Time Nick Message 16:58 liw rsantellan, I have to leave that decision to Koha developers, since I know so little of Koha 16:56 rsantellan liw: after reading the docs is hard for me to think why migrate all data, I think that only the borrowers is worth saving there. But thats just my humble opinion, I'm no expert 16:48 liw rsantellan, the qvarn api has searches, https://github.com/qvarn/qvarn/blob/master/docs/qvarn-api-doc/050-api-overview.yarn#L695 describes them 16:47 rsantellan liw: how you deal with queries on qvarn? 16:45 liw no worries 16:45 ashimema thanks for the chat.. been really enlightening 16:45 * ashimema has to go feed hungry kids 16:45 ashimema haha 16:44 ashimema which is great for customers.. but a nightmare if you want to change schema at all.. because all the public 'copy/paste' sql reports break 16:44 ashimema one of the biggest anoyances koha side liw is our reports system.. it's fantastically flexible as it's just 'plain sql' based.. 16:43 liw I would keep all data in qvarn, but a) I'm clearly biased and b) I don't like sql :) 16:43 ashimema so keeping all the data in the same place, then having an overall abstraction for the permissions for each piece of it makes sense to me.. I think 16:43 ashimema I think you could say.. all data is sensitive once context is gained 16:42 ashimema (with Gluu) 16:42 ashimema perhaps Qvarn is where I should be going with that 16:42 ashimema only I've not yet extracted it into the IdP layer 16:42 ashimema I do like the idea of a nice centralised place to do permissions.. it's axactly what I've been working on in one of my projects 16:41 ashimema yeah.. what rsantellan said ;) 16:41 liw ashimema, yep 16:41 ashimema so Gluu is the abstraction of where the levels of permissions go.. Qvarn is the thing that understands those permissions relations to actual data 16:41 liw rsantellan, that's a good point 16:40 rsantellan liw: I understand in a sense the borrowers information becuase acording to qvarn is dealing with sensitive nature data, but I don't see the benefit of moving all the data from a relational DB to qvarn 16:40 liw qvarn isn't the ultimate solution to every problem in computing. give me time :) 16:40 ashimema so.. Gluu, the IdP authenticates the 'person' and the 'application'.. (as that's what an IdP does).. the rights of what the application can do on the persons behalf with their data are defined in Gluu. 16:39 liw sounds like you do, yes 16:38 ashimema coolios.. yes.. i do undertsand then now 16:37 ashimema in the qvarn sense.. because your connecting to the datastore with a reduced privilege the code wuoldn't be able to continue unless it's written well enough to deal with the restricted privilege 16:37 liw ashimema, the app doesn't get to choose, the "sysadmin" configures that in Gluu 16:37 ashimema it's then upto the application logic to prevent leaks.. which we're mostly good at catching during qa 16:36 liw one aspect koha would need to deal with is the modelling of the data into json objects, which is potentially a lot of work but can be good in the long run; also, qvarn support versioning of resource types and handsles most of the schema changes automatically, in case that's of interest 16:36 ashimema we connect to mysql/postgres with an all powerful db user 16:36 ashimema So koha as an example 16:35 ashimema which is in effect what people do now ;) 16:35 ashimema is there anything to prevent the developer from just say.. sod this i'll attach with the highest access user to make my life easier when developing 16:35 ashimema I see.. 16:35 ashimema cool.. I understand.. it's a strong encouragement.. practically enforcement once you've made the choice to use qvarn.. to follow privacy best practices.. that many of us overlook with current systems 16:34 liw yeah 16:34 ashimema so it sort of feels like just trying to standardise a description of access 16:33 ashimema so is the