/fm_IDL.dtd/de-DE.po
+1375 1371 build/i18n/po/fm_IDL.dtd/en-CA.po
+1375 1371 build/i18n/po/fm_IDL.dtd/en-GB.po
+1375 1371 build/i18n/po/fm_IDL.dtd/es-ES.po
+24 24 build/i18n/po/fm_IDL.dtd/fi-FI.po
+1375 1371 build/i18n/po/fm_IDL.dtd/fr-CA.po
+1375 1371 build/i18n/po/fm_IDL.dtd/hy-AM.po
+1375 1371 build/i18n/po/fm_IDL.dtd/oc-FR.po
+1375 1371 build/i18n/po/fm_IDL.dtd/pt-BR.po
+1375 1371 build/i18n/po/fm_IDL.dtd/ru-RU.po
+1375 1371 build/i18n/po/fm_IDL.dtd/tr-TR.po
+4 4 build/i18n/po/ils_events.xml/cs-CZ.po
+39 43 build/i18n/po/ils_events.xml/fi-FI.po
+76 3 build/i18n/po/lang.dtd/ar-AR.po
+108 23 build/i18n/po/lang.dtd/cs-CZ.po
+76 3 build/i18n/po/lang.dtd/de-DE.po
+76 3 build/i18n/po/lang.dtd/en-CA.po
+76 3 build/i18n/po/lang.dtd/en-GB.po
+77 4 build/i18n/po/lang.dtd/es-ES.po
+660 763 build/i18n/po/lang.dtd/fi-FI.po
+77 4 build/i18n/po/lang.dtd/fr-CA.po
+76 3 build/i18n/po/lang.dtd/hy-AM.po
+76 3 build/i18n/po/lang.dtd/oc-FR.po
+76 3 build/i18n/po/lang.dtd/pt-BR.po
+76 3 build/i18n/po/lang.dtd/ru-RU.po
+76 3 build/i18n/po/lang.dtd/tr-TR.po
+130 8 build/i18n/po/multiclass_search_help.html/fi-FI.po
+18 4 build/i18n/po/offline.properties/cs-CZ.po
+17 3 build/i18n/po/offline.properties/de-DE.po
+21 7 build/i18n/po/offline.properties/en-CA.po
+18 4 build/i18n/po/offline.properties/en-GB.po
+17 3 build/i18n/po/offline.properties/es-ES.po
+31 28 build/i18n/po/offline.properties/fi-FI.po
+17 3 build/i18n/po/offline.properties/fr-CA.po
+18 4 build/i18n/po/offline.properties/hy-AM.po
+18 4 build/i18n/po/offline.properties/oc-FR.po
+17 3 build/i18n/po/offline.properties/pt-BR.po
+17 3 build/i18n/po/offline.properties/ru-RU.po
+17 3 build/i18n/po/offline.properties/tr-TR.po
+4 4 build/i18n/po/opac.dtd/cs-CZ.po
+30 24 build/i18n/po/opac.dtd/fi-FI.po
+15 15 build/i18n/po/opac.dtd/oc-FR.po
+12 12 build/i18n/po/opac.js/fi-FI.po
+10 4 build/i18n/po/patron.properties/cs-CZ.po
+7 3 build/i18n/po/patron.properties/de-DE.po
+7 3 build/i18n/po/patron.properties/en-CA.po
+7 3 build/i18n/po/patron.properties/en-GB.po
+7 3 build/i18n/po/patron.properties/es-ES.po
+74 68 build/i18n/po/patron.properties/fi-FI.po
+7 3 build/i18n/po/patron.properties/fr-CA.po
+7 3 build/i18n/po/patron.properties/hy-AM.po
+7 3 build/i18n/po/patron.properties/oc-FR.po
+7 3 build/i18n/po/patron.properties/pt-BR.po
+7 3 build/i18n/po/patron.properties/ru-RU.po
+7 3 build/i18n/po/patron.properties/tr-TR.po
+6 6 build/i18n/po/pickup_and_return.js/fi-FI.po
+9 9 build/i18n/po/pull_list.js/fi-FI.po
+22 22 build/i18n/po/register.js/fi-FI.po
+13 13 build/i18n/po/register.js/fr-CA.po
+25 25 build/i18n/po/reports.dtd/fi-FI.po
+8 7 build/i18n/po/reports.js/fi-FI.po
+16 13 build/i18n/po/reservation.js/fi-FI.po
+10 8 build/i18n/po/selfcheck.js/fi-FI.po
+12 10 build/i18n/po/serial.properties/fi-FI.po
+
+commit 07a5bb1c809a547a5b7f7d8792bf855f93eb4c5b
+Author: Jason Stephenson <jstephenson at mvlc.org>
+Date: Mon Dec 10 15:27:40 2012 -0500
+
+ Minor fix in Open-ILS/src/templates/opac/parts/place_hold_result.tt2
+
+ The hidden override field had two type attrs: "hidden" and "name."
+ I deleted the one with the value of "name."
+
+ Signed-off-by: Jason Stephenson <jstephenson at mvlc.org>
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+
+1 1 Open-ILS/src/templates/opac/parts/place_hold_result.tt2
+
+commit e30474a9609d6a2b711aa95b455b18bf8a5dfa75
+Author: Jason Stephenson <jstephenson at mvlc.org>
+Date: Mon Dec 10 10:29:21 2012 -0500
+
+ LP1076062: Hold overrides not working properly.
+
+ Edit the verify_copy_for_hold helper function to actually work. There
+ were cases where it would permit a copy when it shouldn't and also
+ disallow a copy when it should have allowed it. It now makes better
+ use of the oargs override argument.
+
+ If oargs has an events member, the method now removes the matching from
+ the list of failure events returned by the permit_copy_hold check. It
+ was previously bugged, stopping on the first matching event, clearing
+ the list of failed and events, and returning a value to indicate that
+ the copy is permitted for the hold, even when it may not be.
+
+ If oargs has the "all" member and there are failure events remaining,
+ the function loops through those events checking if the requestor has
+ the override permission for the event. If the requestor does have the
+ override permission, then the event is added to oargs->{events} to be
+ saved for future checks on future copies. It the requestor does not
+ have the override permission, then the event is pushed onto a new array
+ of failed events and also onto oargs->{failed}. The latter is kept
+ to avoid looking up events repeatedly on future copy checks.
+
+ The oargs->{failed} member is added as a shortcut to avoid repeatedly
+ looking up override permissions when the requestor does not have them.
+ It is actually checked, when present, before the user permission is
+ checked with a costly database lookup.
+
+ Since verify_copy_for_hold has no other way to determine that an override
+ was requested, it checks for the events and/or all members of oargs being
+ set and having a value that would evaluate to true. If oargs is undefined,
+ a hashref with no members, or lacks a "true" events or all member, then
+ verify_copy_for_hold functions as though no overrides are requested.
+
+ Additionally, all functions that call verify_copy_for_hold, either directly
+ or indirectly, have had their intro logic modified to only set oargs when
+ an override is requested and oargs is not already set. We make the assump-
+ tion that if oargs is set, it contains the events member. (Perhaps that is
+ a poor assumption, but all of the code so far looks like it will work.)
+
+ Fix test_and_create_hold_batch so that it passes the oargs parameter into
+ open-ils.circ.title_hold.is_possible in the way that check_title_hold (the
+ implementation function) actually expects it to be passed. This also means
+ that we need to delete oargs from the params hashref before creating the
+ hold objects, as that would blow up if it were present.
+
+ Signed-off-by: Jason Stephenson <jstephenson at mvlc.org>
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+
+55 12 Open-ILS/src/perlmods/lib/OpenILS/Application/Circ/Holds.pm
+
+commit 29b6a94d649811aa7f8f2f91fb02cae9e688e94d
+Author: Jason Stephenson <jstephenson at mvlc.org>
+Date: Wed Dec 5 10:20:45 2012 -0500
+
+ Whitespace cleanup on aisle 9!
+
+ Fix whitespace (spaces, not tabs) in OpenILS/Application/Circ/Holds.pm.
+
+ Also, remove trailing whitespace at the end of lines.
+
+ Signed-off-by: Jason Stephenson <jstephenson at mvlc.org>
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+
+689 687 Open-ILS/src/perlmods/lib/OpenILS/Application/Circ/Holds.pm
+
+commit 8362a03a936ab9687a521282a1f8c31c59083532
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Wed Jan 16 09:39:56 2013 -0500
+
+ Avoid CStoreEditor failures on missing log-protect
+
+ When the log_protect configuration chunk is not present in
+ opensrf_core.xml, gracefully move on without it. This prevents errors
+ like:
+
+ Can't call method \"shared\" on an undefined value at
+ /usr/local/share/perl/5.10.1/OpenILS/Utils/CStoreEditor.pm line 646.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Mike Rylander <mrylander at gmail.com>
+
+12 8 Open-ILS/src/perlmods/lib/OpenILS/Utils/CStoreEditor.pm
+
+commit 22ce0de3a8e1b691e2ebbb31ecec3ada50a32eeb
+Author: Thomas Berezansky <tsbere at mvlc.org>
+Date: Fri Nov 2 09:53:30 2012 -0400
+
+ Fix backdate near DST changes
+
+ When the due date and the backdate date are on opposite sides of a DST
+ boundary we were getting an hour off on the checkin time (using the
+ original due date's time).
+
+ This commit changes it so that instead we just set the hour and minute
+ values on the backdate date to the due date's versions, leaving the time
+ zone alone.
+
+ Signed-off-by: Thomas Berezansky <tsbere at mvlc.org>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+3 1 Open-ILS/src/perlmods/lib/OpenILS/Application/Circ/Circulate.pm
+
+commit 20577f1088e310e44922ed0d3b7e3dc863ed39b8
+Author: Galen Charlton <gmc at esilibrary.com>
+Date: Fri Jan 11 13:11:48 2013 -0500
+
+ LP#1098669: improve handling of Content Cafe external content in staff client
+
+ This patch introduces a new TPac content variable, ctx.ext_proto, to
+ specify whether external content should be retrieved via HTTP or HTTPS.
+ ctx.proto can't be used for that purpose since it's set to 'oils' when
+ TPac is running inside the staff client.
+
+ This fixes a bug where Content Cafe reviews wouldn't display in the staff
+ client bib record page and where clicking on the reviews link from search
+ results would open an empty window.
