IRC log for #koha, 2017-02-22

All times shown according to UTC.

Time S Nick Message
00:09 irmab hi #koha
01:39 kidclamp @later tell tcohen I will be in as early as possible but your turn to chair :b
01:39 huginn kidclamp: The operation succeeded.
01:43 huginn joined #koha
02:57 irmab joined #koha
03:07 gmcharlt joined #koha
03:10 huginn joined #koha
03:11 dbs joined #koha
03:19 z0k_ joined #koha
06:08 jamsheer joined #koha
06:12 drojf joined #koha
06:12 drojf morning #koha
06:18 cait joined #koha
06:23 paul_p joined #koha
06:27 * mtj waves to drojf
06:31 drojf hi mtj
06:34 * cait waves
06:35 cait 16.11.04 is out! :)
06:36 drojf hi cait
06:36 stozza joined #koha
06:39 drojf cait++
06:39 drojf cait: any weird things i should be looking out for
06:40 drojf ?
06:40 cait i hope not
06:40 cait it's the biggest one so far, but i hope i haven't missed something
06:41 cait the nightly is green at least
06:41 cait :)
06:42 drojf the nightly was also green when postinst was broken in master :P it needs more checks, so far it assumes package built=done
06:42 drojf but sounds good :)
06:59 stozza_ joined #koha
07:00 LibraryClaire joined #koha
07:01 LibraryClaire morning #koha
07:01 drojf hi LibraryClaire
07:01 LibraryClaire moin drojf
07:11 reiveune joined #koha
07:11 reiveune hello
07:13 LibraryClaire hi reiveune
07:17 stozza joined #koha
07:25 agoforth joined #koha
07:28 stozza_ joined #koha
07:30 mtj congrats cait++  - i am working on a 16.05.x release now
07:30 cait mtj++ :)
07:30 cait bbia
07:30 cait b
07:31 drojf 16.11.04 package is out
07:37 laurence joined #koha
07:40 stozza joined #koha
07:56 stozza_ joined #koha
07:58 fridolin joined #koha
07:59 magnuse drojf++
08:00 * magnuse waves
08:00 magnuse @wunder enbo
08:00 drojf hei magnuse
08:00 huginn magnuse: The current temperature in Bodo, Norway is -7.0°C (8:50 AM CET on February 22, 2017). Conditions: Clear. Humidity: 74%. Dew Point: -11.0°C. Windchill: -16.0°C. Pressure: 28.88 in 978 hPa (Falling).
08:00 drojf @wunder sxf
08:00 huginn drojf: The current temperature in Berlin Schoenefeld, Germany is 9.0°C (8:50 AM CET on February 22, 2017). Conditions: Mostly Cloudy. Humidity: 87%. Dew Point: 7.0°C. Pressure: 29.50 in 999 hPa (Steady).
08:00 magnuse 20 cm of fresh powdery snow this morning!
08:01 drojf magnuse: i am so happy for you
08:01 magnuse :-)
08:02 drojf there was supposed to be snow again next week. i have not checked again. i hope not
08:05 stozza joined #koha
08:05 drojf it says 13° for that day now. nice
08:06 AndrewIsh joined #koha
08:11 drojf is anyone using koha with vufind?
08:11 liw @wunder helsinki
08:11 huginn liw: The current temperature in Helsinki, Finland is -3.0°C (9:50 AM EET on February 22, 2017). Conditions: Mostly Cloudy. Humidity: 74%. Dew Point: -7.0°C. Windchill: -10.0°C. Pressure: 29.36 in 994 hPa (Falling).
08:14 StomproJ joined #koha
08:14 Scott-CSPL joined #koha
08:14 dac joined #koha
08:15 baptiste joined #koha
08:18 stozza joined #koha
08:18 gaetan_B joined #koha
08:18 gaetan_B hello
08:29 Joubu hi #koha
08:29 LibraryClaire bonjour Joubu
08:29 LibraryClaire hi gaetan_B
08:39 cait joined #koha
08:44 drojf joined #koha
08:46 cait drojf++
08:50 sophie_m joined #koha
08:58 drojf left #koha
08:59 drojf joined #koha
09:03 magnuse cait++
09:03 magnuse gaetan_B: it's skrei-season again!
09:04 gaetan_B oooh, i guess you'll have to take another serving for me then ! it doesn't seem like i'll make it to Norway this time
09:09 z0k joined #koha
09:19 nlegrand Hello !
09:19 nlegrand If I have a bug on master that is also affecting 6.11, should I cc 6.11 release maintainers?
09:23 Joubu it's 11.6, not 6.11 :)
09:23 nlegrand Joubu: ho right :)
09:23 Joubu Nope, they watch the "push to master" bug list
09:23 Joubu so no need to cc them
09:23 nlegrand not quite awaken yet ^^
09:24 Joubu nlegrand: what bug is it?
09:24 nlegrand Bug 18150, very easy one :)
09:24 huginn Bug[…]_bug.cgi?id=18150 normal, P4, ---, koha-bugs, NEW , CanItemBeReserved doesn't work with (IndependentBranches AND ! canreservefromotherbranches)
09:24 nlegrand patch coming=
09:25 Joubu and it's 17.5..
09:25 Joubu well it's year.month, ok? :)
09:25 Joubu nlegrand: do you plan to submit a patch?
09:25 nlegrand :)
09:26 nlegrand Joubu: in a few seconds
09:27 nlegrand 10:23 <@Joubu> it's 11.6, not 6.11 :) <- you meant 16.11 right ? ^^
09:28 * cait sends coffee :)
09:28 * Joubu grabs more tea
09:28 Francesca joined #koha
09:39 eythian hi
09:39 eythian @wunder ams
09:39 huginn eythian: The current temperature in Amsterdam, Netherlands is 10.0°C (10:25 AM CET on February 22, 2017). Conditions: Scattered Clouds. Humidity: 87%. Dew Point: 8.0°C. Pressure: 29.65 in 1004 hPa (Steady).
09:39 eythian two digits!
09:43 drojf hi eythian
09:43 eythian hello drojf
09:46 drojf @wunder sxf
09:46 huginn drojf: The current temperature in Berlin Schoenefeld, Germany is 10.0°C (10:20 AM CET on February 22, 2017). Conditions: Light Rain. Humidity: 87%. Dew Point: 8.0°C. Pressure: 29.50 in 999 hPa (Steady).
09:46 drojf ha
09:47 eythian you're just copying my weather
09:47 drojf heh
09:47 drojf i did a migration error and got light rain though
09:49 eythian yeah, that was silly
09:49 eythian that was fixed a few hours ago in my version.
09:50 * drojf rebases weather
09:50 magnuse @wunder enbo
09:50 huginn magnuse: The current temperature in Bodo, Norway is -6.0°C (10:20 AM CET on February 22, 2017). Conditions: Clear. Humidity: 74%. Dew Point: -10.0°C. Windchill: -15.0°C. Pressure: 28.85 in 977 hPa (Falling).
09:51 magnuse git remote add amsterdam
09:57 deb-CSPL joined #koha
10:07 LibraryClaire @wunder konstanz
10:07 huginn LibraryClaire: The current temperature in Jungerhalde, Konstanz, Germany is 10.5°C (11:06 AM CET on February 22, 2017). Conditions: Overcast. Humidity: 79%. Dew Point: 7.0°C. Pressure: 30.04 in 1017 hPa (Steady).
10:14 laurence joined #koha
10:20 eythian oooh, look at you with your extra 0.5°. Showoff ;)
10:21 LibraryClaire *flex*
11:06 z0k joined #koha
11:16 rsantellan joined #koha
11:17 rsantellan good morning #koha
11:19 atheia joined #koha
11:20 fridolin left #koha
11:25 fridolin joined #koha
11:36 laurence left #koha
11:55 magnuse @wunder marseille
11:55 huginn magnuse: Error: No such location could be found.
11:55 magnuse @wunder marseille, france
11:55 huginn magnuse: The current temperature in Marseille, France is 16.0°C (12:30 PM CET on February 22, 2017). Conditions: Clear. Humidity: 55%. Dew Point: 7.0°C. Pressure: 30.12 in 1020 hPa (Steady).
11:55 magnuse whoa!
11:56 kmlussier joined #koha
11:59 drojf nice
11:59 drojf magnuse: are you going to the hackfest?