application developer responsible for saying what authorization level different data's are restricted to? 16:31 liw ashimema, and yes, bringing it "in house" is a good way to describe it 16:31 wahanui interesting is, like, sometimes good and sometimes bad 16:31 ashimema interesting 16:30 liw (or time of day or whatever one can implement) 16:30 ashimema ok.. now that sounds like a fairly nice addition 16:30 ashimema ahh.. strength of authn 16:30 liw with qvarn the actual user and the application can authenticate separately (though this isn't fully done yet), and access control can be decided (once qvarn is written to support it) based also on things like strength of authn 16:30 ashimema i.e. your always looking at data from an individual 'persons' stance as a posed to the 'application' 16:29 ashimema am I right in thinking that qvarn in effect brings this layer 'in house' 16:29 ashimema and then the application is responsible for the 'person' whose accessing the application to only be able to retrieve the data they have rights upon 16:28 ashimema the 'user' in 99% of cases is actually the 'application' and thus is usually given lots of rights all over the place.. 16:28 ashimema in the SQL world, said user can be limited down to the table level as to what they can do with that data (select, update, insert, delete etc, etc) 16:27 ashimema one accesses a datastore as a 'user', and that user has certian rights to take certain actions on various bits of that datastore 16:27 ashimema So.. in my head 16:26 liw I'm not sure I'm good at explaining this either 16:24 liw ashimema, all access goes via a single point that provides much more detailed access control than sql does 16:24 ashimema I feel I'm asking the right questions.. though I might be appearing a bit ignorant/dim ;) 16:24 rsantellan same here 16:24 drojf not much to contribute but interested and reading 16:23 drojf ashimema: please go on 16:23 ashimema I'm spamming the main chat.. sorry everyone.. 16:22 ashimema that's the missing link in my head I think 16:22 ashimema I don't understand how it provides better privacy I suppose 16:22 liw it's meant to be the storage backend for a web application, the way a relational database is (butt with better privacty) 16:18 * ashimema is still digging into the use case ;) 16:18 ashimema is it meant as a central location for just the personal data.. so is one meant to use it alongside an application level datastore? 16:14 ashimema_ :) 16:12 liw ashimema_, also I think you understand qvarn fairly well, in fact; it doesn't do much (no application logic, for example), but tries to do what it does well 16:11 liw ashimema_, qvarn uses openid connect (which is built on top of oauth2) and the idp (gluu) is installed with it, yes 16:10 ashimema_ I really want to built OAuth2 Authorization into koha's rest api and adopt OpenID Connect for authentication.. so perhaps Qbarn can give us some of that 'for free' as such? 16:09 ashimema_ with an IdP built in 16:06 ashimema_ I'm likely missing somthing 16:06 ashimema_ to me it feels like another datastore (elastic search, mongdb, postgres, mysql even) with a secure web facing api 16:05 ashimema_ I am interesting in Qvarn though.. I don't entirely understand it's use case though yet ;) 16:05 ashimema_ yeah.. 16:05 liw I don't expect Qvarn adoption by Koha, if it ever happens, to happen soon. big old code bases move slowly 16:05 ashimema_ yeah.. it's slow and painful ;) 16:04 liw ah, I didn't notice there was already movement towards the abstraction I was suggesting 16:02 ashimema_ that's my thoughts anyways 16:01 ashimema_ Qvarn is interesting.. and you've identified my biggest issue with koha.. that controller and model are not well separated yet.. but I don't tihnk we're in any position to switch to 'yet another data store' any time soon.. we need to actualyl abstract out the model first.. be that koha::objects, dbic whatever 16:00 reiveune bye 15:59 drojf https://en.wikipedia.org/wiki/General_Data_Protection_Regulation 15:59 drojf "The regulation was adopted on 27 April 2016. It enters into application 25 May 2018 after a two-year transition period" 15:58 drojf according to the log 15:58 drojf rangi changed it to end of next year in the meeting 15:57 wahanui 2014 is probably gonna be great 15:57 cait 2014? 