+
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+
+1 0 Open-ILS/src/perlmods/lib/OpenILS/WWW/EGWeb.pm
+1 1 Open-ILS/src/templates/opac/parts/record/summaryplus.tt2
+2 2 Open-ILS/src/templates/opac/parts/result/table.tt2
+
+commit 85ebca17b3c38d330ea209b50f0030b94e216206
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Tue Jan 15 14:08:03 2013 -0500
+
+ 2.3 Release notes update
+
+ Merge the edireader and edi_order_template release notes into the 2.3
+ release notes files. Added a blurb to the Upgrade Notes regarding the
+ lack of an automatic EDI template upgrade.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
+
+66 0 docs/RELEASE_NOTES_2_3.txt
+0 18 docs/RELEASE_NOTES_NEXT/edi_order_template.txt
+0 28 docs/RELEASE_NOTES_NEXT/edireader.txt
+ delete mode 100644 docs/RELEASE_NOTES_NEXT/edi_order_template.txt
+ delete mode 100644 docs/RELEASE_NOTES_NEXT/edireader.txt
+
+commit 5fe74f007ed09acb32a5e092dcba9d61b4d93884
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Mon Oct 1 11:54:00 2012 -0400
+
+ ACQ invoice search persistence repaired
+
+ Use XUL cookieService / cookieManager for managing cookies in embedded
+ web pages, since dojo.cookie cannot manage cookies within xulrunner.
+
+ Persist cookies for 30 days.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Kathy Lussier <klussier at masslnc.org>
+
+58 5 Open-ILS/web/js/ui/default/acq/invoice/view.js
+
+commit 3708c61573ce84ce3e6a9b2df72fd393ee86c406
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Mon Jan 14 22:39:51 2013 -0500
+
+ Docs: minor formatting fixes for "borrowing items" chapter
+
+ * Images need to have a trailing [] ; ideally this would contain the
+ alt text for the image, but the [] is needed to make the images
+ show up at all
+ * Since we're touching the image:: tags anyway, make the filename
+ extensions consistently lower case
+ * Fix a processing error; a bulleted list item wrapped so that > was the
+ first character on a line, which made Asciidoc angry. Easiest thing to
+ do to avoid this is just to indent the wrapped lines for each bullet
+ item, but we'll do the minimal thing and just indent this one line
+ this time.
+ * Fix one instance of Word "smart quotes" having replaced ye olde single
+ quotes.
+
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+
+11 11 docs/admin_initial_setup/borrowing_items.txt
+- - docs/media/circ_example1.PNG
+- - docs/media/circ_example1.png
+- - docs/media/circ_example2.PNG
+- - docs/media/circ_example2.png
+- - docs/media/circ_example3.PNG
+- - docs/media/circ_example3.png
+ delete mode 100644 docs/media/circ_example1.PNG
+ create mode 100644 docs/media/circ_example1.png
+ delete mode 100644 docs/media/circ_example2.PNG
+ create mode 100644 docs/media/circ_example2.png
+ delete mode 100644 docs/media/circ_example3.PNG
+ create mode 100644 docs/media/circ_example3.png
+
+commit edcd696ef6ecffce1758e0d6ab296016d4fb057a
+Author: Kathy Lussier <klussier at masslnc.org>
+Date: Mon Jan 14 21:43:57 2013 -0500
+
+ Borrowing items: who, what, for how long
+
+ Adding Borrowing Items chapter from Evergreen in Action to the official
+ docs.`
+
+ Signed-off-by: Kathy Lussier <klussier at masslnc.org>
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+
+231 0 docs/admin_initial_setup/borrowing_items.txt
+- - docs/media/circ_duration_rules.jpg
+- - docs/media/circ_example1.PNG
+- - docs/media/circ_example2.PNG
+- - docs/media/circ_example3.PNG
+- - docs/media/circ_max_fine_rules.jpg
+- - docs/media/circ_recurring_fine_rules.jpg
+- - docs/media/copy_locations_circulate.png
+2 0 docs/root.txt
+ create mode 100644 docs/admin_initial_setup/borrowing_items.txt
+ create mode 100644 docs/media/circ_duration_rules.jpg
+ create mode 100644 docs/media/circ_example1.PNG
+ create mode 100644 docs/media/circ_example2.PNG
+ create mode 100644 docs/media/circ_example3.PNG
+ create mode 100644 docs/media/circ_max_fine_rules.jpg
+ create mode 100644 docs/media/circ_recurring_fine_rules.jpg
+ create mode 100644 docs/media/copy_locations_circulate.png
+
+commit dcc50208fcb68fc7f56422ebc218b14b0a32f86e
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Tue Sep 11 12:41:08 2012 -0400
+
+ EDI order template improvements (no SQL upgrade script!)
+
+ Improved template for EDI purchase orders. This theoretically just
+ works better where the old template worked. Corrections made for
+ interactions with ULS, Midwest Tape, Baker & Taylor, and Recorded Books
+ especially. GIR segments in the right place.
+
+ And also the template is just more maintainable now.
+
+ **THERE IS NO UPGRADE SCRIPT INCLUDED**. Sites using EDI may not
+ necessarily want to mess with what they already have working.
+
+ If you want the changes, and maybe you do, especially if you're doing
+ enriched ordering and/or ordering from the vendors listed above, you can
+ extract the template changes easily enough yourself from the
+ 950.data.seed-values.sql file.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+164 40 Open-ILS/src/sql/Pg/950.data.seed-values.sql
+18 0 docs/RELEASE_NOTES_NEXT/edi_order_template.txt
+ create mode 100644 docs/RELEASE_NOTES_NEXT/edi_order_template.txt
+
+commit a53c643f54bdb34db7d2b3e3cb9e6974a873f4a8
+Author: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+Date: Mon Jan 14 16:59:12 2013 -0500
+
+ Upgrade script numbering for edireader branch
+
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+1 1 Open-ILS/src/sql/Pg/002.schema.config.sql
+15 0 Open-ILS/src/sql/Pg/upgrade/0751.data.acq_cancel_not_accepted.sql
+0 14 Open-ILS/src/sql/Pg/upgrade/XXXX.data.acq_cancel_not_accepted.sql
+ create mode 100644 Open-ILS/src/sql/Pg/upgrade/0751.data.acq_cancel_not_accepted.sql
+ delete mode 100644 Open-ILS/src/sql/Pg/upgrade/XXXX.data.acq_cancel_not_accepted.sql
+
+commit 17431bb096ce0818310a166b1feffeba83b654d4
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Wed Dec 26 16:27:38 2012 -0500
+
+ EDIReader release notes
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+28 0 docs/RELEASE_NOTES_NEXT/edireader.txt
+ create mode 100644 docs/RELEASE_NOTES_NEXT/edireader.txt
+
+commit 676143704be517eb47ef4ce410ee73dc68576cd8
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Thu Dec 13 09:44:55 2012 -0500
+
+ Handle cancelled (back-order) lineitems in EDI invoice
+
+ Receiving an invoice for a cancelled lineitem mean the lineitem is no
+ longer cancelled. Identify such lineitems and uncancel them along with
+ the requested number of not-yet-invoiced copies.
+
+ This work flow is common for back-order items.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+66 0 Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/EDI.pm
+
+commit 028d8d3d529e3ad96a464a59398ee0c2590539a7
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Wed Dec 12 12:50:47 2012 -0500
+
+ EDIReader: improve monetary regexes
+
+ Make no attempt to enforce/decipher monetary amounts in the regexes,
+ simply capture the values. If they are invalid, Postgres will let us
+ know.
+
+ This change allows us to capture non-numeric (\d) characters (e.g. "."),
+ which are of course common in monetary amounts.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+5 5 Open-ILS/src/perlmods/lib/OpenILS/Utils/EDIReader.pm
+
+commit 2eb7bb6d2b1827a10d6937ae027275f889117f94
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Wed Dec 5 09:34:00 2012 -0500
+
+ EDI invoice date; invoice paid quantity/amount
+
+ * capture the invoice date in EDIReader
+ * apply the invoice date to inbound invoices when available instead of
+ defaulting to 'now'
+ * apply the quantity/amount billed to the quantity/amount paid to reduce
+ staff data entry needs
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+20 7 Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/EDI.pm
+2 1 Open-ILS/src/perlmods/lib/OpenILS/Utils/EDIReader.pm
+
+commit c9e1e9fc06e9f2f1f9a2e4e7a771556da074bd95
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Tue Dec 4 10:00:26 2012 -0500
+
+ EDI: ensure lineitem 'state' matches cancel state
+
+ When cancelling a lineitem becuase all linked copies are cancelled,
+ ensure that the lineitem state is set to "cancelled".
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+9 3 Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/EDI.pm
+
+commit a5aad2e6840359f65a278406da3a0f250f93e20b
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Mon Dec 3 14:51:41 2012 -0500
+
+ EDI response honor lineitem-level status; debit cleanup
+
+ * Honor lineitem-level order status info (FTX+LIN) which indicates, in
+ some cases, that all ordered copies should be cancelled because the LI
+ as a whole is cancelled
+
+ * Delete fund debits for cancelled lineitem details when appropriate
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+139 30 Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/EDI.pm
+5 1 Open-ILS/src/perlmods/lib/OpenILS/Utils/EDIReader.pm
+1 0 Open-ILS/src/sql/Pg/950.data.seed-values.sql
+14 0 Open-ILS/src/sql/Pg/upgrade/XXXX.data.acq_cancel_not_accepted.sql
+ create mode 100644 Open-ILS/src/sql/Pg/upgrade/XXXX.data.acq_cancel_not_accepted.sql
+
+commit b82675e26f0ad627a7276865a9fccb2a6d27fd33
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Mon Dec 3 09:20:29 2012 -0500
+
+ EDI: protect against invalid order response
+
+ Do not attempt to createI EDI messages for order responses which
+ reference nonexistent purchase orders, since it results in
+ transaction commit errors on invalid foreign keys, preventing
+ subsequent EDI files from getting processed. Instead, log it
+ and skip it.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+4 0 Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/EDI.pm
+
+commit 721781979545d0a9fdb335de706d58b07cbf0ba2
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Mon Nov 12 09:35:53 2012 -0500
+
+ EDIReader : detect SAN vs. account number in buyer/seller
+
+ NAD+BY+XXXXXXX::31B' -- SAN
+ NAD+BY+YYYYYYY::91' -- Account number
+
+ For invoices, try the SAN first followed by the account number to
+ determine the receiving org unit.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+32 17 Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/EDI.pm
+4 2 Open-ILS/src/perlmods/lib/OpenILS/Utils/EDIReader.pm
+
+commit e52692104abeaf6da197c2b010f64f2e4b3ccadf
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Fri Sep 28 10:34:28 2012 -0400
+
+ Custom/local EDI reader module for ORDRSP and INVOIC (etc)
+
+ Provides a new perl module (OpenILS::Utils::EDIReader) for reading
+ inbound EDI messages and producing data structures more easily
+ understood by the ACQ code. Through this, extraction of EDI data is
+ focused in one module instead of spread through various layers.
+
+ EDIReader is a small, purpose built module focusing solely on extracting
+ the needed EDI data and is not meant to be a general purpose EDI library.
+
+ * Updates edi_fetcher and the ORDRSP and INVOIC handling code to use the
+ new libs.