12:02 magnuse sadly, no
12:02 magnuse ooh, dev meeting in ~1 hour?
12:03 magnuse https://wiki.koha-community.or[…]eting_22_February
12:03 drojf i keep missing those
12:03 drojf or not knowing of them
12:04 drojf somebody should invent a thing where all days are listed and you enter what stuff you want to do
12:04 magnuse ooh, sounds like a clever idea
12:05 magnuse you should patent it!
12:05 drojf then i only need somebody to look at it once in a while and tell me what it says
12:06 magnuse even better!
12:10 marcelr joined #koha
12:11 marcelr hi #koha
12:12 drojf oh
12:12 drojf nevermind
12:12 drojf hi marcelr
12:12 marcelr hey drojf
12:15 drojf i get this, any ideas what it means?`
12:16 drojf trying to get it working with newer catmandu and stuff
12:17 Joubu drojf: I did not get this one, but got errors in ES log because I was using Catmandu::Store::ElasticSearch instead of Catmandu::Store::Elasticsearch
12:17 Joubu S vs s
12:18 drojf hm yes i think i saw something like that before
12:30 meliss joined #koha
12:31 * druthb waves blearily.
12:31 francharb good morning all
12:33 * LibraryClaire waves
12:36 oleonard joined #koha
12:38 oleonard Hi all
12:39 LibraryClaire hi oleonard
12:40 druthb g'morning, oleonard. :)
12:43 d_antonakis joined #koha
12:43 barton joined #koha
12:46 eythian hi oleopard
12:49 LibraryClaire wahanui?
12:49 LibraryClaire :O
12:49 drojf ding dong the bot is dead
12:49 LibraryClaire I thought it was too quiet
12:49 oleonard wahanui is having a poolside beer with rangi right now
12:51 drojf why don't we have a pool bar for meetings?
12:51 * druthb seconds drofj's idea
12:51 * druthb pokes at her keyboard, and tries again:  drojf.
12:52 drojf druthb!
12:52 druthb drojf!
12:52 drojf :)
12:52 drojf now i forgot what i was going to do because pool
12:55 jajm hi #koha
12:55 marcelr hi jajm
12:56 jajm marcelr, i think i'll be able to qa 18070 today :)
12:56 marcelr ok that would be very nice :)
13:02 marcelr hey kidclamp
13:02 kidclamp hi marcelr
13:02 marcelr are you chairing the meeting?
13:03 kidclamp if tcohen isn;t here I suppose so
13:03 * LibraryClaire waves
13:03 marcelr where is tcohen when you need him ;)
13:03 petter joined #koha
13:03 kidclamp #startmeeting Development IRC meeting 22 February
13:03 huginn Meeting started Wed Feb 22 13:03:58 2017 UTC.  The chair is kidclamp. Information about MeetBot at
13:03 huginn Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
13:03 Topic for #koha is now  (Meeting topic: Development IRC meeting 22 February)
13:03 huginn The meeting name has been set to 'development_irc_meeting_22_february'
13:04 kidclamp #topic Introductions
13:04 Topic for #koha is now Introductions (Meeting topic: Development IRC meeting 22 February)
13:04 marcelr #info Marcel de Rooy, Rijksmuseum
13:04 kidclamp #info Nick Clemens, ByWater Solutions
13:04 cait #info Katrin Fischer, BSZ, Germany
13:04 oleonard #info Owen Leonard, Athens County Public Libraries, USA
13:04 LibraryClaire #info Claire Gravely, BSZ, Germany
13:04 jajm #info Julian Maurice, BibLibre, France
13:04 Joubu #info Jonathan Druart
13:04 drojf #info Mirko Tietgen, Berlin, Germany
13:05 benjamin #info Benjamin Rokseth , Oslo, Norway
13:05 kidclamp #topic Announcements
13:05 Topic for #koha is now Announcements (Meeting topic: Development IRC meeting 22 February)
13:05 marcelr I have two small 'announcements'
13:06 marcelr The first is: Three sec patches are still pending: 18010, 18019 in NSO and 18124 in SO.
13:06 d_antonakis #info Dimitris Antonakis, Athens, Greece
13:06 marcelr 18124 is from Joubu, the other two from me
13:06 marcelr and second:
13:06 marcelr On the auth merge front I am hoping for a QA of 18070 from Julian maybe today and I will submit the next patch set 9988 very soon. Will be the last fundamental change to merge in this series. After that some smaller things left.
13:06 kidclamp #info three security patches need attention: 18010, 18019, 18124
13:07 marcelr So hope for some feedback then
13:07 kidclamp #info Authority merge set needs QA on 18070 - is waiting for patch on 9988 (coming soon) and then fundamental changes will be done
13:07 kidclamp thanks marcelr
13:08 kidclamp Lets ping khall and see if we have release announcements
13:08 barton #info Barton Chittenden, BWS, Louisville KY
13:09 kidclamp skipping 17.05 for now
13:09 kidclamp #topic Updates from the Release Maintainers
13:09 Topic for #koha is now Updates from the Release Maintainers (Meeting topic: Development IRC meeting 22 February)
13:09 kidclamp cait?
13:09 cait yes?
13:09 cait ah
13:09 cait sorry, was looking at the bugs :)
13:09 cait #info 16.011.04 was reeleased today, it includes 3 enh and 41 bugfixes
13:10 cait I think we killed a lot of bad bugs with this one, getting it nice and stable
13:10 kidclamp cait++
13:10 marcelr cait++
13:10 cait hope there is not much more to be found :)
13:10 druthb cait++
13:11 cait that's it basically
13:11 druthb #info D Ruth Bavousett, no one of consequence
13:11 cait i plan to stick to schedule for the next one as well
13:11 cait that's it from me :)
13:11 kidclamp any updates jajm or mtj?
13:12 kidclamp thanks cait
13:12 kidclamp #topic Updates from the QA team
13:12 Topic for #koha is now Updates from the QA team (Meeting topic: Development IRC meeting 22 February)
13:12 kidclamp no Joubu today?
13:12 Joubu yep
13:13 nengard joined #koha
13:13 barton [aside] /me notes that druthb *is* of consequence; he uses her scripts often ;-)
13:13 kidclamp ah, ops list :-)
13:13 jajm kidclamp, 3.22.17 was released on monday, but nothing special with this release :)
13:13 Joubu I have things to highglitht, but for next topic
13:13 druthb [aside] /me thanks barton
13:13 Joubu I need help to QA patches, nothing new, nothing else...
13:13 kidclamp #info 3.22.17 was released monday
13:14 kidclamp #info Keep QAing please and watch the queue doesn't get too big
13:14 marcelr 65 now
13:14 kidclamp #topic General development discussion (trends, ideas, ...)