15:57 ashimema_ and the codebase is generally being refactored to use them.. it just takes times 15:57 cait just the transition time is a little odd 15:56 ashimema_ liw we do have dbix::class and koha::objects.. 15:55 ashimema_ didn't realise you had anything to do with qvarn liw 15:55 cait liw++ :) 15:54 drojf don't remember that at all, i guess i missed it 15:54 drojf ah. http://irc.koha-community.org/koha/2016-11-09#i_1876711 15:52 drojf liw: i think rangi brought up qvarn at an irc meeting but we postponed it (or i forgot what it was about). i did not know you are involved 15:52 liw heh 15:51 drojf :P 15:51 drojf tl;dr 15:47 liw ok, thanks 15:47 drojf we will survive a duplicate 15:47 drojf just resend 15:47 liw but that might be an acceptable risk 15:46 liw I could resend but it might result in duplicates if the moderator approvaes the first one later 15:46 drojf If you are having trouble using the lists, please contact mailman@lists.koha-community.org. 15:46 liw I fully understand 15:46 drojf liw: resend? or poke someone at biblibre, but i forgot who does the mailing lists 15:45 drojf liw: i bet it is, the main list is too. for spam reasons 15:45 liw I sent a mail to koha-devel a little while ago, but it's not gone through. I the list moderated for non-subscribers? I've since subscribed, but that' be too late 15:36 LibraryClaire laters #koha 14:41 fridolin i was running with JS off via Firebug for tests 14:41 fridolin its a choc 14:41 fridolin 0% 14:41 fridolin it means Koha staff interface can to be used without JS anymore 14:41 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15111 critical, P5 - low, ---, kyle, RESOLVED FIXED, Koha is vulnerable to Cross-Frame Scripting (XFS) attacks 14:41 fridolin whaaouuuu Bug 15111 13:29 huginn cait: The operation succeeded. 13:29 cait @later tell marcelr I don't think so - the plan is to start on monday, but no bug fixes pushed so far 13:16 ashimema things like moving parameters out of the path definition make very little sense.. you need that context in the path definition to understand what the route is meant to do 13:15 ashimema lari.. when i get a moment I'll submit a patchset to tidy them into a more manageable standards based set of splits.. 12:53 rsantellan good morning #koha 12:52 lari ashimema: can you explain your thoughts bit more? what would you prefer instead? maybe e-mail me 12:51 marcelr you don't have a branch yet ? 12:50 marcelr hi cait 12:48 cait hm no kidclamp 12:41 marcelr i like the title 12:41 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17681 trivial, P5 - low, ---, m.de.rooy, Needs Signoff , Exiisting typos might thow some feees when recieved 12:41 marcelr bug 17681 12:29 ashimema I think we loose too much context with the way we split up our spec 12:28 ashimema hmm.. it's nice to have a reference for it 12:25 lari ashimema: hi :) ! the crazy ~1 is an escaped slash in JSON pointer, as defined in https://tools.ietf.org/html/rfc6901#section-3 12:00 petter hei magnus! 11:53 magnuse have fun #koha! 11:53 magnuse kia ora petter! 10:59 magnuse so true 10:59 wahanui lunchtime is a terrible time for a meeting 10:59 magnuse lunchtime! 10:46 marcelr Joubu: i once saw a change to lowercase in my testing, but cannot reproduce it anymore ;) no fails btw in 5.5 10:26 Joubu lari: ^ 10:26 Joubu you should see with Lari 10:25 * cait waves 10:24 ashimema but I'd really like to know the reasons behind some of e decisions in the first place.. 