+
+ * Removes Business::EDI Evergreen dependency, since it's no longer used (and
+ is quite large).
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+
+0 1 Open-ILS/src/extras/Makefile.install
+0 1 Open-ILS/src/perlmods/Build.PL
+252 598 Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/EDI.pm
+158 0 Open-ILS/src/perlmods/lib/OpenILS/Utils/EDIReader.pm
+12 1 Open-ILS/src/perlmods/t/14-OpenILS-Utils.t
+1 2 Open-ILS/src/support-scripts/edi_fetcher.pl
+9 0 Open-ILS/src/support-scripts/test-scripts/edi_reader.pl
+ create mode 100644 Open-ILS/src/perlmods/lib/OpenILS/Utils/EDIReader.pm
+ create mode 100755 Open-ILS/src/support-scripts/test-scripts/edi_reader.pl
+
+commit 56dfac8d77fd0e309ca3bf09946389abecd652c2
+Author: Jason Stephenson <jstephenson at mvlc.org>
+Date: Fri Jan 11 08:49:11 2013 -0500
+
+ Fix a data destruction bug when authorities are updated.
+
+ Modify the two-argument form of vandelay.merge_record_xml to return
+ the target_marc when the add_rule, preserve_rule, replace_rule and
+ strip_rule are all empty.
+
+ This method is used by authority.propagate_changes and would replace
+ the bibliographic record's marc with the overlay template when the
+ above would happen. By returning the biblographic record entry's own
+ marc in that case, we prevent data destruction.
+
+ Additionally, protect bib and authority template overlay functions
+ in the same manner.
+
+ Commit includes an upgrade script for this change as well as
+ for the previous commit's authority.generate_overlay_template fix.
+
+ Signed-off-by: Jason Stephenson <jstephenson at mvlc.org>
+ Signed-off-by: Mike Rylander <mrylander at gmail.com>
+
+1 1 Open-ILS/src/sql/Pg/002.schema.config.sql
+12 3 Open-ILS/src/sql/Pg/012.schema.vandelay.sql
+275 0 Open-ILS/src/sql/Pg/upgrade/0750.function.authority.generate_overlay_template.sql
+ create mode 100644 Open-ILS/src/sql/Pg/upgrade/0750.function.authority.generate_overlay_template.sql
+
+commit 8ceb28247f531da78f12a15916bc85fd7122baeb
+Author: Mike Rylander <mrylander at gmail.com>
+Date: Thu Jan 10 16:35:44 2013 -0500
+
+ Only consider main entry headings for bib overlay
+
+ Restrict the authority fields we will pull overlay data from to those
+ that do not subordinate themselves to other authority fields. That
+ is, skip see-from/see-also/etc for bib overlay.
+
+ Signed-off-by: Mike Rylander <mrylander at gmail.com>
+ Signed-off-by: Jason Stephenson <jstephenson at mvlc.org>
+
+1 1 Open-ILS/src/sql/Pg/011.schema.authority.sql
+
+commit 7361a8df216e527bd4ed8c4ade276bd357352944
+Author: Kathy Lussier <klussier at masslnc.org>
+Date: Sat Jan 5 22:01:54 2013 -0500
+
+ Adding Designing Your Catalog chapter from the Evergreen In Action manual.
+
+ Signed-off-by: Kathy Lussier <klussier at masslnc.org>
+
+ Minor fixes to "Designing your catalog" chapter
+
+ Some strange Latin-1 characters were giving Asciidoc fits...
+
+ Signed-off-by: Dan Scott <dan at coffeecode.net>
+ Signed-off-by: Kathy Lussier <klussier at masslnc.org>
+
+561 0 docs/admin_initial_setup/designing_your_catalog.txt
+2 0 docs/root.txt
+ create mode 100644 docs/admin_initial_setup/designing_your_catalog.txt
+
+commit 973ff08e281de48342f9227dc949837c3ce4fa66
+Author: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+Date: Wed Jan 9 16:20:39 2013 -0500
+
+ LP #1075167: Serials: Avoid infinite loop in holdings summarization
+
+ When receiving items with unworkable combinations of holdings and
+ patterns, the holdings summarization code can get stuck in an infinite
+ loop. This solution prevents that, sparing the open-ils.serial
+ process and server resources, although it doesn't help the user out.
+
+ It will take further examination of the problem and reëvalution of how
+ we deal with problems reported by OpenILS::Utils::MFHD to help the
+ user avoid or resolve these situations.
+
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+ Signed-off-by: Dan Wells <dbw2 at calvin.edu>
+
+3 0 Open-ILS/src/perlmods/lib/OpenILS/Utils/MFHD.pm
+1 1 Open-ILS/src/perlmods/lib/OpenILS/Utils/MFHD/Caption.pm
+
+commit bed345c3da99ab1c838baf42c5b0bfc5a746b17c
+Author: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+Date: Fri Oct 5 18:42:11 2012 -0400
+
+ Acq: When invoice-building with embedded search, allow control of results list
+
+ Previously, a results list could accumulate under inconsistent
+ conditions. You'd get an accumulating results list if you were pressing
+ enter after successful searches, but your results lists would clear if
+ you actually clicked the Search button. Worse, searches yielding empty
+ result sets would *appear* to clear your result list, but subsequent
+ sucessful searches would restore what was there before.
+
+ This is the "missing commit" that makes the behavior consistent and
+ togglable.
+
+ Signed-off-by: Lebbeous Fogle-Weekley <lebbeous at esilibrary.com>
+ Signed-off-by: Kathy Lussier <klussier at masslnc.org>
+ Signed-off-by: Jason Stephenson <jstephenson at mvlc.org>
+
+11 5 Open-ILS/src/templates/acq/invoice/view.tt2
+1 2 Open-ILS/src/templates/acq/search/unified.tt2
+12 2 Open-ILS/web/js/ui/default/acq/invoice/view.js
+12 4 Open-ILS/web/js/ui/default/acq/search/unified.js
+
+commit ba61b7aa214c77f67d7651006a542baa86d40142
+Author: Galen Charlton <gmc at esilibrary.com>
+Date: Fri Jan 4 14:33:28 2013 -0500
+
+ fix user session management for MARC Batch Edit
+
+ The Javascript in the hardcoded page templates was
+ not checking the XUL stash for the session key when
+ run from the staff client; this is now needed as
+ a result of the XULRunner updates introdued by
+ commit adee850f.
+
+ As a consequence, the list of the user's record buckets
+ was not retrieved, and attempts to run a batch edit
+ would spin without updating any records.
+
+ This fixes LP#1048707 and LP#1054277.
+
+ Signed-off-by: Galen Charlton <gmc at esilibrary.com>
+ Signed-off-by: Mike Rylander <mrylander at gmail.com>
+
+16 2 Open-ILS/src/perlmods/lib/OpenILS/WWW/TemplateBatchBibUpdate.pm
+
+commit ebba327c695c41dd07e499f23ac52de265d30ea1
+Author: Robert Soulliere <robert.soulliere at mohawkcollege.ca>
+Date: Thu Jan 3 14:23:54 2013 -0500
+
+ Documentation: Update upgrade instructions.
+
+ Also add a few index terms.
+
+ Signed-off-by: Robert Soulliere <robert.soulliere at mohawkcollege.ca>
+
+22 11 docs/installation/server_upgrade.txt
+
+commit ac3adf79ee0e22c72fe9c06829e2c237db5a8519
+Author: Ben Shum <bshum at biblio.org>
+Date: Sun Dec 23 20:46:02 2012 -0500
+
+ LP1092937 - fix title/author in alternate pull list
+
+ Clicking on Print Full Pull List (Alternate strategy) no longer showed
+ the title and author columns for hold pull lists.
+
+ It seems that adding quotes around the tag lookups was all that was
+ required to bring these back for now. Long-term, it still seems better
+ to continue moving towards fewer pull list interfaces.
+
+ Signed-off-by: Ben Shum <bshum at biblio.org>
+ Signed-off-by: Kathy Lussier <klussier at masslnc.org>
+
+2 2 Open-ILS/web/opac/extras/circ/alt_holds_print.html
+
+commit 1372acf295acf0438cccaab15223db18945164d6
+Author: Thomas Berezansky <tsbere at mvlc.org>
+Date: Tue Oct 2 13:31:13 2012 -0400
+
+ TPAC - SMS Number Munging
+
+ Addresses LP bug 1016654 - Despite the hint telling users not to use
+ hyphens when entering a text notification number, we have patrons who
+ are entering the hyphens causing the text notification to fail.
+
+ Munge "pretty printed" numbers into raw sets of digits in the A/T helper.
+
+ This allows aliases to still work for services that support them.
+
+ Signed-off-by: Thomas Berezansky <tsbere at mvlc.org>
+ Signed-off-by: Michael Peters <mrpeters at library.in.gov>
+ Signed-off-by: Ben Shum <bshum at biblio.org>
+
+6 0 Open-ILS/src/perlmods/lib/OpenILS/Application/Trigger/Reactor.pm
+
+commit 70f19d8ecddd21953d978f255f8fd0bb172dc680
+Author: Ben Shum <bshum at biblio.org>
+Date: Sun Dec 23 15:38:43 2012 -0500
+
+ Stamping upgrade script for index corporate authors
+
+ Signed-off-by: Ben Shum <bshum at biblio.org>
+
+1 1 Open-ILS/src/sql/Pg/002.schema.config.sql
+25 0 Open-ILS/src/sql/Pg/upgrade/0749.data.index_corporate_authors.sql
+0 18 Open-ILS/src/sql/Pg/upgrade/XXXX.data.index_corporate_authors.sql
+ create mode 100644 Open-ILS/src/sql/Pg/upgrade/0749.data.index_corporate_authors.sql
+ delete mode 100644 Open-ILS/src/sql/Pg/upgrade/XXXX.data.index_corporate_authors.sql
+
+commit a4cbec6a24ea4f4dce22471c8563f00f85a956b4
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Tue Oct 30 12:08:54 2012 -0400
+
+ Index corporate authors based on relator codes
+
+ The existing stock index for corporate authors only kicks in if the
+ 710 subfield 'e' == 'creator', but relator codes (in subfield '4') are
+ by many accounts a preferred mode of identifying the relationship of an
+ added entry. Thus, add '4' == ('aut' or 'cre') to the criteria for
+ indexing a corporate author.
+
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+ Signed-off-by: Ben Shum <bshum at biblio.org>
+
+1 1 Open-ILS/src/sql/Pg/950.data.seed-values.sql
+18 0 Open-ILS/src/sql/Pg/upgrade/XXXX.data.index_corporate_authors.sql
+ create mode 100644 Open-ILS/src/sql/Pg/upgrade/XXXX.data.index_corporate_authors.sql
+
+commit aafe1c65d104c75453133ba97e662846a8549cd4
+Author: Ben Shum <bshum at biblio.org>
+Date: Thu Dec 20 14:32:46 2012 -0500
+
+ LP 1088561 - part 2, fix all update forms to not show saved passwords
+
+ Bug re-opened due to locating a few other locations in my account area
+ where the password was being saved by browsers like Firefox instead of
+ requiring users to key in current password to make changes.