13:14 Topic for #koha is now General development discussion (trends, ideas, ...) (Meeting topic: Development IRC meeting 22 February)
13:14 kidclamp go for it Joubu
13:15 Joubu So, 5 things to highlight:
13:15 Joubu 1. As we now have marcxml out of bibitems, we need bug 17898, which is really easy to test
13:15 * drojf queues in line
13:15 huginn Bug[…]_bug.cgi?id=17898 enhancement, P5 - low, ---, jonathan.druart, Needs Signoff , Add a way to automatically convert SQL reports
13:15 Joubu 2. Bug 17961 should be very easy to test and QA, it just adds tests. Please make it move forward quickly
13:15 huginn Bug[…]_bug.cgi?id=17961 enhancement, P5 - low, ---, jonathan.druart, ASSIGNED , TT syntax for notices - Prove we have an equivalent for our historical custom syntax
13:15 * kidclamp queues behind drojf
13:15 marcelr still assigned
13:15 Joubu see deps
13:15 magnuse #info Magnus Enger, Libriotech, Norway
13:15 Joubu it's an omnibus
13:15 Joubu 3. bug 16846 is a big one, but should be interesting to get it in. We will manipulate patron object (almost) everywhere
13:15 huginn Bug[…]_bug.cgi?id=16846 enhancement, P5 - low, ---, jonathan.druart, ASSIGNED , Move patron related code to Koha::Patron
13:16 kidclamp #info please test 17898, convertin greports after marcxml move
13:16 Joubu still assigned, no patches, too  many deps, but there is a remote branch with evrything on it
13:16 kidclamp #info bug 17961 adds test, please test and qa
13:16 Joubu 4. Hea has been moved to another server, I will be able to access it to clean the DB and upgrade the code. It would be great to get somebody involves on bug 18066
13:16 huginn Bug[…]_bug.cgi?id=18066 enhancement, P5 - low, ---, jonathan.druart, Needs Signoff , Hea - Version 2
13:16 Joubu And finally, 5. We need testers from different countries for the onboarding tool ft (bug 17855 and bug 18039). I provided patches for 18039 and will QA 17855. Cannot test 18039
13:16 huginn Bug[…]_bug.cgi?id=17855 enhancement, P5 - low, ---, alexbuckley, Signed Off , Updated Koha web installer and new onboarding tool feature to guide users through setting up Koha
13:16 huginn Bug[…]_bug.cgi?id=18039 enhancement, P5 - low, ---, jonathan.druart, Needs Signoff , Move the mandatory and optional files for non-english languages into 'default' directory so bug 17855 permits use of other languages
13:16 kidclamp #info bug 16846 move to Koha::Patron - dependency tree needs help
13:16 marcelr bug 18039
13:17 oleonard I started to test 18066 Joubu, but ran out of time. I hope to take another crack at it
13:17 cait i will try to test the german installer for the onboarding tool
13:17 magnuse oleonard++
13:17 Joubu Nothing really, I highlight these things in the last 2 "what's on in koha-devel" email, but do not get help
13:17 cait but bit short of time for the next 2 weeks
13:17 kidclamp #info bug 17855 and 18039 Onboarding tool needs broad testing from different countries
13:18 LibraryClaire I can take a look at the 17898
13:18 Joubu About the lang isntaller, we may need to discuss about removing ru-RU and uk-UA...
13:18 marcelr they seem unsupported
13:19 marcelr send a mail to the list?
13:19 marcelr and remove them?
13:19 marcelr you can still find them in git, update them and get them back in later
13:19 Joubu yep
13:20 cait i think maybe send an email to the translate list
13:20 cait the translations I think are maintained
13:20 cait i tmight lack someone comfortable with git
13:20 cait would not be nice to break it for them - what's he problem?
13:20 cait coudl we restructure to bring it in line with the other installers?
13:20 Joubu #info bug 14302 has a patch, to kick GRS-1 related code
13:20 huginn Bug[…]_bug.cgi?id=14302 enhancement, P5 - low, ---, jonathan.druart, Needs Signoff , Remove GRS1 indexing related code
13:21 marcelr cait: if they are half english, why keep them?
13:21 cait why not keep them?
13:21 kidclamp #info discussion on maintenance/removal of ru-RU and uk-UA as they seem unsupported
13:21 marcelr because no one maintains them
13:21 cait if there is a bit translated, it's still helping
13:21 cait i can read a bit of russian
13:21 cait i can try to take a look
13:22 Joubu IIRC They were broken for a while, and nobody complained (ok it's not a valid reason)
13:22 josef_moravec joined #koha
13:22 edveal1 left #koha
13:23 Joubu The other way around is to push the onboarding patches and test the feature after it's in...
13:23 * Joubu is hidden already
13:23 cait i can still see you! :)
13:24 edveal1 joined #koha
13:24 marcelr yeah Joubu: why not dismiss the qa team
13:24 edveal1 left #koha
13:24 Joubu Yesterday Alex suggested to push it for English, then push it for other languages
13:24 cait the problem was that it breaks the ohter languages
13:24 Joubu to me it's not really acceptable to have a feature for English only
13:24 cait yeah
13:24 Joubu nobody will care for others for sure
13:24 cait so that's a big regression
13:24 cait maybe we can give it a bit more time?
13:24 Joubu if can still if else...
13:25 Joubu we can still if else...
13:25 cait if else?
13:25 Joubu if english: onboarding
13:25 Joubu else: no onboarding
13:25 cait ah
13:26 cait it hink we should offer it for all languages
13:26 drojf for all but english
13:26 cait as a goal - still time until release
13:26 drojf sorry
13:26 kidclamp need a vote or still discussion and waiting? I think maybe we should send something to list
13:26 Joubu it's on bug 17855 comment 166 (last one)
13:26 huginn Bug[…]_bug.cgi?id=17855 enhancement, P5 - low, ---, alexbuckley, Signed Off , Updated Koha web installer and new onboarding tool feature to guide users through setting up Koha
13:26 cait can we postpone it till next meeting?
13:26 kidclamp agreed
13:26 cait and see if it gets tested until then?
13:26 Joubu I sent something on the list already...
13:27 kidclamp indded you did :-)
13:27 Joubu yes, move on
13:28 kidclamp drojf?
13:28 drojf oh
13:28 * drojf panics
13:28 drojf i tried to backport/build all packages related to elasticsearch in koha. that includes getting libsearch-elasticsearch-perl into debian, backporting libcatmandu-perl 1.03* from debian unstable, packaging libcatmandu-store-elasticsearch-perl (not in debian yet) and some dependencies
13:28 drojf i had to change the package dependencies for some of the backports to make them work in debian jessie. i have emailed the maintainer to check if that may have any negative consequences, i don't think it does. they were build dependencies and the build worked anyway
13:28 drojf i have not uploaded it yet and i wonder if it makes sense to put it in a separate repository first. it could break dev setups and it might be nicer to have a choice
13:29 drojf i tried a koha + ES setup with it and indexing gave an error. it may or may not have anything to do with the packages. i have not investigated a lot.
13:29 oleonard [aside] drojf types fast when he panics
13:29 drojf i do
13:29 drojf :D
13:29 kidclamp #info discussion on onboarding tool - will table to next meeting to decide if push with english first and other langugages as they are tested or how to proceed
13:29 druthb [aside] /me chuckles
13:30 drojf that's all from me
13:30 drojf [aside] aside is the new off?
13:31 kidclamp #info Mirko is working on packaging ES dependencies but has hit an error or two - investigating as a separeate repository until all wrinkles ironed out
13:31 kidclamp #link Error Mirko encountered
13:31 kidclamp thanks Joubu drojf
13:32 kidclamp I just had a quick thing, working on facets a buit with elastic and hit some snags while trying to change language codes into display values
13:32 kidclamp I wondered if anyone had any thoughts on storing the display values in elastic when indexing as opposed to feteching them from codes when displaying
13:32 edveal joined #koha
13:33 Joubu You do not want to store the display values
13:33 kidclamp why?
13:33 Joubu if they change, you will have to reindex everything
13:33 kidclamp hmm...true
13:33 juan_s joined #koha
13:33 kidclamp how often do they change :-)
13:34 eythian kidclamp: you'll have to deal with multiple languages too
13:34 kidclamp ah, if they use translations, fair point
13:34 Joubu They should not change so often, but I do not think it's something to do
13:34 Joubu It's the same for other AVs
13:35 kidclamp good points all, thnak you - had only breifly thought so far
13:35 Joubu kidclamp: do you have a bug number to follow?
13:35 kidclamp will be followup to bug 17169 to add language facets
13:35 huginn Bug[…]_bug.cgi?id=17169 enhancement, P5 - low, ---, nick, Failed QA , Add facets for ccode to elasticsearch
13:36 kidclamp but language tables are ugly
13:36 Joubu yes they are...
13:37 kidclamp that is all for me
13:37 Joubu kidclamp: last time I played with that it was for bug 17762
13:37 huginn Bug[…]_bug.cgi?id=17762 enhancement, P5 - low, ---, jonathan.druart, Signed Off , Ability to translate notices
13:37 cait how would new ones get added?
13:37 cait i mean, where do you get the descriptons to feed into elastic?
13:37 Joubu There may be some things to help you
13:37 kidclamp #info kidclamp will followup 17169 with language facets
13:37 kidclamp currently they come from language tables cait
13:37 cait ah
13:37 kidclamp thanks Joubu
13:38 cait there was a bug somewhere to move those out of the db
13:38 cait there is no way for people to add translations there easily and htey are very incomplete
13:38 kidclamp ah, I briefly remember that
13:38 kidclamp I don't think we have guidleines to review today
13:38 cait i thik i'd prefer something that stores the language display text in a translatable file
13:38 Joubu bug 12017
13:38 huginn Bug[…]_bug.cgi?id=12017 enhancement, P5 - low, ---, bgkriegel, Patch doesn't apply , Move language description out of database
13:39 kidclamp #info bug 12017 may help with language code/display issues and solve other issues
13:40 kidclamp next meeting?