10:24 ashimema I'm coming back on the scene and intend on fixing lots of this.. 10:24 ashimema oh well 10:24 ashimema you loose huge amounts of context 10:24 ashimema we've split up out spec way too much too.. I'm pretty sure I said not to split it the way it's ended up :( 10:23 ashimema to me.. it's adding crap for adding craps sake ;) 10:22 ashimema in either swagger or mojo 10:22 ashimema it's nothing I've ever come across working with swagger for the past 2 years 10:11 Joubu Is not a swagger separator? 10:10 ashimema :( 10:10 ashimema It got dismissed with a sweeping statement of 'it's best practice' at the hackfest.. but I've never seen it anywhere before and googling turns up nothing.. and all it appears to do to me is make it much harder to read 10:10 Joubu ashimema: no idea 10:09 ashimema the ~1 cruft that's in there.. 10:09 ashimema joubu.. do you understand the crazy syntax being used in paths.json for the swagger routing? 09:55 marcelr will do some testing too, thx 09:55 Joubu marcelr: I think I have tried yesterday yes 09:54 wahanui sure is :) 09:54 marcelr sure? 09:54 Joubu marcelr: the convert will fail if there are lower and upercase 09:53 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17676 critical, P5 - low, ---, jonathan.druart, Signed Off , Default COLLATE for marc_subfield_structure is not set 09:53 marcelr Joubu: bug 17676 why not do a CONVERT TO and only change tagsubfield afterwards in the old db rev 3.19 instead of going through all fields ? You did a convert for all other tables 09:51 marcelr hi eythian 09:45 wahanui salut, eythian 09:45 eythian hi 09:03 Joubu sunny: try to remove the STRICT_TRANS_TABLES sql_mode from your mysql config file 09:02 Joubu sunny: nope, it seems that you are using MySQL > 5.6 or 5.7 08:43 sunny should i re-install ? 08:42 * drojf adds some confusion, leaves for tea 08:41 drojf but the repository is not changed yet 08:41 drojf technically, it is oldstable now 08:41 sunny my english is not well 08:40 sunny not old stable 08:40 sunny stable 08:39 wahanui koha 16.05 is just 3.24 08:39 sunny koha 16.05 08:39 sunny DBIx::Class::Storage::DBI::_dbh-execute(): Date truncated for column 'type ' at...... 08:38 Joubu check logs to know what is the error 08:38 cait and what is the error? 08:38 wahanui well, which version is recommended? 08:38 cait which version? 08:37 sunny hello. everyone,i got a problem.when i doing web installer step3,click "import", there is a sofeware error 08:35 gaetan_B morning cait :) 08:35 cait morning #koha 08:35 cait morning gaetan_B :) 08:34 gaetan_B hello 07:57 reiveune salut LibraryClaire 07:57 LibraryClaire hi reiveune 07:55 wahanui hey, reiveune 07:55 reiveune hello 07:54 LibraryClaire hi Joubu 07:54 fridolin hie there 07:54 wahanui privet, Joubu 07:54 Joubu Hi 07:46 wahanui what's up, alex_a 07:46 alex_a bonjour 07:34 marcelr hi LibraryClaire 07:34 LibraryClaire hi marcelr 07:34 marcelr hi #koha 07:22 magnuse went there for swib 3 years ago 07:21 magnuse yup 07:20 LibraryClaire nice :) 07:20 magnuse so 4 whole days 07:20 magnuse from this evening until midday wednesday 07:19 LibraryClaire magnuse: how long are you going to be in Hamburg? 07:15 LibraryClaire hihi 07:15 magnuse ja, sehr gut! 07:15 drojf wie schön 07:15 magnuse heute fahren wir nach hamburg! 07:15 LibraryClaire *magnuse 07:15 magnuse guten morgen BüchereiKlara und drojf 07:15 LibraryClaire hej magnus 07:15 LibraryClaire moin drojf 07:14 LibraryClaire :D 07:14 * magnuse waves 07:14 drojf guten morgen GuteLauneKlara 07:13 LibraryClaire hi #koha :) 06:27 drojf dcook: it's only for debian, so makefile.pl is probably not the right place. but to be honest i never added a folder to koha before 06:21 dcook I'm sure you'll tell me if it's wrong in the end, drojf : )_ 06:21 dcook I followed the same pattern as Zebra, and I think that'll be OK 06:21 dcook Hmm maybe I won't worry about Makefile.PL 06:20 dcook jois: Bywater Solutions have a bunch of Youtube videos 06:20 jois is there any demo or video tutorials to learn all the features of koha? 06:18 dcook But it's 5:18pm.. 06:18 dcook drojf: Hmm I think maybe I've screwed up Makefile.PL then if it's supposed to use scripts/koha-create-dirs 06:17 irma jois https://www.loc.gov/marc/faq.html MARC21 is a standard for entering bibliographic information into a computer record that can be used by library automation systems to provide a library catalogue. 