+
+ This patch covers those two additional cases and changes the quoting
+ around the first case to be more consistent with the rest of the line.
+
+ Signed-off-by: Ben Shum <bshum at biblio.org>
+ Signed-off-by: Simon Mai <hieu.mai at mnsu.edu>
+
+1 1 Open-ILS/src/templates/opac/myopac/update_email.tt2
+1 1 Open-ILS/src/templates/opac/myopac/update_password.tt2
+1 1 Open-ILS/src/templates/opac/myopac/update_username.tt2
+
+commit e0a4bf8cda8d20c009934d0a76623fea5330cf5a
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Sun Dec 16 09:09:03 2012 -0500
+
+ TPAC: Fallback default value for facet.default_display_count
+
+ Open-ILS/templates/opac/parts/result/facets.tt2 assigns the value of
+ facet.default_display_count to DEFAULT_DISPLAY_COUNT and then uses the
+ latter in a number of comparisons. facet.default_display_count is
+ expected to be defined in config.tt2; however, on upgrade, sites with
+ many override templates may not realize that they need to define that
+ value in config.tt2. If they do not, then the result is a strange facet
+ display where only the facet category header shows, with no facets, and
+ Apache error log messages like:
+
+ Argument "" isn't numeric in numeric gt (>) at
+ /openils/var/templates/opac/parts/result/facets.tt2 line 72.
+
+ This simple defensive fix assigns a fallback default value if one was
+ not provided in config.tt2
+
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+ Signed-off-by: Ben Shum <bshum at biblio.org>
+
+2 1 Open-ILS/src/templates/opac/parts/result/facets.tt2
+
+commit 87670e0846606045c5446a2515636b497b414c27
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Fri Dec 21 21:15:49 2012 -0500
+
+ Facets should not be sticky when users click "Search"
+
+ We were using a hidden form variable to track which facets were in use,
+ at the same time as relying on the GET params to actually display the
+ facets, and munging the links on the remaining facets to properly
+ add/subtract facets.
+
+ The result of the hidden form variable was that:
+
+ 1) clicking the Search button would unexpectedly result in the facet
+ applying to the new search (wat)
+
+ 2) applying two facets at once and then searching again would result
+ in the facet vars being treated as a raw array.
+
+ Thanks to Dan Pearl for inspiring this patch with his fix for the latter
+ problem, and Kathy Lussier's recognition of the basic problem.
+
+ Closes LP# 1092946 and 1091659.
+
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+ Signed-off-by: Ben Shum <bshum at biblio.org>
+
+0 3 Open-ILS/src/templates/opac/results.tt2
+
+commit e794631d602a676ad407ab721b730791c1c906da
+Author: Jason Etheridge <jason at esilibrary.com>
+Date: Fri Dec 21 07:26:36 2012 -0500
+
+ lp1090867 Hide Fields undefined var error
+
+ This fixes the "Error in widget_prompt.js, my_init(): TypeError: offlineStrings
+ is undefined" error.
+
+ Signed-off-by: Jason Etheridge <jason at esilibrary.com>
+ Signed-off-by: Ben Shum <bshum at biblio.org>
+
+4 0 Open-ILS/xul/staff_client/chrome/content/util/widget_prompt.js
+
+commit b6bacb792e0e0de13b25f9960d6f67570f102d41
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Thu Dec 20 16:48:56 2012 -0500
+
+ Copy 2.3.1-2.3.2 SQL upgrade script into place
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+
+69 0 Open-ILS/src/sql/Pg/version-upgrade/2.3.1-2.3.2-upgrade-db.sql
+ create mode 100644 Open-ILS/src/sql/Pg/version-upgrade/2.3.1-2.3.2-upgrade-db.sql
+
+commit d67595ba7a88c6ee9be127e21dc9729d5b1b428e
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Thu Dec 20 16:48:42 2012 -0500
+
+ Copy 2.3.0-2.3.1 SQL upgrade script into place
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+
+272 0 Open-ILS/src/sql/Pg/version-upgrade/2.3.0-2.3.1-upgrade-db.sql
+ create mode 100644 Open-ILS/src/sql/Pg/version-upgrade/2.3.0-2.3.1-upgrade-db.sql
+
+commit e9235d41c329212ad7484ca708525aa2366ca9a4
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Thu Dec 20 11:36:42 2012 -0500
+
+ Update "Adding a data source to the reporter" docs
+
+ A little bit of formatting clean-up, a little bit of extra information.
+
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+
+58 28 docs/reports/reporter_add_data_source.txt
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application.pm
index cd4dbbf..c5d68fc 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application.pm
@@ -6,7 +6,7 @@ use base qw/OpenSRF::Application/;
sub ils_version {
# version format is "x-y-z", for example "2-0-0" for Evergreen 2.0.0
# For branches, format is "x-y"
- return "HEAD";
+ return "2-3-3";
}
__PACKAGE__->register_method(
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql
index 25fa292..1c95ff8 100644
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -88,6 +88,7 @@ CREATE TRIGGER no_overlapping_deps
FOR EACH ROW EXECUTE PROCEDURE evergreen.array_overlap_check ('deprecates');
INSERT INTO config.upgrade_log (version, applied_to) VALUES ('0751', :eg_version); -- berick/senator
+INSERT INTO config.upgrade_log (version, applied_to) VALUES ('2.3.3', :eg_version);
CREATE TABLE config.bib_source (
id SERIAL PRIMARY KEY,
diff --git a/Open-ILS/src/sql/Pg/version-upgrade/2.3.2-2.3.3-upgrade-db.sql b/Open-ILS/src/sql/Pg/version-upgrade/2.3.2-2.3.3-upgrade-db.sql
new file mode 100644
index 0000000..1773eda
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/version-upgrade/2.3.2-2.3.3-upgrade-db.sql
@@ -0,0 +1,314 @@
+--Upgrade Script for 2.3.2 to 2.3.3
+\set eg_version '''2.3.3'''
+BEGIN;
+INSERT INTO config.upgrade_log (version, applied_to) VALUES ('2.3.3', :eg_version);
+-- Use MARC relator codes (710 subfield 4) to index corporate authors, along
+-- with the existing relator text (710 subfield e)
+
+
+-- check whether patch can be applied
+SELECT evergreen.upgrade_deps_block_check('0749', :eg_version);
+
+UPDATE config.metabib_field
+ SET xpath = $$//mods32:mods/mods32:name[@type='corporate'
+ and (mods32:role/mods32:roleTerm[text()='creator']
+ or mods32:role/mods32:roleTerm[text()='aut']
+ or mods32:role/mods32:roleTerm[text()='cre']
+ )]$$
+ WHERE id = 7
+;
+
+SELECT metabib.reingest_metabib_field_entries(record, TRUE, TRUE, FALSE)
+ FROM metabib.full_rec
+ WHERE tag = '710'
+ AND subfield = '4'
+ AND value IN ('cre', 'aut')
+;
+
+-- Only consider main entry headings for bib overlay
+
+
+-- check whether patch can be applied
+SELECT evergreen.upgrade_deps_block_check('0750', :eg_version);
+
+
+-- Function to generate an ephemeral overlay template from an authority record
+CREATE OR REPLACE FUNCTION authority.generate_overlay_template (source_xml TEXT) RETURNS TEXT AS $f$
+DECLARE
+ cset INT;
+ main_entry authority.control_set_authority_field%ROWTYPE;
+ bib_field authority.control_set_bib_field%ROWTYPE;
+ auth_id INT DEFAULT oils_xpath_string('//*[@tag="901"]/*[local-name()="subfield" and @code="c"]', source_xml)::INT;
+ replace_data XML[] DEFAULT '{}'::XML[];
+ replace_rules TEXT[] DEFAULT '{}'::TEXT[];
+ auth_field XML[];
+BEGIN
+ IF auth_id IS NULL THEN
+ RETURN NULL;
+ END IF;
+
+ -- Default to the LoC controll set
+ SELECT control_set INTO cset FROM authority.record_entry WHERE id = auth_id;
+
+ -- if none, make a best guess
+ IF cset IS NULL THEN
+ SELECT control_set INTO cset
+ FROM authority.control_set_authority_field
+ WHERE tag IN (
+ SELECT UNNEST(XPATH('//*[starts-with(@tag,"1")]/@tag',marc::XML)::TEXT[])
+ FROM authority.record_entry
+ WHERE id = auth_id
+ )
+ LIMIT 1;
+ END IF;
+
+ -- if STILL none, no-op change
+ IF cset IS NULL THEN
+ RETURN XMLELEMENT(
+ name record,
+ XMLATTRIBUTES('http://www.loc.gov/MARC21/slim' AS xmlns),
+ XMLELEMENT( name leader, '00881nam a2200193 4500'),
+ XMLELEMENT(
+ name datafield,
+ XMLATTRIBUTES( '905' AS tag, ' ' AS ind1, ' ' AS ind2),
+ XMLELEMENT(
+ name subfield,
+ XMLATTRIBUTES('d' AS code),
+ '901c'
+ )
+ )
+ )::TEXT;
+ END IF;
+
+ FOR main_entry IN SELECT * FROM authority.control_set_authority_field acsaf WHERE acsaf.control_set = cset AND acsaf.main_entry IS NULL LOOP
+ auth_field := XPATH('//*[@tag="'||main_entry.tag||'"][1]',source_xml::XML);
+ IF ARRAY_LENGTH(auth_field,1) > 0 THEN
+ FOR bib_field IN SELECT * FROM authority.control_set_bib_field WHERE authority_field = main_entry.id LOOP
+ replace_data := replace_data || XMLELEMENT( name datafield, XMLATTRIBUTES(bib_field.tag AS tag), XPATH('//*[local-name()="subfield"]',auth_field[1])::XML[]);
+ replace_rules := replace_rules || ( bib_field.tag || main_entry.sf_list || E'[0~\\)' || auth_id || '$]' );
+ END LOOP;
+ EXIT;
+ END IF;
+ END LOOP;
+
+ RETURN XMLELEMENT(
+ name record,
+ XMLATTRIBUTES('http://www.loc.gov/MARC21/slim' AS xmlns),
+ XMLELEMENT( name leader, '00881nam a2200193 4500'),
+ replace_data,
+ XMLELEMENT(
+ name datafield,
+ XMLATTRIBUTES( '905' AS tag, ' ' AS ind1, ' ' AS ind2),
+ XMLELEMENT(
+ name subfield,
+ XMLATTRIBUTES('r' AS code),
+ ARRAY_TO_STRING(replace_rules,',')
+ )
+ )
+ )::TEXT;
+END;
+$f$ STABLE LANGUAGE PLPGSQL;
+
+-- Change the two argument form of vandelay.merge_record_xml to
+-- prevent bibliographic record destruction when there is nothing to
+-- do.