13:40 tcohen joined #koha
13:40 kidclamp or anyone else for discussion?
13:40 Joubu tcohen: tooooolate
13:40 kidclamp tcohen maybe :-b
13:41 marcelr tcohen: quickly introduce yourself
13:41 tcohen hi
13:42 tcohen #info Tomas Cohen Arazi
13:42 * tcohen is sick today, but here hehe
13:42 druthb [aside] applauds
13:43 kidclamp #topic Next meeting
13:43 Topic for #koha is now Next meeting (Meeting topic: Development IRC meeting 22 February)
13:43 kidclamp reviewing survey last meeting we think 19UTC may be better than 20, any opposition or support?
13:43 tcohen support
13:44 oleonard support
13:44 marcelr if we go to 13utc the time after
13:44 LibraryClaire marcelr they alternate :)
13:44 marcelr yes
13:44 kidclamp yes 13 works well for many of us :-)
13:44 marcelr i know
13:44 khall ack, missed everything ; )
13:45 kidclamp heh
13:45 kidclamp once we set date you can comment khall
13:45 kidclamp March 8, 19 UTC?
13:45 LibraryClaire 8th March 19 UTC?
13:45 * LibraryClaire is too slow
13:46 kidclamp LibraryClaire++
13:46 kidclamp +1
13:47 cait +1
13:47 oleonard +1
13:47 Joubu +1
13:47 barton +1
13:47 kidclamp #info Next meeting Wednesday, 8th March 19 UTC
13:47 kidclamp [aside] before the torrent of downvotes :-D
13:48 kidclamp #topic Update from the Release manager (17.05)
13:48 Topic for #koha is now Update from the Release manager (17.05) (Meeting topic: Development IRC meeting 22 February)
13:48 kidclamp khall?
13:48 khall Nothing too noteworthy to bring up
13:48 khall Enhanced overdrive integration has been pushed to master!
13:49 kidclamp #info Overdrive integration pushed
13:49 khall that's the only big thing I can think of
13:49 * oleonard is getting an error related to that... Will bring it up after the meeting
13:49 kidclamp thnaks khall
13:50 kidclamp last call?
13:50 kidclamp #endmeeting
13:50 Topic for #koha is now Welcome to the #koha IRC chat | Code of conduct -[…]/code-of-conduct/ | Please use for pastes | Installation guide for Koha is
13:50 huginn Meeting ended Wed Feb 22 13:50:35 2017 UTC.  Information about MeetBot at . (v 0.1.4)
13:50 huginn Minutes:        http://meetings.koha-community[…]-02-22-13.03.html
13:50 huginn Minutes (text): http://meetings.koha-community[…]7-02-22-13.03.txt
13:50 huginn Log:            http://meetings.koha-community[…]22-13.03.log.html
13:50 kidclamp thanks all
13:50 marcelr thx kidclamp
13:50 LibraryClaire kidclamp++
13:51 drojf can anyone tell me what versions of Catmandu and Catmandu::Store::Elasticsearch are used in kohadevbox? (or libcatmandu-perl and libcatmandu-store-elasticsearch-perl, but i think tcohen said they are cpan'd) -- kidclamp or Joubu maybe
13:51 NateC joined #koha
13:52 tcohen drojf: they are cpaned
13:52 Joubu drojf: are you running the last version of kohadevbox?
13:52 drojf tcohen: ah yes i typed that before you came in :D so it's the latest version from cpan?
13:52 Joubu and recreated one fresh box?
13:52 drojf Joubu: i am not running it at all
13:52 drojf i just want to know what versions you use :)
13:52 tcohen if you choose elasticsearch_version: '5.'
13:53 Joubu ok, so you need Catmandu::Store::ElasticSearch
13:53 Joubu not minus s[earch]
13:53 Joubu just what I said before the meeting
13:53 tcohen vagrant@kohadevbox:tmp$ pmvers Catmandu
13:53 tcohen 1.0305
13:53 tcohen vagrant@kohadevbox:tmp$ pmvers Catmandu::Store::ElasticSearch
13:53 tcohen 0.0504
13:53 drojf thanks tcohen that is what i was looking for
13:54 tcohen kohadevbox uses the packaged ones if elasticsearch_version = 1.x
13:54 tcohen just saying
13:54 tcohen not sure what are you trying to do
13:54 oleonard I'm getting an error in master when logging in to the staff client: "DBIx::Class::Storage::DBI::_dbh_execute(): Unknown column 'me.overdrive_auth_token' in 'field list' at /home/vagrant/kohaclone/Koha/ line 83"
13:55 oleonard Looks like a db update didn't run? I tried running updatedatabase manually and it didn't trigger anything.
13:55 drojf tcohen:[…]7-02-22#i_1910250
13:55 drojf i wanted to know if it is a problem with the version numbers. but the packaged ones are similar
13:55 kidclamp restart memcached and run update?
13:55 oleonard Ah good point I didn't try that
13:56 drojf i use 1.7 though
13:56 drojf maybe it works with 5.x
13:56 drojf ES that is
13:56 oleonard kidclamp++
13:56 * kidclamp shakes fist at memcached
14:04 tcohen drojf: could you evaluate packaging Mojo::JWT?
14:07 jzairo joined #koha
14:09 drojf tcohen: dpkg-deb: building package `libmojo-jwt-perl' in `../libmojo-jwt-perl_0.05-1_all.deb'
14:09 drojf seems to work ok
14:09 drojf no weird dependencies
14:10 drojf tcohen: for which bug?
14:12 tcohen @wunder cordoba, argentina
14:12 huginn tcohen: The current temperature in Cordoba, Argentina is 28.0°C (11:00 AM ART on February 22, 2017). Conditions: Partly Cloudy. Humidity: 70%. Dew Point: 22.0°C. Pressure: 29.95 in 1014 hPa (Steady).
14:13 tcohen drojf: I haven't filed it yet
14:13 magnuse @wunder enbo
14:13 huginn magnuse: The current temperature in Bodo, Norway is -4.0°C (2:50 PM CET on February 22, 2017). Conditions: Mostly Cloudy. Humidity: 64%. Dew Point: -10.0°C. Windchill: -10.0°C. Pressure: 28.80 in 975 hPa (Steady).
14:14 tcohen but basically adding and authentication endpoint
14:14 tcohen for third parties to consume our API
14:14 talljoy joined #koha
14:14 Scott-CSPL joined #koha
14:15 drojf tcohen: ok. the package seems easy to do. if you choose to use it tell me and i can open a bug at debian
14:15 JoshB joined #koha
14:15 tcohen drojf: please do :-D
14:15 drojf i don't want to maintain stuff that does not go into koha in the end :D so better use it then :P
14:18 tcohen fair enough
14:20 Joubu tcohen: What about the *£%ù# jenkins badges?
14:22 Joubu 16.11.x says  Clover Code Coverage - 57.8% method 5212/6417, conditional 8281/20570, statement 27361/43689.
14:22 Joubu Master says  Clover Code Coverage - 25.3% method 3203/5515, conditional 1329/18644, statement 11371/38665.
14:23 Joubu sounds weird...
14:23 Joubu ... and buggy
14:24 druthb @wunder 77098
14:24 huginn druthb: The current temperature in Montrose, Houston, Texas is 15.8°C (8:17 AM CST on February 22, 2017). Conditions: Clear. Humidity: 70%. Dew Point: 11.0°C. Pressure: 29.90 in 1012 hPa (Rising).
14:25 drojf Joubu: you need libtemplate-stash-autoescaping-perl for 13618? or you use a custom version? i am not sure if i understand the bug correctly
14:26 Joubu drojf: it does not work
14:26 Joubu the idea was to use a custom version, lighter
14:26 Joubu ... and buggy
14:26 Joubu :)
14:26 drojf ah ok you are removing it. my brain read the patch backwards. lol
14:26 Joubu I am stuck with this one
14:26 * drojf blames no coffee
14:29 kellym joined #koha
14:30 kellym heybywater we are training at Hudson County Community
14:30 khall hi kellym!