06:17 dcook Oh that's not too bad.. 06:17 huginn dcook: The current temperature in Sydney, Australia is 22.0°C (5:00 PM AEDT on November 25, 2016). Conditions: Clear. Humidity: 53%. Dew Point: 12.0°C. Pressure: 29.89 in 1012 hPa (Steady). 06:17 dcook @wunder syd 06:14 drojf :/ 06:14 drojf oh 06:14 huginn drojf: The current temperature in Berlin Schoenefeld, Germany is -1.0°C (6:50 AM CET on November 25, 2016). Conditions: Light Freezing Fog. Humidity: 100%. Dew Point: -1.0°C. Pressure: 30.27 in 1025 hPa (Steady). 06:14 drojf @wunder sxf 06:09 wahanui somebody said MARC21 was at http://www.loc.gov/marc/bibliographic/ecbdlist.html , http://www.loc.gov/marc/authority/ecadlist.html 06:09 jois what is MARC21? 06:09 drojf lol dcook 06:09 dcook hey jois 06:09 dcook The support was good though! 06:09 jois hi 06:09 dcook I like how I solved that problem on my own in the end lol 06:08 drojf yay 06:08 dcook Ok, cool. I'll add a change to that 06:08 dcook Yiiiiisss 06:08 drojf yes i think that is the thing 06:08 dcook I think that's the one 06:08 dcook drojf: scripts/koha-create-dirs ? 06:08 drojf oh nice 06:08 dcook We should put that repo up somewhere 06:07 * drojf sighs 06:07 dcook Which one person has actually put a repository up for.. 06:07 drojf that's always the worst part 06:07 dcook The worst part is the deps 06:07 dcook Not that hard really 06:07 dcook : p 06:07 drojf lol 06:07 drojf ok then i want a koha rpm package i return 06:06 * dcook is very familiar with building RPMs now but needs to get to Deb packages.. 06:06 dcook drojf: What would I need to give to you for that? 06:06 dcook Yeah, if I could get the package to create a subdirectory owned by the koha user that would be great 06:05 dcook Oh... I see what I must've been thinking 06:05 dcook Huh.. 06:05 dcook 755 root:root 06:05 dcook We have /var/spool/koha/<instance> 06:05 dcook Ok let's see.. 06:02 * dcook waits 06:02 dcook Vbox starts fast enough I guess.. 06:02 dcook Hmm I don't have a Debian system handy.. 06:01 dcook Let me do a little test.. 06:01 dcook Or maybe I'm thinking of something else 06:01 dcook I can't always cd to a directory, but I can get to a subdirectory 06:01 dcook I've found that to be the case on my phone 06:01 dcook I think you're right 06:01 drojf but its 7 am and i did not have coffee :D 06:00 drojf i don't see why not 06:00 dcook Yeah, that's all I need 06:00 dcook Yeah? Sweet 06:00 drojf is 06:00 drojf you could if the sub directory us yours 06:00 dcook At least, with whatever the current permissions are 05:59 dcook But I couldn't reach it if spool/<kohainstance> is owned by root 05:59 dcook Ideally I'd have a subdirectory 05:58 drojf do you need the whole directory? if you want to have tmp xml data there, that coul dhave its own sub dir maybe 05:57 dcook Before you took over the packaging I think 05:57 dcook I think it was a while ago. 05:57 dcook I don't know Debian packaging well enough to craft a patch 05:57 drojf oh, don't remember reading that 05:57 * dcook emailed the listserv about this a while ago but got no response, but it doesn't quite seem like a Bugzilla issue 05:57 dcook But keep the permissions for the files the same 05:56 dcook I was wondering if we could have the koha user own the directory 05:56 dcook Right, but the directory itself is owned by root, which prevents a person from changing directories into it 05:56 drojf i think 05:56 drojf like, the config part of the backups is owned by root and the sql by koha user 05:56 dcook Which have root as an owner and a group of the koha-instance user? 05:56 dcook At a glance, I think the only thing in there are backups? 