+
+
+CREATE OR REPLACE FUNCTION vandelay.merge_record_xml ( target_marc TEXT, template_marc TEXT ) RETURNS TEXT AS $$
+DECLARE
+ dyn_profile vandelay.compile_profile%ROWTYPE;
+ replace_rule TEXT;
+ tmp_marc TEXT;
+ trgt_marc TEXT;
+ tmpl_marc TEXT;
+ match_count INT;
+BEGIN
+
+ IF target_marc IS NULL OR template_marc IS NULL THEN
+ -- RAISE NOTICE 'no marc for target or template record';
+ RETURN NULL;
+ END IF;
+
+ dyn_profile := vandelay.compile_profile( template_marc );
+
+ IF dyn_profile.replace_rule <> '' AND dyn_profile.preserve_rule <> '' THEN
+ -- RAISE NOTICE 'both replace [%] and preserve [%] specified', dyn_profile.replace_rule, dyn_profile.preserve_rule;
+ RETURN NULL;
+ END IF;
+
+ IF dyn_profile.replace_rule = '' AND dyn_profile.preserve_rule = '' AND dyn_profile.add_rule = '' THEN
+ --Since we have nothing to do, just return what we were given.
+ RETURN target_marc;
+ ELSIF dyn_profile.replace_rule <> '' THEN
+ trgt_marc = target_marc;
+ tmpl_marc = template_marc;
+ replace_rule = dyn_profile.replace_rule;
+ ELSE
+ tmp_marc = target_marc;
+ trgt_marc = template_marc;
+ tmpl_marc = tmp_marc;
+ replace_rule = dyn_profile.preserve_rule;
+ END IF;
+
+ RETURN vandelay.merge_record_xml( trgt_marc, tmpl_marc, dyn_profile.add_rule, replace_rule, dyn_profile.strip_rule );
+
+END;
+$$ LANGUAGE PLPGSQL;
+
+CREATE OR REPLACE FUNCTION vandelay.template_overlay_bib_record ( v_marc TEXT, eg_id BIGINT, merge_profile_id INT ) RETURNS BOOL AS $$
+DECLARE
+ merge_profile vandelay.merge_profile%ROWTYPE;
+ dyn_profile vandelay.compile_profile%ROWTYPE;
+ editor_string TEXT;
+ editor_id INT;
+ source_marc TEXT;
+ target_marc TEXT;
+ eg_marc TEXT;
+ replace_rule TEXT;
+ match_count INT;
+BEGIN
+
+ SELECT b.marc INTO eg_marc
+ FROM biblio.record_entry b
+ WHERE b.id = eg_id
+ LIMIT 1;
+
+ IF eg_marc IS NULL OR v_marc IS NULL THEN
+ -- RAISE NOTICE 'no marc for template or bib record';
+ RETURN FALSE;
+ END IF;
+
+ dyn_profile := vandelay.compile_profile( v_marc );
+
+ IF merge_profile_id IS NOT NULL THEN
+ SELECT * INTO merge_profile FROM vandelay.merge_profile WHERE id = merge_profile_id;
+ IF FOUND THEN
+ dyn_profile.add_rule := BTRIM( dyn_profile.add_rule || ',' || COALESCE(merge_profile.add_spec,''), ',');
+ dyn_profile.strip_rule := BTRIM( dyn_profile.strip_rule || ',' || COALESCE(merge_profile.strip_spec,''), ',');
+ dyn_profile.replace_rule := BTRIM( dyn_profile.replace_rule || ',' || COALESCE(merge_profile.replace_spec,''), ',');
+ dyn_profile.preserve_rule := BTRIM( dyn_profile.preserve_rule || ',' || COALESCE(merge_profile.preserve_spec,''), ',');
+ END IF;
+ END IF;
+
+ IF dyn_profile.replace_rule <> '' AND dyn_profile.preserve_rule <> '' THEN
+ -- RAISE NOTICE 'both replace [%] and preserve [%] specified', dyn_profile.replace_rule, dyn_profile.preserve_rule;
+ RETURN FALSE;
+ END IF;
+
+ IF dyn_profile.replace_rule = '' AND dyn_profile.preserve_rule = '' AND dyn_profile.add_rule = '' AND dyn_profile.strip_rule = '' THEN
+ --Since we have nothing to do, just return a NOOP "we did it"
+ RETURN TRUE;
+ ELSIF dyn_profile.replace_rule <> '' THEN
+ source_marc = v_marc;
+ target_marc = eg_marc;
+ replace_rule = dyn_profile.replace_rule;
+ ELSE
+ source_marc = eg_marc;
+ target_marc = v_marc;
+ replace_rule = dyn_profile.preserve_rule;
+ END IF;
+
+ UPDATE biblio.record_entry
+ SET marc = vandelay.merge_record_xml( target_marc, source_marc, dyn_profile.add_rule, replace_rule, dyn_profile.strip_rule )
+ WHERE id = eg_id;
+
+ IF NOT FOUND THEN
+ -- RAISE NOTICE 'update of biblio.record_entry failed';
+ RETURN FALSE;
+ END IF;
+
+ RETURN TRUE;
+
+END;
+$$ LANGUAGE PLPGSQL;
+
+CREATE OR REPLACE FUNCTION vandelay.overlay_authority_record ( import_id BIGINT, eg_id BIGINT, merge_profile_id INT ) RETURNS BOOL AS $$
+DECLARE
+ merge_profile vandelay.merge_profile%ROWTYPE;
+ dyn_profile vandelay.compile_profile%ROWTYPE;
+ source_marc TEXT;
+ target_marc TEXT;
+ eg_marc TEXT;
+ v_marc TEXT;
+ replace_rule TEXT;
+ match_count INT;
+BEGIN
+
+ SELECT b.marc INTO eg_marc
+ FROM authority.record_entry b
+ JOIN vandelay.authority_match m ON (m.eg_record = b.id AND m.queued_record = import_id)
+ LIMIT 1;
+
+ SELECT q.marc INTO v_marc
+ FROM vandelay.queued_record q
+ JOIN vandelay.authority_match m ON (m.queued_record = q.id AND q.id = import_id)
+ LIMIT 1;
+
+ IF eg_marc IS NULL OR v_marc IS NULL THEN
+ -- RAISE NOTICE 'no marc for vandelay or authority record';
+ RETURN FALSE;
+ END IF;
+
+ dyn_profile := vandelay.compile_profile( v_marc );
+
+ IF merge_profile_id IS NOT NULL THEN
+ SELECT * INTO merge_profile FROM vandelay.merge_profile WHERE id = merge_profile_id;
+ IF FOUND THEN
+ dyn_profile.add_rule := BTRIM( dyn_profile.add_rule || ',' || COALESCE(merge_profile.add_spec,''), ',');
+ dyn_profile.strip_rule := BTRIM( dyn_profile.strip_rule || ',' || COALESCE(merge_profile.strip_spec,''), ',');
+ dyn_profile.replace_rule := BTRIM( dyn_profile.replace_rule || ',' || COALESCE(merge_profile.replace_spec,''), ',');
+ dyn_profile.preserve_rule := BTRIM( dyn_profile.preserve_rule || ',' || COALESCE(merge_profile.preserve_spec,''), ',');
+ END IF;
+ END IF;
+
+ IF dyn_profile.replace_rule <> '' AND dyn_profile.preserve_rule <> '' THEN
+ -- RAISE NOTICE 'both replace [%] and preserve [%] specified', dyn_profile.replace_rule, dyn_profile.preserve_rule;
+ RETURN FALSE;
+ END IF;
+
+ IF dyn_profile.replace_rule = '' AND dyn_profile.preserve_rule = '' AND dyn_profile.add_rule = '' AND dyn_profile.strip_rule = '' THEN
+ --Since we have nothing to do, just return a NOOP "we did it"
+ RETURN TRUE;
+ ELSIF dyn_profile.replace_rule <> '' THEN
+ source_marc = v_marc;
+ target_marc = eg_marc;
+ replace_rule = dyn_profile.replace_rule;
+ ELSE
+ source_marc = eg_marc;
+ target_marc = v_marc;
+ replace_rule = dyn_profile.preserve_rule;
+ END IF;
+
+ UPDATE authority.record_entry
+ SET marc = vandelay.merge_record_xml( target_marc, source_marc, dyn_profile.add_rule, replace_rule, dyn_profile.strip_rule )
+ WHERE id = eg_id;
+
+ IF FOUND THEN
+ UPDATE vandelay.queued_authority_record
+ SET imported_as = eg_id,
+ import_time = NOW()
+ WHERE id = import_id;
+ RETURN TRUE;
+ END IF;
+
+ -- RAISE NOTICE 'update of authority.record_entry failed';
+
+ RETURN FALSE;
+
+END;
+$$ LANGUAGE PLPGSQL;
+
+
+SELECT evergreen.upgrade_deps_block_check('0751', :eg_version);
+
+INSERT INTO acq.cancel_reason (keep_debits, id, org_unit, label, description)
+ VALUES (
+ 'f',
+ 1007,
+ 1,
+ 'Not accepted',
+ 'This line item is not accepted by the seller.'