14:30 kidclamp Hi Kellym
14:31 kellym hi kidclamp
14:31 jzairo hi kellym
14:31 kivilahtio ashimema: I understand now why you didn't find the x-koha-authorization in the Swagger-spec such a good idea.  Looking at
14:31 kivilahtio I don't remember seeing this when I first started working with Swagger2
14:32 ashimema lol
14:32 kivilahtio ashimema: But looks like tehre is now a standard way of defining what permissions endpoints need and what permissions are available in the API
14:32 ashimema indeed
14:32 kivilahtio which is realyl nice
14:32 ashimema there has been for years mate.. that's what I was trying to get accross ;)
14:32 kivilahtio really?
14:32 kivilahtio I might have missed this because I completely tried to avoid any OAuth stuff back then
14:33 juan_r joined #koha
14:33 ashimema the oath scopes stuff has been there since I first started working with swagger ;)
14:33 kivilahtio ashimema: ok
14:33 kivilahtio ashimema: this is almost 100% what we have in Koha now.
14:33 ashimema I'm close to having an oath patch.. been fixing the library for the last week
14:33 kivilahtio ashimema: well. We'll look into replacing x-koha-permission with this
14:33 kivilahtio ashimema: what exactly does your OAuth2-patch do?
14:34 kivilahtio ashimema: I am looking into implementing a OAuth2 password-grant flow?
14:34 kivilahtio a very simplistic version without the authorization server component
14:34 ashimema it'll do all four flows ;)
14:34 ashimema and use JWT for transport..
14:34 ashimema will also allow for revoking of jst's using jti identifiers
14:34 kivilahtio ashimema: how did you manage to get JWT into OAuth2?
14:35 ashimema also.. tcohen is working on a first step to jwt auth route in koha's api whilst I'm still bashing this end out
14:35 kivilahtio ashimema: are you using it as the access_token?
14:35 ashimema easy.. the library supports it natively.. you just have to be sensible in your callbacks
14:36 ashimema access and refresh tokens are both jwt (I've not worked out how to do one but not the other)
14:36 kivilahtio ashimema: according to the spec, if you get the access_token, you must use it in the Authorization: Bearer <JWT>
14:36 tcohen
14:36 ashimema I would prefer an opaque refresh token I think.. though there's no real justification behind that
14:36 kivilahtio ashimema: you dont need much info in the refresh token?
14:36 ashimema yeah.. that's where it goes
14:37 ashimema nice owkr tcohen :)
14:37 kivilahtio tcohen: nice work
14:37 kivilahtio tcohen: your token endpoint is even the same as mine :)
14:37 ashimema my oauth is still a little way behind this.. working through amendments to the library has been time consuming
14:37 kivilahtio I have it drawn right here on my sheets
14:37 drojf tcohen: ok it seems that Mojo::JWT brings a lot of happiness to people ;)
14:38 tcohen hahah
14:38 * ashimema would impliment on oauth/token and oauth/authorize endpoints.. so there would be no collisions ;)
14:38 kivilahtio drojf: I am concerend about how to revoke it
14:38 kivilahtio ashimema: that is what you must do?
14:38 ashimema kivi.. you keep a copy of the jti and revoke that
14:38 kivilahtio ashimema: I speced it to /api/v1/auth as the authorization endpoint
14:38 kivilahtio ashimema: then /api/v1/auth/token as the token endpoint
14:39 ashimema what I do is keep a copy of the jti in the db, then short cache that so it's fast to lookup
14:39 kivilahtio ashimema: what do you mean short-cache?
14:39 kivilahtio ashimema: in memcached? In Mojo cache?
14:41 atheia left #koha
14:41 kivilahtio ashimema: tcohen: so is there anything I can do to help you out?
14:42 ashimema in my case I memcache it and then ensure I destroy that cache when you call revoke
14:42 kivilahtio I need to implement OAuth2 Password grant
14:42 edveal left #koha
14:42 kivilahtio ashimema: tcohen: I presume you are using Koha as the authorization server as well as the resource server?
14:42 * ashimema is currently working on all this.. explaining it is harder than just writing it and showing you ;)
14:42 tcohen kivilahtio: yes
14:43 tcohen it is a simple implementation to allow use of the API by third parties
14:43 ashimema tcohens stuff is a great first step.. my aim is a followup with the rest of the stack
14:43 tcohen ashimema is working on a proper OAuth2 server implementation using the Mojo plugin
14:43 kivilahtio tcohen: have you already done the Swagger-spec changes to change x-koha-auth to use the OAuth claims?
14:44 tcohen kivilahtio: nope, and I won't for now
14:44 kivilahtio tcohen: maybe we can do that
14:44 ashimema that will come with oauth
14:44 kivilahtio ok
14:44 * ashimema goes back to working on it instead of talking aobut it ;)
14:44 kivilahtio ok ok
14:44 kivilahtio ashimema: any idea when you have something to sign off?
14:45 ashimema weeks not days from now.. at least..
14:46 ashimema I'm working on oauth from 3 directions at the moment.. implimenting it in a pure mojo app we already have running.. using that for testing and clarifying understanding.. submitting bugfixes upstream to the oauth plugin and net::oath2::server distribution.. and then it'll be the koha piece
14:46 kivilahtio ashimema: sounds about what I was going to do
14:46 ashimema koha's got the most moving parts.. so i wanted to make sure I fully understood auth and the plugin before attacking the koha end
14:46 kivilahtio ashimema: I won't keep you from it then
14:46 kivilahtio me too
14:46 kivilahtio it is really confusing
14:47 ashimema well.. i'm roughly half way through.. so not on the koha bit yet.. writing the oauth lib patches and working with Lee allot at the moment
14:47 kivilahtio <tcohen> it is a simple implementation to allow use of the API by third parties
14:47 kivilahtio Doesnät Koha laready have a simple auth implemetnation?
14:48 kivilahtio tcohen:[…]ths/auth.json#L46
14:48 kivilahtio hmm
14:48 kivilahtio tcohen: maybe that never was shared with the community
14:48 tcohen i think you filed a bug, or was Julian
14:49 kivilahtio we have been using that simple username + password endpoint to get the CGISESSID via the API
14:49 tcohen but you made it dependent on a major rewrite
14:49 fridolin left #koha
14:49 kivilahtio ah yeah, now I remember
14:49 kivilahtio :)
14:50 kivilahtio tcohen: you can kopypaste our code :)
14:50 kivilahtio tcohen: actually the problem we have with this endpoint is the IP protection on the CGISESSID
14:51 kivilahtio the national OPAC has a load balancer which sends requests from a pool of incoming IP-addresses
14:51 kivilahtio so we need to figure out a way to authenticate securely without locking the session to IP
14:54 tcohen kivilahtio: you need to use my token-based authentication
14:54 kivilahtio tcohen: what do you mean?
14:54 kivilahtio tcohen: where is that
14:55 kivilahtio tcohen: or do you mean the work-in-progress -one?
14:55 tcohen that one, yes
14:56 tcohen i will try to attach it to a bug report, probably tomorrow once I get out of bed
14:56 kivilahtio nice
14:57 tcohen it is a small, not-perfect, implementation that allows creating a JWT to be used in a Bearer Authorization header
14:57 kivilahtio tcohen: is it based on Mojolicious?
14:57 kivilahtio Mojo::JWT
14:57 kivilahtio I guess so
14:58 eythian kivilahtio: what's wrong with using IP affinity on your load balancer?
14:58 pastebot "tcohen" at pasted "{ "/auth/token": { "post": { "" (48 lines) at
14:58 eythian or maybe persistance, but swings/roundabouts
14:58 kivilahtio tcohen: I was planning on having the API-client authorization as a Authorization: Basic <client apikeydigest>, <end-user crednetials JWT>
14:59 kivilahtio eythian: their load balancer
14:59 kivilahtio eythian: I don't know
14:59 eythian ah right
14:59 kivilahtio eythian: quite frankly I havenät thought about that
15:00 kivilahtio tcohen: I think we need to somehow have two credentials in the API request. One from the client, as the Basic-auth, and one from the end-user (Bearer JWT)whose credentials are used by the client
15:01 kivilahtio tcohen: well I don't really know. That was something I was hoping for.
15:01 kivilahtio tcohen: This way you can see from the request that there is a client who is using the api with somebody elses credentials
15:01 kivilahtio I think that is important
15:02 kivilahtio eythian: I wonder can we use IP affinity on their load balancer?