05:55 drojf i think some parts are, others would break 05:55 dcook ie I want to save XML records there temporarily :p 05:55 dcook That need to spool data for later processing 05:55 dcook As it would be useful for other bits of Koha 05:55 dcook I'm wondering if /var/spool/koha/<instance> has to be owned by root... 05:55 drojf you will find out :P 05:54 dcook Oh... and I'll probably want to talk to you at some point 05:54 dcook I have no idea what will be accepted anymore 05:54 dcook It's been too long since I've contributed a patch via Bugzilla 05:53 drojf heh 05:53 dcook Sooo many unit tests.. 05:53 dcook I'm working away on the OAI stuff.. 05:53 dcook heya drojf :) 05:50 drojf hi dcook 05:44 * dcook waves 05:44 drojf morning #koha 02:46 sunny i am so exciting to see "welcome to the koha web installer" haha 02:27 sunny thank you . i have a visiter ..wait for second 02:23 wizzyrea ^ very small explanation 02:22 wizzyrea https://blog.kowalczyk.info/article/10c/Local-DNS-modifications-on-Windows-etchosts-equi.html 02:22 wizzyrea or you could configure the local hosts file to map the names without DNS 02:22 wizzyrea you would have to use ports to set the two virtualhosts apart 02:20 sunny my koha server is virtual host. if i want visit with ip addr in lan,what should i do? 02:16 wizzyrea (for linux you could define it in /etc/hosts) 02:16 wizzyrea if they have DNS for it to point to your machine, it should work 02:16 sunny if someone in same lan, visit the addr too? 02:15 wizzyrea yes! 02:14 sunny now i should do web install 02:14 wizzyrea you are welcome 02:14 sunny thank you so much 02:14 wizzyrea YAY 02:14 wahanui For now... 02:14 sunny it works 02:13 wizzyrea the other option is to change the top from 127.0.0.1:80 to 127.0.0.1:8080 for that intranet virtualhost 02:13 wizzyrea that will work if you have dns set up for that 02:12 sunny then i should visit "library-intra.mydnsname.org"? 02:11 wizzyrea right, that will be the one you are seeing when you go to 127.0.0.1 02:11 sunny "labeled OPAC" means servername:library-intra.mydnsname.org? 02:09 wizzyrea :D 02:09 sunny yes 02:09 wizzyrea so it would be /etc/apache2/sites-available/library.conf 02:08 sunny library is my instance name 02:08 wizzyrea "NAME" is your instance name 02:08 wizzyrea you did something like koha-create --create-db NAME 02:08 wizzyrea well <instancename> is what you called your instance when you created your instance 02:06 sunny ok .i just open <instancename>.conf 02:05 wizzyrea and let us look at what you've got in there :) 02:05 wizzyrea or, you can paste what is in that config file to http://paste.koha-community.org 02:04 wizzyrea so then you'd access it with 127.0.0.1:8080 (just as an example) 02:03 wizzyrea what you probably want to do is to put the intranet site on a different port 02:03 sunny hold on 02:03 sunny let me see 02:03 wizzyrea the next one is labeled Intranet 02:02 wizzyrea the first one is labeled OPAC 02:02 wizzyrea you will see two virtualhost entries 02:02 wizzyrea ok, in your apache configuration for the site /etc/apache2/sites-available/<instancename>.conf 02:01 sunny 127.0.0.1 02:01 wizzyrea how are you accessing (with what address) what you are seeing now? 02:01 sunny or on lan 02:01 sunny i want it run on local 02:00 wizzyrea you need to go to the staff interface one 02:00 wizzyrea ok, Koha has two virtualhosts, you are going to the public (opac) one 02:00 sunny thank you so much . i want to install koha on debian following the instruction about apache,mysql ,at the end ,there is a system maintenance 01:56 wizzyrea (usually) 01:56 wizzyrea hi, we can help :) 01:55 sunny hello everyone! i come from china,my english is not good . i'm looking for help. 00:20 dcook Mojolicious is still optional in Koha, yeah?