+ );
+
+
+COMMIT;
diff --git a/Open-ILS/xul/staff_client/chrome/content/main/about.html b/Open-ILS/xul/staff_client/chrome/content/main/about.html
index 2609bb6..5205cd9 100644
--- a/Open-ILS/xul/staff_client/chrome/content/main/about.html
+++ b/Open-ILS/xul/staff_client/chrome/content/main/about.html
@@ -1,7 +1,7 @@
<html><head><script></script></head><body onload="var x = document.getElementById('version'); var version ='/xul/server/'.split(/\//)[2]; if (version == 'server') { version = 'versionless debug build'; } x.appendChild(document.createTextNode(version));">
<h1 style="text-decoration: underline">Evergreen</h1>
<p>Target Server ID: <span id="version"></span></p>
-<p>$HeadURL$</p>
+<p>http://git.evergreen-ils.org/Evergreen.git?h=refs/heads/rel_2_3_3</p>
<h2>What is Evergreen?</h2>
<blockquote>
<p>
diff --git a/Open-ILS/xul/staff_client/defaults/preferences/prefs.js b/Open-ILS/xul/staff_client/defaults/preferences/prefs.js
index 6352b6e..fbade4b 100644
--- a/Open-ILS/xul/staff_client/defaults/preferences/prefs.js
+++ b/Open-ILS/xul/staff_client/defaults/preferences/prefs.js
@@ -11,7 +11,7 @@ pref("toolkit.singletonWindowType", "eg_main");
pref("open-ils.enable_join_tabs", true);
// We'll use this one to help brand some build information into the client, and rely on subversion keywords
-pref("open-ils.repository.headURL","$HeadURL$");
+pref("open-ils.repository.headURL","http://git.evergreen-ils.org/Evergreen.git?h=refs/heads/rel_2_3_3");
pref("open-ils.repository.author","$Author$");
pref("open-ils.repository.revision","$Revision$");
pref("open-ils.repository.date","$Date$");
diff --git a/Open-ILS/xul/staff_client/windowssetup.nsi b/Open-ILS/xul/staff_client/windowssetup.nsi
index e0bc1ef..e7e96bb 100644
--- a/Open-ILS/xul/staff_client/windowssetup.nsi
+++ b/Open-ILS/xul/staff_client/windowssetup.nsi
@@ -3,7 +3,7 @@
; HM NIS Edit Wizard helper defines
; Old versions of makensis don't like this, moved to Makefile
;!define /file PRODUCT_VERSION "client/VERSION"
-!define PRODUCT_TAG "Master"
+!define PRODUCT_TAG "2.3"
!define PRODUCT_INSTALL_TAG "${PRODUCT_TAG}"
!define UI_IMAGESET "beta"
;!define UI_IMAGESET "release"
diff --git a/README b/README
deleted file mode 120000
index b57451a..0000000
--- a/README
+++ /dev/null
@@ -1 +0,0 @@
-docs/installation/server_installation.txt
\ No newline at end of file
diff --git a/README b/README
new file mode 100644
index 0000000..babd05b
--- /dev/null
+++ b/README
@@ -0,0 +1,549 @@
+Installing the Evergreen server
+===============================
+:toc:
+:numbered:
+
+Preamble: referenced user accounts
+----------------------------------
+
+In subsequent sections, we will refer to a number of different accounts, as
+follows:
+
+ * Linux user accounts:
+ ** The *user* Linux account is the account that you use to log onto the
+ Linux system as a regular user.
+ ** The *root* Linux account is an account that has system administrator
+ privileges. On Debian and Fedora you can switch to this account from
+ your *user* account by issuing the `su -` command and entering the
+ password for the *root* account when prompted. On Ubuntu you can switch
+ to this account from your *user* account using the `sudo su -` command
+ and entering the password for your *user* account when prompted.
+ ** The *opensrf* Linux account is an account that you create when installing
+ OpenSRF. You can switch to this account from the *root* account by
+ issuing the `su - opensrf` command.
+ ** The *postgres* Linux account is created automatically when you install
+ the PostgreSQL database server. You can switch to this account from the
+ *root* account by issuing the `su - postgres` command.
+ * PostgreSQL user accounts:
+ ** The *evergreen* PostgreSQL account is a superuser account that you will
+ create to connect to the PostgreSQL database server.
+ * Evergreen administrator account:
+ ** The *egadmin* Evergreen account is an administrator account for
+ Evergreen that you will use to test connectivity and configure your
+ Evergreen instance.
+
+Preamble: developer instructions
+--------------------------------
+
+[NOTE]
+Skip this section if you are using an official release tarball downloaded
+from http://evergreen-ils.org/downloads
+
+Developers working directly with the source code from the Git repository,
+rather than an official release tarball, must install some extra packages
+and perform one step before they can proceed with the `./configure` step.
+
+As the *root* Linux account, install the following packages:
+
+ * autoconf
+ * automake
+ * libtool
+
+As the *user* Linux account, issue the following command in the Evergreen
+source directory to generate the configure script and Makefiles:
+
+[source, bash]
+------------------------------------------------------------------------------
+autoreconf -i
+------------------------------------------------------------------------------
+
+After running `make install`, developers also need to install the Dojo Toolkit
+set of JavaScript libraries. The appropriate version of Dojo is included
+in Evergreen release tarballs. Developers should install the Dojo 1.3.3
+version of Dojo by issuing the following commands as the *opensrf* Linux
+account:
+
+[source, bash]
+------------------------------------------------------------------------------
+wget http://download.dojotoolkit.org/release-1.3.3/dojo-release-1.3.3.tar.gz
+tar -C /openils/var/web/js -xzf dojo-release-1.3.3.tar.gz
+cp -r /openils/var/web/js/dojo-release-1.3.3/* /openils/var/web/js/dojo/.
+------------------------------------------------------------------------------
+
+Installing prerequisites
+------------------------
+
+Evergreen has a number of prerequisite packages that must be installed
+before you can successfully configure, compile, and install Evergreen.
+
+1. Begin by installing the most recent version of OpenSRF (2.1 or later).
+ You can download OpenSRF releases from http://evergreen-ils.org/opensrf.php
+2. On many distributions, it is necessary to install PostgreSQL 9 from external
+ repositories.
++
+ * On Debian Squeeze, open `/etc/apt/sources.list` in a text editor as the
+ *root* Linux account and add the following line:
++
+[source, bash]
+------------------------------------------------------------------------------
+deb http://backports.debian.org/debian-backports squeeze-backports main contrib
+------------------------------------------------------------------------------
++
+ * On Ubuntu Lucid, you can use a PPA (personal package archive), which are
+ package sources hosted on Launchpad. The one most commonly used by Evergreen
+ Community members is maintained by Martin Pitt, who also maintains the
+ official PostgreSQL packages for Ubuntu. As the *root* Linux account, issue
+ the following commands to add the PPA source:
++
+[source, bash]
+------------------------------------------------------------------------------
+apt-get install python-software-properties
+add-apt-repository ppa:pitti/postgresql
+------------------------------------------------------------------------------
++
+ * Ubuntu Precise comes with PostgreSQL 9, so no additional steps are required.
++
+ * Fedora comes with PostgreSQL 9, so no additional steps are required.
++
+3. On Debian and Ubuntu, run `aptitude update` as the *root* Linux account to
+ retrieve the new packages from the backports repository.
+4. Issue the following commands as the *root* Linux account to install
+ prerequisites using the `Makefile.install` prerequisite installer,
+ substituting `debian-squeeze`, `fedora`, `ubuntu-lucid`, or
+ `ubuntu-precise` for <osname> below:
++
+[source, bash]
+------------------------------------------------------------------------------
+make -f Open-ILS/src/extras/Makefile.install <osname>
+------------------------------------------------------------------------------
++
+5. Add the libdbi-libdbd libraries to the system dynamic library path by
+ issuing the following commands as the *root* Linux account:
++
+[NOTE]
+You should skip this step if installing on Ubuntu Precise. The ubuntu-precise
+target uses libdbd-pgsql from packages.
++
+.Debian / Ubuntu Lucid
+[source, bash]
+------------------------------------------------------------------------------
+echo "/usr/local/lib/dbd" > /etc/ld.so.conf.d/eg.conf
+ldconfig
+------------------------------------------------------------------------------
++
+.Fedora
+[source, bash]
+------------------------------------------------------------------------------
+echo "/usr/lib64/dbd" > /etc/ld.so.conf.d/eg.conf
+ldconfig
+------------------------------------------------------------------------------
+
+Configuration and compilation instructions
+------------------------------------------
+
+For the time being, we are still installing everything in the `/openils/`
+directory. From the Evergreen source directory, issue the following commands as
+the *user* Linux account to configure and build Evergreen:
+
+[source, bash]
+------------------------------------------------------------------------------
+./configure --prefix=/openils --sysconfdir=/openils/conf
+make
+------------------------------------------------------------------------------
+
+Installation instructions
+-------------------------
+
+1. Once you have configured and compiled Evergreen, issue the following
+ command as the *root* Linux account to install Evergreen, build the server
+ portion of the staff client, and copy example configuration files to
+ `/openils/conf`.
+ Change the value of the `STAFF_CLIENT_STAMP_ID` variable to match the version
+ of the staff client that you will use to connect to the Evergreen server.
++
+[source, bash]
+------------------------------------------------------------------------------
+make STAFF_CLIENT_STAMP_ID=rel_2_3_3 install
+------------------------------------------------------------------------------
++
+2. The server portion of the staff client expects `http://hostname/xul/server`
+ to resolve. Issue the following commands as the *root* Linux account to
+ create a symbolic link pointing to the `server` subdirectory of the server
+ portion of the staff client that we just built using the staff client ID
+ 'rel_name':
++
+[source, bash]
+------------------------------------------------------------------------------
+cd /openils/var/web/xul
+ln -sf rel_name/server server
+------------------------------------------------------------------------------
+
+Change ownership of the Evergreen files
+---------------------------------------
+
+All files in the `/openils/` directory and subdirectories must be owned by the
+`opensrf` user. Issue the following command as the *root* Linux account to
+change the ownership on the files:
+
+[source, bash]
+------------------------------------------------------------------------------
+chown -R opensrf:opensrf /openils
+------------------------------------------------------------------------------
+
+Configure the Apache Web server
+-------------------------------
+
+1. Use the example configuration files in `Open-ILS/examples/apache/` to
+configure your Web server for the Evergreen catalog, staff client, Web
+services, and administration interfaces. Issue the following commands as the
+*root* Linux account:
++
+.Debian and Ubuntu
+[source,bash]
+------------------------------------------------------------------------------
+cp Open-ILS/examples/apache/eg.conf /etc/apache2/sites-available/
+cp Open-ILS/examples/apache/eg_vhost.conf /etc/apache2/
+cp Open-ILS/examples/apache/startup.pl /etc/apache2/
+# Now set up SSL
+mkdir /etc/apache2/ssl
+cd /etc/apache2/ssl
+------------------------------------------------------------------------------
++
+.Fedora
+[source,bash]
+------------------------------------------------------------------------------
+cp Open-ILS/examples/apache/eg.conf /etc/httpd/conf.d/
+cp Open-ILS/examples/apache/eg_vhost.conf /etc/httpd/
+cp Open-ILS/examples/apache/startup.pl /etc/httpd/
+# Now set up SSL
+mkdir /etc/httpd/ssl
+cd /etc/httpd/ssl
+------------------------------------------------------------------------------
++
+2. The `openssl` command cuts a new SSL key for your Apache server. For a
+production server, you should purchase a signed SSL certificate, but you can
+just use a self-signed certificate and accept the warnings in the staff client
+and browser during testing and development. Create an SSL key for the Apache
+server by issuing the following command as the *root* Linux account:
++
+[source,bash]
+------------------------------------------------------------------------------
+openssl req -new -x509 -days 365 -nodes -out server.crt -keyout server.key
+------------------------------------------------------------------------------
++
+3. As the *root* Linux account, edit the `eg.conf` file that you copied into
+place.
+ a. Replace `Allow from 10.0.0.0/8` with `Allow from all` (to enable
+ access to the offline upload / execute interface from any workstation on
+ any network - note that you must secure this for a production instance)
+ b. (Fedora): Change references from the non-existent `/etc/apache2/` directory
+ to `/etc/httpd/`.