15:03 tcohen kivilahtio: i don't follow
15:03 tcohen not my best day, though
15:03 kivilahtio tcohen: me neither :)
15:03 eythian kivilahtio: you'll need to do your own research to see if it suits, but it's a way of avoiding some of the session issues that can happen with load balancing
15:03 kivilahtio maybe ashimema can comment on requiring both the client API Basic auth and the end-user Bearer JWT
15:04 eythian <-- tcohen
15:04 tcohen hahaha
15:05 kivilahtio C4::Search isnt that bad :)
15:05 kivilahtio I had to tweak it a bit
15:05 kivilahtio but it takes some years to get used to
15:05 kivilahtio :)
15:06 tcohen kivilahtio: my idea is that the API consumer has API credentials it can use through the /auth/token endpoint to get a JWT (generated by Koha) that it will use in further calls to the API as a Bearer in the Authorization header
15:06 kivilahtio I am fearful that the new Koha::SearchEngine might not be any better in the end. The problem is that you can never get rid of complexity by refactoring. You can only hide it better :)
15:07 kivilahtio tcohen: are you speaking of the Client credentials grant type?
15:07 tcohen sort of
15:07 kivilahtio sort of :)
15:08 tcohen i mean, i'm implementing that
15:08 kivilahtio ok
15:08 kivilahtio tcohen: so you have a explicit strong trust use-case
15:08 tcohen yes
15:09 kivilahtio tcohen: I don't want to give the API consumer itself any other permission that to use another users credentials to do stuff
15:09 tcohen my only problem is that as we have a strong trust use-case, what is the point of such complexity
15:09 kivilahtio tcohen: well this is just a glorified basic auth with Authorization: Basic API-consumer-id.api_secret
15:10 tcohen it is
15:10 tcohen that's why I'm in doubt about it
15:10 kivilahtio tcohen: I have to agree this OAuth2 is complex
15:10 kivilahtio tcohen: but if you think of the access_token as the CGISESSID equivalent
15:10 kivilahtio this doenst look so bad
15:10 kivilahtio and you upgrade the CGISESSID with JWT
15:11 tcohen that was the original idea
15:11 kivilahtio I guess the good thing is that there is a standard w ecan say our API follows
15:11 tcohen i'm hoping to see ashimema's Oauth2 implementation soon to QA it
15:12 tcohen in the meantime, we can have /auth/token and /auth/session
15:12 tcohen if you want ot
15:12 kivilahtio tcohen: this Client Credentials Grant is just password+username login using the shared secret
15:12 kivilahtio so it is good to havea formal recognition on it
15:12 kivilahtio tcohen: I think it would be better to have everything under OAuth2
15:13 kivilahtio tcohen: because the /auth/session is just a simple version of Resource Owner Password Credentials Grant
15:13 kivilahtio or is it?
15:14 kivilahtio hmm. looks like according to RFC6749 that the Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW          is needed
15:14 marcelr thx jajm++
15:14 kivilahtio so this would imply that this "Resource Owner Password Credentials Grant" can only be used with a shared api_secret
15:15 kivilahtio so then it would be different from the plain username+password in /auth/session
15:15 eythian kivilahtio: that contains a password, if that was a real password, you probably want to be changing it
15:15 kivilahtio eythian: thanks for the tip
15:15 kivilahtio
15:15 kivilahtio you can find the password from here :)
15:15 eythian hah
15:15 eythian as you were then :)
15:15 kivilahtio eythian: thank you for the warning tho!
15:16 jajm marcelr, np, tell me when other authority bugs await QA ;)
15:16 marcelr cool
15:16 marcelr i am struggling with 9988
15:16 marcelr but will be ready soon
15:16 eythian[…]e-OAuth-Protocol/ <-- while you're looking into oauth, this popped up the other day :)
15:19 kivilahtio eythian: just what I needed
15:19 kivilahtio eythian: I was kinda thinking that phew. I am getting things under control
15:19 eythian happy to help ;)
15:22 kholt joined #koha
15:23 tcohen Joubu: coverage is wrong because the run died due to missing dep (WebService/ILS/OverDrive/
15:23 tcohen )
15:25 kivilahtio tcohen: ashimema: How do you intende to register the API consumer (client) in Koha?
15:25 kivilahtio
15:25 kivilahtio I was planing on using the borrowers-table
15:26 kivilahtio Since there already is the api_key-table with borrowers
15:26 kivilahtio or atleast that is what jajm created when we were pushing the first patches
15:26 kivilahtio and I finalzied into somethin nice
15:26 kivilahtio This way every user in our library can make their own API key from OPAC
15:27 kivilahtio and start consuming our API with the permissions they have
15:27 kivilahtio I think this is great!
15:27 kivilahtio And this is one of the marketing things I use here to sell our API
15:27 kivilahtio that everyone can write thei own app to interact with Koha
15:27 tcohen kivilahtio: my plan is to resurrect those patches this week
15:28 tcohen stripping the Auth refactoring stuff
15:28 tcohen and have /auth/token use that table
15:28 tcohen to get the key/secret stuff
15:29 kivilahtio tcohen: dont hesitate to steal from here
15:29 kivilahtio[…]c/
15:29 tcohen kivilahtio: yes, that's on the bug, at least some version of it
15:29 kivilahtio it is important to use the Koha::ApiKeys
15:29 tcohen you asked what you could help with
15:29 kivilahtio instead of having all the code in the opac/
15:29 tcohen go remove the deps on the rewrite from Koha::ApiKeys
15:29 caboose__ joined #koha
15:30 kivilahtio tcohen: good idea
15:30 kivilahtio tcohen: I can port this feature to latest master soon
15:30 tcohen bug 13920
15:30 huginn Bug[…]_bug.cgi?id=13920 new feature, P5 - low, ---, julian.maurice, In Discussion , API authentication system - proposal
15:31 tcohen and remove the changes
15:31 tcohen just leave the CRUD
15:33 tcohen hm, it seems we only need to use Julian's patch
15:33 kivilahtio tcohen: yup
15:34 tcohen 38ºC, better than earlier :-D
15:36 jajm tcohen, kivilahtio, if you plan to resurrect bug 13920 i should warn you that there were strong opinions against it (iirc the main one was "don't write your own auth system, and use OAuth")
15:36 huginn Bug[…]_bug.cgi?id=13920 new feature, P5 - low, ---, julian.maurice, In Discussion , API authentication system - proposal
15:36 kivilahtio jajm: thanks for the warning
15:36 kivilahtio jajm: I agreee
15:36 kivilahtio jajm: Now we are using OAuth :)
15:36 jajm okay, cool :)
15:37 kivilahtio jajm: also I think we can get rid of the API key digest algorithm and use basic auth
15:37 kivilahtio because all traffic is via https
15:37 kivilahtio so just send the api_key and api_username plaintext in the Authorization-header
15:37 kivilahtio I guess this is what is intended in the OAuth2 spec
15:38 kivilahtio ""[17:36:47] <kivilahtio> jajm: Now we are using OAuth :)   ""     I meant we are moving to OAuth, not using it atm
15:40 jac joined #koha
15:41 kivilahtio jajm: tcohen: what do you think about changing the Swagger2-spec to YAML?
15:41 kivilahtio It is much much easier to read and edit in YAML
15:42 kivilahtio[…]gger/swagger.yaml
15:42 tcohen if I had time to invest, I'd rather spend it in migrating to OpenAPI
15:43 kivilahtio tcohen: we are already doing that
15:43 kivilahtio tcohen: lari has finished the work on the endpoints already pushed to master
15:43 kivilahtio tcohen: I guess it would have been kinda nice to tell you earlier
15:43 kivilahtio tcohen: we already have a ton of new endpoints lari has done
15:43 kivilahtio just check Lari Taskula in bugzilla
15:43 jajm kivilahtio, i think it's a matter of taste, both formats have pros and cons
15:44 kivilahtio jajm: So far I have far less issues with YAML than JSON.
15:44 kivilahtio jajm: but please share your cons of YAML?
15:46 jajm kivilahtio, what i don't like about yaml is that whitespaces are significant
15:47 tcohen I like YAML, because it is human-readable
15:47 kivilahtio jajm: I feel you. I have found out that it is easier to fix whitespace indentation issues than to find missing ending  punctuations
15:47 tcohen for JSON you better use a tool to edit the files
15:47 kivilahtio especialyl the neding pucntuations
15:47 kivilahtio especially the ending punctuations
15:48 kivilahtio but I remember disliking YAML for the whitespace. But hacing used Ansible quite too much, I kinda learned to love YAML
15:52 jajm kivilahtio, also i'm never sure about the types, for instance if you write "key: 42", is 42 a string or an int ? "key: true" string or boolean ? maybe i don't like yaml because i don't know it enough, but JSON is simpler :)
15:52 kivilahtio yeah
15:52 kivilahtio that was really awkward
15:53 jbeno joined #koha
15:54 CrispyBran joined #koha
16:00 TGoat joined #koha
16:17 LibraryClaire laters #koha
16:17 LibraryClaire left #koha
16:29 ashimema there's too much rambling to read back over all of that
16:29 * ashimema was collecting kids from school
16:29 ashimema But.. I think from the skim read that OAuth basically solves all over those issues.
16:30 ashimema please don't add client records to the borrowers table though.. that's a terrible idea
16:30 ashimema the point is that you need to identify all three parties involved in tansactions
16:30 ashimema client, resource and owner
16:30 ashimema Koha is the 'resource'.. or rather all the stuff in it is..
16:31 ashimema client is whatever system is consuming the api
16:31 ashimema and finally owner is the 'user' that wants to interact with the resource
16:31 ashimema you don't need to have two Auhorization headers at all
16:31 ashimema you need to use an OAuth flow..
16:32 ashimema for instance.. UserPassword flow as you seem to really like to use as an example
16:33 ashimema you hit the /token endpoint with the username+password of the 'owner' in the query parameters.. but there's nothing in there stopping you from having the client_name and client_password (i.e. client credentials) in the Authorization header as a BASIC auth..
16:33 ashimema that way you are doing two auths..
16:34 ashimema the header is being used to authenticated the 'client' is who it says it is.. and then the query parameters are being used to authenticated the 'owner' (i.e. user) that the client wants to act for.
16:34 ashimema you need to keep those parties seperate for the sake of sanity..
16:34 ashimema oh.. and PasswordAuth is the least secure of all methods.. it should only be allowed as a last resort
16:34 ashimema and... it shouldn't support refresh tokens
16:35 ashimema I think we should be focusing on implimenting Client Credentials Grant, Implicit Grant and Code Grant flows (but once you've done that it's not hard to also support Password Grant.. though I might suggest we don't for security reasons)
16:36 * oleonard has nothing to contribute but waves to ashimema
16:36 ashimema anywho.. the patch will include additional tables for storing clients
16:36 ashimema hi oleonard
16:36 ashimema ^ kivilahtio
16:36 ashimema /,e goes back to cook tea for kids and then will be hacking on OAuth again this evening
16:37 * cait copies oleonard
16:39 kivilahtio ashimema: if the password-grant is mixed with the client basic auth. I think that is very secure
16:39 kivilahtio possibly not as secure as the code-grant since you are redirected to a auth server
16:39 kivilahtio ashimema: but the password-grant implies that the password is coming from a trusted source
16:40 kivilahtio ashimema: I agree that it shoulnd't be used in the wild for public access
16:40 kivilahtio ashimema: I am using it more like in a priviledge escalation manner
16:40 kivilahtio ashimema: And I am planning to support refresh tokens, otherwise our 3rd party will jsut store our users passwords in their db
16:41 kivilahtio ashimema: see the link I posted about borrowers-table -> api_keys-table
16:41 kivilahtio ashimema:[…]c/
16:42 kivilahtio and from tcohen Bug[…]_bug.cgi?id=13920
16:42 huginn Bug 13920: new feature, P5 - low, ---, julian.maurice, In Discussion , API authentication system - proposal
16:42 kivilahtio ashimema: our users must be able to generate their own API-keys
16:42 kivilahtio ashimema: the SIP2-clients are borrowers-rows, their borrower category is AUTOMAT
16:42 kivilahtio ashimema: in the same fashion non-human API consumers can be AUTOMAT
16:42 kivilahtio ashimema: anyway gotta go home
16:42 kivilahtio wife misses ime
16:53 drojf joined #koha
16:58 dani_here joined #koha
17:14 rocio_ joined #koha
17:15 reiveune bye
17:15 reiveune left #koha
17:19 Guest1381 Project Koha_Master_D8 build #118: UNSTABLE in 1 hr 39 min: https://jenkins.koha-community[…]ha_Master_D8/118/
17:28 jls joined #koha
17:30 LibraryClaire joined #koha
17:39 gmcharlt @quote random
17:39 huginn gmcharlt: Quote #217: "<slef> maybe I should chew their legs off, then use the sharp bony end to kill kittens...?" (added by mtompset at 03:29 PM, September 26, 2012)
17:39 jls is today a bugfix release date? looked here but no longer seeing the calendar:[…]release-schedule/
17:40 jls just trying to identify why a new issue has surfaced at a few branch libraries.... thanks.
17:45 cait jls: yes, 16.11.04 has been released this morning
17:45 cait I think 16.05 is underway, 3.22 was a few days ago
17:46 jls yes but I thought there was a bugfix release on the 22nd of each month... We aren't scheduled for 16.11 yet.
17:46 jls trying to identify why a local issue has popped up today....
17:46 cait sometimes the date is a bit off
17:46 cait which version are you on?
17:46 jls 16.05
17:46 jls thanks
17:47 cait ah ok, i think mtj mentioned he was workin gon it this morning
17:47 cait best to watch the mailing list or the koha community website - it will be announced on both
17:47 jls okay
17:47 cait
17:47 cait have to leave - by all!
17:48 cait left #koha
17:55 SWITCH_Staff joined #koha
18:00 drojf bye #koha
18:07 kholt joined #koha
18:09 dani_here joined #koha
18:17 cait joined #koha
18:20 juan_s joined #koha
18:57 kholt joined #koha
19:00 juan_r joined #koha
19:01 squash joined #koha
19:11 squash joined #koha
19:25 kmlussier joined #koha
19:43 alexbuckley joined #koha
19:44 Francesca joined #koha
20:01 mtompset joined #koha
20:01 mtompset Greetings, #koha.
20:01 talljoy1 joined #koha
20:01 mtompset @seen mtj
20:01 huginn mtompset: mtj was last seen in #koha 12 hours, 31 minutes, and 37 seconds ago: <mtj> congrats cait++  - i am working on a 16.05.x release now
20:06 * druthb waves to talljoy, just because
20:06 talljoy hi!!!
20:06 talljoy how goes things?
20:06 druthb perking along.  Wedding in 10 days.
20:07 talljoy oh my gosh
20:07 * magnuse waves to #koha, just because
20:07 talljoy are you going to be staying in houston?
20:07 talljoy or moving to a new love nest/lair somewhere else?
20:07 druthb He's moved into my Lair.  :)
20:08 talljoy awesome!
20:08 * druthb waves to magnuse
20:09 * magnuse waves to druthb and talljoy
20:09 talljoy hi magnuse
20:09 magnuse hiya talljoy
20:11 magnuse @wunder enbo
20:11 huginn magnuse: The current temperature in Bodo, Norway is -4.0°C (8:50 PM CET on February 22, 2017). Conditions: Mostly Cloudy. Humidity: 74%. Dew Point: -8.0°C. Windchill: -11.0°C. Pressure: 28.82 in 976 hPa (Rising).
20:16 magnuse it's rather pretty now, with all the snow
20:23 kathryn joined #koha
20:47 juan_s joined #koha
20:59 jzairo joined #koha
21:20 kholt joined #koha
21:49 edveal joined #koha
21:50 kathryn joined #koha
21:52 oleonard joined #koha
21:53 kellym joined #koha
21:56 dani joined #koha
22:19 kholt left #koha
22:20 mtompset *sigh*
22:20 mtompset Anyone know why the OverDrive integration into OPAC is giving me an Internal Server Error?
22:21 mtompset Or more accurately, why is it even trying, when I don't have OverDrive enabled?
22:23 oleonard mtompset: I'll suggest what kidclamp_away suggested earlier: Restart memecached and run db update manually
22:23 oleonard That worked for me (kohadevbox)
22:24 mtompset I'm running this on an oldschool git install, not a kohadevbox.
22:24 mtompset I have no overdrive variables set.