+4. Change the user for the Apache server.
+ * (Debian and Ubuntu): As the *root* Linux account, edit
+ `/etc/apache2/envvars`. Change `export APACHE_RUN_USER=www-data` to
+ `export APACHE_RUN_USER=opensrf`.
+ * (Fedora): As the *root* Linux account , edit `/etc/httpd/conf/httpd.conf`.
+ Change `User apache` to `User opensrf`.
+5. Configure Apache with performance settings appropriate for Evergreen:
+ * (Debian and Ubuntu): As the *root* Linux account, edit
+ `/etc/apache2/apache2.conf`:
+ * (Fedora): As the *root* Linux account, edit `/etc/httpd/conf/httpd.conf`:
+ a. Change `KeepAliveTimeout` to `1`. Higher values reduce the chance of
+ a request timing out unexpectedly, but increase the risk of using up
+ all available Apache child processes.
+ b. 'Optional': Change `MaxKeepAliveRequests` to `100`
+ c. Update the prefork configuration section to suit your environment. The
+ following settings apply to a busy system:
++
+[source,bash]
+------------------------------------------------------------------------------
+<IfModule mpm_prefork_module>
+ StartServers 20
+ MinSpareServers 5
+ MaxSpareServers 15
+ MaxClients 150
+ MaxRequestsPerChild 10000
+</IfModule>
+------------------------------------------------------------------------------
++
+6. (Fedora): As the *root* Linux account, edit the `/etc/httpd/eg_vhost.conf`
+ file to change references from the non-existent `/etc/apache2/` directory
+ to `/etc/httpd/`.
+7. (Debian and Ubuntu): As the *root* Linux account, enable the Evergreen site:
++
+[source,bash]
+------------------------------------------------------------------------------
+a2dissite default # OPTIONAL: disable the default site (the "It Works" page)
+a2ensite eg.conf
+------------------------------------------------------------------------------
+
+Configure OpenSRF for the Evergreen application
+-----------------------------------------------
+There are a number of example OpenSRF configuration files in `/openils/conf/`
+that you can use as a template for your Evergreen installation. Issue the
+following commands as the *opensrf* Linux account:
+
+[source, bash]
+------------------------------------------------------------------------------
+cp -b /openils/conf/opensrf_core.xml.example /openils/conf/opensrf_core.xml
+cp -b /openils/conf/opensrf.xml.example /openils/conf/opensrf.xml
+------------------------------------------------------------------------------
+
+When you installed OpenSRF, you created four Jabber users on two
+separate domains and edited the `opensrf_core.xml` file accordingly. Please
+refer back to the OpenSRF README and, as the *opensrf* Linux account, edit the
+Evergreen version of the `opensrf_core.xml` file using the same Jabber users
+and domains as you used while installing and testing OpenSRF.
+
+[NOTE]
+The `-b` flag tells the `cp` command to create a backup version of the
+destination file. The backup version of the destination file has a tilde (`~`)
+appended to the file name, so if you have forgotten the Jabber users and
+domains, you can retrieve the settings from the backup version of the files.
+
+`eg_db_config.pl`, described in the following section, sets the database
+connection information in `opensrf.xml` for you.
+
+Creating the Evergreen database
+-------------------------------
+
+By default, the `Makefile.install` prerequisite installer does not install
+the PostgreSQL 9 database server required by every Evergreen system;
+for production use, most libraries install the PostgreSQL database server on a
+dedicated machine. You can install the packages required by Debian or Ubuntu Lucid
+on the machine of your choice using the following commands as the *root*
+Linux account:
+
+.(Debian and Ubuntu Lucid) Installing PostgreSQL 9.1 server packages
+[source, bash]
+------------------------------------------------------------------------------
+make -f Open-ILS/src/extras/Makefile.install install_pgsql_server_backport_debs_91
+------------------------------------------------------------------------------
+
+.(Ubuntu Precise) Installing PostgreSQL 9.1 server packages
+[source, bash]
+------------------------------------------------------------------------------
+make -f Open-ILS/src/extras/Makefile.install install_pgsql_server_debs_91
+------------------------------------------------------------------------------
+
+You can install the packages required by Fedora on the machine of your choice
+using the following commands as the *root* Linux account:
+
+.(Fedora) Installing PostgreSQL server packages
+[source, bash]
+------------------------------------------------------------------------------
+make -f Open-ILS/src/extras/Makefile.install install_fedora_pgsql_server
+postgresql-setup initdb
+------------------------------------------------------------------------------
+
+For a standalone PostgreSQL server, install the following Perl modules as the
+*root* Linux account:
+
+.(Debian / Ubuntu) Installing additional Perl modules on a standalone PostgreSQL 9 server
+[source, bash]
+------------------------------------------------------------------------------
+aptitude install gcc libxml-libxml-perl libxml-libxslt-perl
+cpan Business::ISBN
+cpan JSON::XS
+cpan Library::CallNumber::LC
+cpan MARC::Record
+cpan MARC::File::XML
+cpan UUID::Tiny
+------------------------------------------------------------------------------
+
+.(Fedora) Installing additional Perl modules on a standalone PostgreSQL 9 server
+[source, bash]
+------------------------------------------------------------------------------
+yum install gcc perl-XML-LibXML perl-XML-LibXSLT perl-Business-ISBN
+cpan Library::CallNumber::LC
+cpan MARC::Record
+cpan MARC::File::XML
+cpan UUID::Tiny
+------------------------------------------------------------------------------
+
+You need to create a PostgreSQL superuser to create and access the database.
+Issue the following command as the *postgres* Linux account to create a new
+PostgreSQL superuser named `evergreen`. When prompted, enter the new user's
+password:
+
+[source, bash]
+------------------------------------------------------------------------------
+createuser -s -P evergreen
+------------------------------------------------------------------------------
+
+Once you have created the *evergreen* PostgreSQL account, you also need to
+create the database and schema, and configure your configuration files to point
+at the database server. Issue the following command as the *root* Linux account
+from inside the Evergreen source directory, replacing <user>, <password>,
+<hostname>, <port>, and <dbname> with the appropriate values for your
+PostgreSQL database (where <user> and <password> are for the *evergreen*
+PostgreSQL account you just created), and replace <admin-user> and <admin-pass>
+with the values you want for the *egadmin* Evergreen administrator account:
+
+[source, bash]
+------------------------------------------------------------------------------
+perl Open-ILS/src/support-scripts/eg_db_config.pl --update-config \
+ --service all --create-database --create-schema --create-offline \
+ --user <user> --password <password> --hostname <hostname> --port <port> \
+ --database <dbname> --admin-user <admin-user> --admin-pass <admin-pass>
+------------------------------------------------------------------------------
+
+This creates the database and schema and configures all of the services in
+your `/openils/conf/opensrf.xml` configuration file to point to that database.
+It also creates the configuration files required by the Evergreen `cgi-bin`
+administration scripts, and sets the user name and password for the *egadmin*
+Evergreen administrator account to your requested values.
+
+Creating the database on a remote server
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+In a production instance of Evergreen, your PostgreSQL server should be
+installed on a dedicated server.
+
+PostgreSQL 9.1 and later
+^^^^^^^^^^^^^^^^^^^^^^^^
+To create the database instance on a remote database server running PostgreSQL
+9.1 or later, simply use the `--create-database` flag on `eg_db_config.pl`.
+
+For PostgreSQL 9.0
+^^^^^^^^^^^^^^^^^^
+To create the database instance on a remote database server running PostgreSQL
+9.0, you can either:
+
+ * Install the PostgreSQL contrib modules on the machine on which you
+ are installing the Evergreen code, and use the `--create-database`
+ option from that machine, or
+ * Copy the `Open-ILS/src/sql/Pg/create_database.sql` script to your
+ PostgreSQL server and invoke it as the *postgres* Linux account:
++
+[source, bash]
+------------------------------------------------------------------------------
+psql -vdb_name=<dbname> -vcontrib_dir=`pg_config --sharedir`/contrib -f create_database.sql
+------------------------------------------------------------------------------
+
+Then you can issue the `eg_db_config.pl` command as above _without_ the
+`--create-database` argument to create your schema and configure your
+configuration files.
+
+Starting Evergreen
+------------------
+1. As the *root* Linux account, start the `memcached` and `ejabberd` services
+(if they aren't already running):
++
+[source, bash]
+------------------------------------------------------------------------------
+/etc/init.d/ejabberd start
+/etc/init.d/memcached start
+------------------------------------------------------------------------------
++
+2. As the *opensrf* Linux account, start Evergreen. The `-l` flag in the
+following command is only necessary if you want to force Evergreen to treat the
+hostname as `localhost`; if you configured `opensrf.xml` using the real
+hostname of your machine as returned by `perl -ENet::Domain 'print
+Net::Domain::hostfqdn() . "\n";'`, you should not use the `-l` flag.
++
+[source, bash]
+------------------------------------------------------------------------------
+osrf_ctl.sh -l -a start_all
+------------------------------------------------------------------------------
++
+ ** If you receive the error message `bash: osrf_ctl.sh: command not found`,
+ then your environment variable `PATH` does not include the `/openils/bin`
+ directory; this should have been set in the *opensrf* Linux account's
+ `.bashrc` configuration file. To manually set the `PATH` variable, edit the
+ configuration file `~/.bashrc` as the *opensrf* Linux account and add the
+ following line:
++
+[source, bash]
+------------------------------------------------------------------------------
+export PATH=$PATH:/openils/bin
+------------------------------------------------------------------------------
++
+3. As the *opensrf* Linux account, generate the Web files needed by the staff
+ client and catalogue and update the organization unit proximity (you need to do
+ this the first time you start Evergreen, and after that each time you change
+ the library hierarchy in `config.cgi`):
++
+[source, bash]
+------------------------------------------------------------------------------
+autogen.sh -u
+------------------------------------------------------------------------------
++
+4. As the *root* Linux account, restart the Apache Web server:
++
+[source, bash]
+------------------------------------------------------------------------------
+/etc/init.d/apache2 restart
+------------------------------------------------------------------------------
++
+If the Apache Web server was running when you started the OpenSRF services, you
+might not be able to successfully log in to the OPAC or staff client until the
+Apache Web server is restarted.
+
+Testing connections to Evergreen
+--------------------------------
+
+Once you have installed and started Evergreen, test your connection to
+Evergreen via `srfsh`. As the *opensrf* Linux account, issue the following
+commands to start `srfsh` and try to log onto the Evergreen server using the
+*egadmin* Evergreen administrator user name and password that you set using the
+`eg_db_config.pl` command:
+
+[source, bash]
+------------------------------------------------------------------------------
+/openils/bin/srfsh
+srfsh% login <admin-user> <admin-pass>
+------------------------------------------------------------------------------
+
+You should see a result like:
+
+ Received Data: "250bf1518c7527a03249858687714376"
+ ------------------------------------
+ Request Completed Successfully
+ Request Time in seconds: 0.045286
+ ------------------------------------
+
+ Received Data: {
+ "ilsevent":0,
+ "textcode":"SUCCESS",
+ "desc":" ",
+ "pid":21616,
+ "stacktrace":"oils_auth.c:304",
+ "payload":{
+ "authtoken":"e5f9827cc0f93b503a1cc66bee6bdd1a",
+ "authtime":420
+ }
+
+ }
+
+ ------------------------------------
+ Request Completed Successfully
+ Request Time in seconds: 1.336568
+ ------------------------------------
+
+If this does not work, it's time to do some troubleshooting.
+
+ * As the *opensrf* Linux acccount, run the `settings-tester.pl` script to see
+ if it finds any system configuration problems. The script is found at
+ `Open-ILS/src/support-scripts/settings-tester.pl` in the Evergreen source
+ tree.
+ * Follow the steps in the http://evergreen-ils.org/dokuwiki/doku.php?id=troubleshooting:checking_for_errors[troubleshooting guide].
+ * If you have faithfully followed the entire set of installation steps
+ listed here, you are probably extremely close to a working system.
+ Gather your configuration files and log files and contact the
+ http://open-ils.org/listserv.php[Evergreen development mailing list]
+ for assistance before making any drastic changes to your system
+ configuration.
+
+Getting help
+------------
+
+Need help installing or using Evergreen? Join the mailing lists at
+http://evergreen-ils.org/listserv.php or contact us on the Freenode
+IRC network on the #evergreen channel.
+
+License
+-------
+This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
+Unported License. To view a copy of this license, visit
+http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative
+Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.
diff --git a/build/tools/make_release b/build/tools/make_release
index c5580c1..07441d1 100755
--- a/build/tools/make_release
+++ b/build/tools/make_release
@@ -2,7 +2,7 @@
GIT_ABS=`git rev-parse --show-toplevel`
GIT_BRANCH=`git rev-parse --abbrev-ref HEAD | sed 's|.*/||'`
-HEADURLBASE="http://git.evergreen-ils.org/Evergreen.git?h=refs/heads/"
+HEADURLBASE="http://git.evergreen-ils.org/Evergreen.git?h=refs/heads/rel_2_3_3"
HEADURL="$HEADURLBASE$GIT_BRANCH"
# Drop to the root of the checkout
diff --git a/configure.ac b/configure.ac
index 89e64f6..fc2f8cb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -20,8 +20,8 @@
export PATH=${PATH}:/usr/sbin
AC_PREREQ(2.61)
-AC_INIT(Open-ILS, trunk, open-ils-dev at list.georgialibraries.org)
-AM_INIT_AUTOMAKE([OpenILS], [trunk])
+AC_INIT(Open-ILS, 2.3.3, open-ils-dev at list.georgialibraries.org)
+AM_INIT_AUTOMAKE([OpenILS], [2.3.3])
AC_REVISION($Revision: 0.1 $)
AC_CONFIG_SRCDIR([configure.ac])
AC_PREFIX_DEFAULT([/openils/])
commit 07db4ff1bc0d5e833a0c95a967bc39092629224e
Author: Galen Charlton <gmc at esilibrary.com>
Date: Tue Jan 15 11:30:41 2013 -0500
LP#1098377: protect against even more cstore segfaults
Following up on the preceding patch, passing null
as the savepoint name to savepoint.release and
savepoint.rollback would also segfault cstore.
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
Signed-off-by: Bill Erickson <berick at esilibrary.com>
diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c
index 87a66f9..fb19c72 100644
--- a/Open-ILS/src/c-apps/oils_sql.c
+++ b/Open-ILS/src/c-apps/oils_sql.c
@@ -969,6 +969,12 @@ int releaseSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+
+ if (!spName) {
+ osrfLogWarning(OSRF_LOG_MARK, "savepoint.release called with no name");
+ return -1;
+ }
+
char *safeSpName = _sanitize_savepoint_name( spName );
dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", safeSpName );
@@ -1042,6 +1048,12 @@ int rollbackSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+
+ if (!spName) {
+ osrfLogWarning(OSRF_LOG_MARK, "savepoint.rollback called with no name");
+ return -1;
+ }
+
char *safeSpName = _sanitize_savepoint_name( spName );
dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", safeSpName );
commit b2c3597d607756523e08932731fd2768d8ecb4d3
Author: Bill Erickson <berick at esilibrary.com>
Date: Tue Jan 15 10:58:16 2013 -0500
Verify savepoint name is non-null
Before we attempt to mangle the name, let's ensure that it's non-null.
Otherwise, segfaults ensue.
Signed-off-by: Bill Erickson <berick at esilibrary.com>
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c
index 18a31ab..87a66f9 100644
--- a/Open-ILS/src/c-apps/oils_sql.c
+++ b/Open-ILS/src/c-apps/oils_sql.c
@@ -890,6 +890,12 @@ int setSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+
+ if (!spName) {
+ osrfLogWarning(OSRF_LOG_MARK, "savepoint.set called with no name");
+ return -1;
+ }
+
char *safeSpName = _sanitize_savepoint_name( spName );
dbi_result result = dbi_conn_queryf( writehandle, "SAVEPOINT \"%s\";", safeSpName );
commit 217d29fbfb02913d387a969fe4063cd1d9f3a3c7
Author: Dan Scott <dscott at laurentian.ca>
Date: Fri Jan 11 01:32:13 2013 -0500
Protect against overly long savepoint names
Per http://postgresql.org/docs/9.1/static/sql-syntax-lexical.html#SQL-SYNTAX-IDENTIFIERS,
the maximum identifier length works out to being 63 bytes (+1 for the
null terminator), so to avoid potential memory pressure by a 10GB string
somehow being passed in as the savepoint name, malloc no more than 64
bytes and copy no more than 63 bytes from the incoming name to the
escaped name.
Signed-off-by: Dan Scott <dscott at laurentian.ca>
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c
index a1abc6d..18a31ab 100644
--- a/Open-ILS/src/c-apps/oils_sql.c
+++ b/Open-ILS/src/c-apps/oils_sql.c
@@ -7280,11 +7280,25 @@ int writeAuditInfo( osrfMethodContext* ctx, const char* user_id, const char* ws_
static char* _sanitize_savepoint_name( const char* sp ) {
const char* safe_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012345789_";
- char* safeSpName = safe_malloc( strlen( sp ) + 1);
+
+ // PostgreSQL uses NAMEDATALEN-1 as a max length for identifiers,
+ // and the default value of NAMEDATALEN is 64; that should be long enough
+ // for our purposes, and it's unlikely that anyone is going to recompile
+ // PostgreSQL to have a smaller value, so cap the identifier name
+ // accordingly to avoid the remote chance that someone manages to pass in a
+ // 12GB savepoint name
+ const int MAX_LITERAL_NAMELEN = 63;
+ int len = 0;
+ len = strlen( sp );
+ if (len > MAX_LITERAL_NAMELEN) {
+ len = MAX_LITERAL_NAMELEN;
+ }
+
+ char* safeSpName = safe_malloc( len + 1 );
int i = 0;
int j;
char* found;
- for (j = 0; j < strlen( sp ); j++) {
+ for (j = 0; j < len; j++) {
found = strchr(safe_chars, sp[j]);
if (found) {
safeSpName[ i++ ] = found[0];
commit 1215411812407ee8d74473a04154cd09ca90c18a
Author: Galen Charlton <gmc at esilibrary.com>
Date: Fri Jan 11 02:30:50 2013 -0500
LP#1098377: sanitize savepoint names
When invoking open-ils.{cstore,pcrud,rstore}.savepoint.*, the
caller supplies a name for the savepoint. However, the savepoint
names could be constructed so that the caller could execute
arbitrary SQL. This patch sanitizes the name so that it contains
only alphanumeric and underscore characters.
Signed-off-by: Galen Charlton <gmc at esilibrary.com>
Signed-off-by: Dan Scott <dscott at laurentian.ca>
diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c
index a2a1d26..a1abc6d 100644
--- a/Open-ILS/src/c-apps/oils_sql.c
+++ b/Open-ILS/src/c-apps/oils_sql.c
@@ -145,6 +145,8 @@ static char* modulename = NULL;
int writeAuditInfo( osrfMethodContext* ctx, const char* user_id, const char* ws_id);
+static char* _sanitize_savepoint_name( const char* sp );
+
/**
@brief Connect to the database.
@return A database connection if successful, or NULL if not.
@@ -888,8 +890,10 @@ int setSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+ char *safeSpName = _sanitize_savepoint_name( spName );
- dbi_result result = dbi_conn_queryf( writehandle, "SAVEPOINT \"%s\";", spName );
+ dbi_result result = dbi_conn_queryf( writehandle, "SAVEPOINT \"%s\";", safeSpName );
+ free( safeSpName );
if( !result ) {
const char* msg;
int errnum = dbi_conn_error( writehandle, &msg );
@@ -959,8 +963,10 @@ int releaseSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+ char *safeSpName = _sanitize_savepoint_name( spName );
- dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", spName );
+ dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", safeSpName );
+ free( safeSpName );
if( !result ) {
const char* msg;
int errnum = dbi_conn_error( writehandle, &msg );
@@ -1030,8 +1036,10 @@ int rollbackSavepoint( osrfMethodContext* ctx ) {
// Get the savepoint name from the method params
const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) );
+ char *safeSpName = _sanitize_savepoint_name( spName );
- dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", spName );
+ dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", safeSpName );
+ free( safeSpName );
if( !result ) {
const char* msg;
int errnum = dbi_conn_error( writehandle, &msg );
@@ -7260,4 +7268,30 @@ int writeAuditInfo( osrfMethodContext* ctx, const char* user_id, const char* ws_
return 0;
}
+/**
+ @brief Remove all but safe character from savepoint name
+ @param sp User-supplied savepoint name
+ @return sanitized savepoint name, or NULL
+
+ The caller is expected to free the returned string. Note that
+ this function exists only because we can't use PQescapeLiteral
+ without either forking libdbi or abandoning it.
+*/
+static char* _sanitize_savepoint_name( const char* sp ) {
+
+ const char* safe_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012345789_";
+ char* safeSpName = safe_malloc( strlen( sp ) + 1);
+ int i = 0;
+ int j;
+ char* found;
+ for (j = 0; j < strlen( sp ); j++) {
+ found = strchr(safe_chars, sp[j]);
+ if (found) {
+ safeSpName[ i++ ] = found[0];
+ }
+ }
+ safeSpName[ i ] = '\0';
+ return safeSpName;
+}
+
/*@}*/
-----------------------------------------------------------------------
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list