22:25 mtompset I suspect this would work if i disabled, but had the variables set.
22:25 mtompset The problem being, I don't know what values to set the system preferences to.
22:25 mtompset because I am not subscribes to OverDrive.
22:25 mtompset ^subscribed
22:25 oleonard What's the error mtompset?
22:26 mtompset [Wed Feb 22 17:17:08.480655 2017] [cgi:error] [pid 7045] [client] AH01215: [Wed Feb 22 17:17:08 2017] overdrive: OverDriveClientKey pref not set at /home/mtompset/kohaclone/opac/svc/overdrive line 38., referer:[…]koha/
22:26 mtompset The URL is totally bogus.
22:27 mtompset I'm pretty sure the croak causes the internal server error visible in the opac.
22:27 mtompset Summary tab of opac-user.
22:28 mtompset slight lag, and then internal server erorr is inserted.
22:29 edveal mtompset is this happing for all searches in your opac?
22:29 mtompset and since there is a slight lag, I suspect this is some java script somewhere, but my tracing skills of javascript triggering is poor.
22:29 mtompset No...
22:29 mtompset I'm attempting to test bug 18118
22:29 huginn Bug[…]_bug.cgi?id=18118 normal, P5 - low, ---, mtj, Needs Signoff , Unexpected behaviour with 'GoogleOpenIDConnect' and 'OpacPublic' syspref combination
22:29 mtompset which caused me problems.
22:29 edveal ah ok
22:29 mtompset so I wrote bug 18144
22:29 huginn Bug[…]_bug.cgi?id=18144 normal, P5 - low, ---, mtompset, Needs Signoff , Removal of persona broke openidconnect
22:29 mtompset so then I applied 18144 and 18118
22:29 mtompset and tried to log in.
22:30 mtompset when it puts me on the opac/ page, I get the internal server error as part of the check out data table.
22:30 mtompset even though I have no overdrive stuff set.
22:30 dilan joined #koha
22:30 oleonard What about in master mtompset?
22:31 mtompset This is master.
22:32 mtompset On an oldschool -- NOT kohadevbox -- git install.
22:32 oleonard You just said you applied patches, so I assumed you were not testing master
22:32 mtompset OH... sorry, misunserstood.
22:32 mtompset Let me check.
22:33 magnuse joined #koha
22:33 mtompset Same problem on master with a regular log in.
22:34 phemmy joined #koha
22:34 edveal left #koha
22:35 mtompset So, if anyone has OverDrive set to work, if you could make note of your settings, set it to blank and turn off overdrive, and allow logins to your OPAC, I'm pretty sure you will see the problem on master.
22:35 phemmy hello anyone here to help on some technical docmentation pls
22:35 kholt joined #koha
22:35 mtompset phemmy: Perhaps. :) I never promise answers, though I try. :)
22:35 oleonard I don't get an error when logging in but I get when when searching in the opac. "Internal server error"
22:35 mtompset Do you have circulation?
22:36 mtompset I am using a practically empty DB, oleonard.
22:37 mtompset Fresh install, all sample data, one book imported via z39.50, reindexed, Koha Admin set to superlibrarian and username, password, and primary email address set.
22:38 mtompset phemmy: That was a kind of yes. What's the technical documentation help you need?
22:38 phemmy installation on my localserver
22:39 oleonard Interesting... I get an error when searching in the staff client too
22:40 mtompset phemmy: what do you mean installation on my local server? How to install Koha on a server?
22:41 phemmy on my system without internet that is on intranet
22:42 mtompset And what operating system is this server going to be running?
22:43 mtompset Is there anything else running on this server?
22:44 phemmy linux probably
22:44 talljoy cait do you know what the syspref 504MARC is in 16.11?
22:45 talljoy what does that relate to?
22:45 cait 504marcß
22:45 cait ?
22:45 cait is it really called 504marc? let me check
22:46 talljoy is it a german thing?
22:46 cait i am not seeing it in my installation
22:46 talljoy weird, it's in ours.
22:46 cait sorry,maybe i am misunderstanding you
22:46 cait which tab?
22:46 talljoy sorry not a syspref
22:46 talljoy it's a authorisedvalue category
22:46 cait ah
22:46 cait i don
22:46 * talljoy is tired = long day
22:46 cait t think that is standard
22:46 cait maybe they just added it?
22:47 mtompset phemmy: Then perhaps https://wiki.koha-community.or[…]ki/Koha_on_Debian is what you are looking for.
22:47 cait not standard
22:47 cait sorry, my hand is half asleep :)
22:47 talljoy well if it's not standard, then i'm not going to add it to my migration databases.
22:47 talljoy if it breaks we'll find out what it's for! ha
22:48 cait heh
22:48 cait 504 is a note field
22:48 cait not sure what you coudl authvalue there
22:48 talljoy jz just found it
22:48 talljoy bibliography note:  "includes index"  etc
22:49 talljoy i guess it's just a common note for some catalogers that can be linked to the 504 tag and frameworks.
22:49 cait yeah - but as you can't mix authvalue and free text entry... not sure how useful
22:49 talljoy ikr
22:49 cait do you see where it came from?
22:49 talljoy jz found it in her database.
22:49 talljoy and she got a random one from larry.
22:49 talljoy so it's a mystery.
22:49 talljoy and a non-sequitur
22:50 cait hm git grepped master, it's not turning up there
22:51 cait why did you ask if it was german? :)
22:51 talljoy we think it was just an old copy of a demo database highlighting the frameworks and ability to tie in to authorised values
22:51 talljoy oh, probably a typo, but you typed marc504ß
22:51 talljoy random reference.
22:51 cait ah
22:51 talljoy are you going to hackfest cait?
22:52 cait just because ? and ß are the same key on my keyboard
22:52 talljoy HA!
22:52 talljoy another mystery solved!
22:52 cait not this year I am afraid
22:52 cait :)
22:52 JoshB left #koha
22:53 talljoy bummer.
22:55 bag yeah BIG bummer
22:55 bag or BUMMER (that’s big)
22:55 cait talljoy: go to the crepes place
22:56 bag it is a requirement cait
22:56 cait think of me and order one with salted butter caramel :)
22:56 bag I’ll be there :)
22:56 talljoy crepes
22:56 talljoy mmmmmm
22:57 bag these are good ones talljoy
22:58 oleonard talljoy: Raise a glass or 4 to your absent comrades.
22:59 * talljoy plans to pack the aspirin
22:59 dani I barely remember the crepes, I think I was going on 24 hours without sleep at that point in Oct
22:59 talljoy don't go until i get there bag
22:59 oleonard I *know* I was on 24 hours without sleep.
23:00 bag talljoy: we’ll go monday night :)
23:01 bag yeah dani we did a ton in the first 36 hours
23:01 dani Yeah, I was so proud to have made it to Monday without crashing
23:01 dani ha
23:01 bag train tickets I need to buy train tickets
23:01 bag ok back in a sec
23:02 jamesb joined #koha
23:02 talljoy oooo  this is new for 16.11 yes?  Sereal/
23:03 talljoy dani you familiar with that?
23:03 talljoy i can't run without it
23:03 jamesb joined #koha
23:03 dani i am not
23:04 bag talljoy: do you fly home from marseille
23:04 talljoy mrs to lhs to dfw
23:04 talljoy with 24 hours in lhr
23:04 talljoy s/lhs/lhr/
23:04 cait @wunder lhr
23:04 huginn cait: The current temperature in London, United Kingdom is 11.0°C (10:50 PM GMT on February 22, 2017). Conditions: Light Rain. Humidity: 94%. Dew Point: 10.0°C. Pressure: 29.68 in 1005 hPa (Steady).
23:04 talljoy flying out of paris was economically impossible
23:04 cait aha!
23:05 bag ok thanks that’s all I needed to know :)
23:05 irma joined #koha
23:18 mtompset talljoy: Yes, that library is new, as far as I know.
23:21 talljoy yup getting installed now!
23:25 mtompset @wunder yyz
23:25 huginn mtompset: The current temperature in Toronto Pearson, Ontario is 5.0°C (6:00 PM EST on February 22, 2017). Conditions: Overcast. Humidity: 93%. Dew Point: 4.0°C. Windchill: 3.0°C. Pressure: 29.78 in 1008 hPa (Falling).
23:56 TGoat joined #koha

| Channels | #koha index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary