Time Nick Message
07:00 magnuse +o/
07:00 magnuse huh? oh well...
07:37 reiveune hello
07:37 wahanui kia ora, reiveune
07:58 alex_a Bonjour
07:58 wahanui hola, alex_a
08:41 sjamso Hello Everyone
08:44 sjamso I wanted to know if anyone had similar issue. I am not able to edit the framework. When I click on the edit fields i get the error http://paste.koha-community.org/27594
08:44 sjamso Please need your help...
08:58 cait1 sjamso: we need a bit more information
08:58 cait1 is this a new installation? updated? did it work before?
08:59 cait1 it looks like your schema might not be current
09:00 sjamso @cait1 Yes its a new installation. However the the records has been imported from old ststem
09:00 huginn sjamso: downloading the Perl source
09:02 sjamso I tried to import the working framework from old system, but it gives the same issue
09:03 cait1 how did you install and which version?
09:03 cait1 did you import the old database or just the records?
09:04 sjamso @cait1 I have install koha 20.11 through Koha package
09:04 huginn sjamso: downloading the Perl source
09:05 sjamso I just imported the records not database
09:05 liliputech_asu database seems not up to date, try to run script installer/data/mysql/updatedatabase.pl maybe?
09:06 liliputech_asu i think in the worst case it won't do anything, else, will create missing columns and other stuff needed to run your koha version
09:08 sjamso @liliputech_asu http://paste.koha-community.org/27595 I get this error when I run the updatedatabase.pl script
09:08 huginn sjamso: I suck
09:12 liliputech_asu sjamso: hhhhm maybe try to run the script from the top of koha source dir and not from installer/data/mysql dir?
09:16 cait1 more import
09:16 cait1 ant
09:16 cait1 you need to run it as the koha user
09:17 cait1 i think there is also a pacakge command.... koha-update-schema or so that can be run as root
09:17 wahanui okay, cait1.
09:17 cait1 oh wahanui
09:22 sjamso @cait1 koha-upgrade-schema library runs successfully but doesnot help solve my issue
09:22 huginn sjamso: I suck
09:23 cait1 hm
09:23 cait1 try to restart plack
09:23 cait1 and memcached
09:23 wahanui memcached is running
09:23 liliputech_asu sjamso: i don't have much more clues on my side
09:32 sjamso After starting plank and memcached I get different error now. On clicking edit subfield it says: Internal Server Error
09:35 liliputech_asu ouch. what says plack-error.log?
09:41 sjamso @liliputech_asu .. I get this error. http://paste.koha-community.org/27597
09:41 huginn sjamso: I'll give you the answer just as soon as RDA is ready
09:41 wahanui i already had it that way, huginn.
09:43 liliputech_asu sjamso: this is not plack-error.log, it looks like a webserver log
09:43 sjamso @liliputech_asu : http://paste.koha-community.org/27598 This is the error
09:43 huginn sjamso: I suck
09:45 liliputech_asu well, then your database is missing a column. but if updatedatabase script then there is no much to try. you could try to add this column yourself but seems risky
09:47 sjamso @liliputech_asu : Thank you so much for your help. I will try to look for ways to fix it. Thank you for your time
09:47 huginn sjamso: downloading the Perl source
09:53 huginn News from kohagit: Bug 27491: Fix t/Languages.t <https://git.koha-community.org/gitweb/?p=koha.git;a=commitdiff;h=1969157e1596a36fdf3d63507e2bbbf7a26ddc53>
10:21 cait1 tcohen: around?
10:25 ashimema mornin'
10:29 tcohen morning
11:09 oleonard mnorninmg
11:16 Joubu anyone familiar with NewItemsDefaultLocation?
11:16 Joubu good mnorninmg oleonard
11:22 oleonard Joubu: I'm not familiar with it but I'm curious what you're asking about
11:24 Joubu It is being used from additem.pl only, is that expected?
11:25 oleonard If it doesn't work when importing MARC records it wouldn't be useful to my library
11:26 ashimema cait1 still around?
11:34 Joubu oleonard: yes, it seems that we should apply it to any items created.
12:34 cait1 around again
12:34 cait1 just finished lunch break
12:34 cait1 what's up?
12:34 cait1 and tcohen... we need to talk! ;)
12:37 cait1 Joubu: but only if no other location is in the data, right?
12:38 ashimema there was a bug I was going to ask if you were still intending to QA
12:39 ashimema the auto renew notices one
12:39 ashimema then I found it doesn't apply anyway to I asked for a rebase
12:41 Joubu cait1: no, pref's value is picked for location
12:42 Joubu - if ( C4::Context->preference('NewItemsDefaultLocation') ) {
12:42 Joubu - $item->permanent_location($item->location);
12:42 Joubu - $item->location(C4::Context->preference('NewItemsDefaultLocation'));
12:42 Joubu this is what we do if the pref is set
12:58 tcohen hi, cait1
12:58 tcohen ashimema: amoyano is still on leave, so I'll try to rebase.
12:59 ashimema it's not a terrible rebase.. just a little time consuming perhaps... picking out the notice changes in the plethora of notice files
13:00 ashimema the quicker we move to just the one .yaml and pushing the translated burden into pootle for them all the better
14:09 oleonard Does it matter that Bug 27510 doesn't generate a file with complete HTML? Like, no <html>, <title>, <body> etc?
14:10 huginn Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27510 enhancement, P5 - low, ---, ivan.dziuba, Needs Signoff , Download the report in HTML format
14:21 Joubu oleonard, kidclamp: bug 27545
14:21 huginn Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27545 enhancement, P5 - low, ---, jonathan.druart, Needs Signoff , NewItemsDefaultLocation is only used from additem.pl
14:42 IgorAS Hi! Can you tell me how to link an analytical record with a serial publication? Entries in Unimarc.
14:43 caroline Sorry, I don't know Unimarc... but maybe with the EasyAnalyticalRecords syspref
14:45 caroline https://koha-community.org/manual/20.11/en/html/catalogingpreferences.html#easyanalyticalrecords
14:47 IgorAS Thanks! I will try.
15:00 cait1 tcohen: around still?
15:00 cait1 Joubu: ah, a temp location then ok
15:01 tcohen I am
15:01 cait1 ok
15:02 cait1 we need to implement 2 different things and are trying to use the rest api
15:02 cait1 one is a service for updating/adding patrons
15:02 cait1 the "master" is the database of the institution
15:02 cait1 koha is supposed to get updates nightly for new patrons and updates to patrons
15:02 cait1 so far ok?
15:03 cait1 I have seen htat PATCH (partial updates) is not implemented yet
15:03 cait1 so an idea was to get the patron data from Koha, make alterations and then push them in again
15:03 cait1 but we noticed that sme fields like password are missing
15:03 cait1 it's in the RFC but apparently not in the implementation - can you tell if that was intentional?
15:04 cait1 and what happens when you overwrite a patron in that case?
15:04 cait1 the goal woudl be to not change the password stored in Koha
15:05 cait1 tcohen: ping :)
15:05 tcohen I'm thinking
15:05 tcohen the password cannot be changed using the /patrons route as-is I think
15:06 cait1 there is a separate route for updating, just not sure about the behaviour of the patrons/
15:07 cait1 updating the password (https://wiki.koha-community.org/wiki/Patrons_password_endpoint_RFC)
15:08 tcohen our PUT on /patrons allows partial updates
15:08 tcohen because we made a mistake
15:08 cait1 oh
15:08 tcohen so
15:08 tcohen abuse it
15:08 tcohen :-D
15:08 cait1 and now we are keeping it this way?
15:08 cait1 so will it only update what you send or how does it work?
15:08 cait1 a bit of a bad thing to suddenly break on you :)
15:09 tcohen it is ok
15:09 cait1 https://wiki.koha-community.org/wiki/Patrons_endpoint_RFC has this big NOT IMPLEMENTED sign
15:10 cait1 the other issue is building an authentication service
15:10 tcohen can you elaborate?
15:10 cait1 using koha's patron database for authenticating against our ILL service
15:11 cait1 the ILL service has an API for that, we need to build the "in between" (it's nothing Koha supports out of the box)
15:11 tcohen so having Koha act as an identity provider
15:11 cait1 exactly
15:11 tcohen ok
15:12 cait1 they basically enter their cardnumber/userid + passwort in the ILL service and we need our API to respond if it's valid or not
15:12 cait1 hope that made sense
15:12 cait1 is the REST API a possible way to achieve that?
15:13 tcohen there was a but from olli for that
15:13 tcohen I suggest you implement that as a plugin
15:13 cait1 i think if we want to use teh rest api for discovery etc verifying a patrons login before showing checkouts etc. seems a standard use case
15:14 cait1 any other API we could use instead you'd recommend?
15:14 cait1 it seems some are using SIP? but that seems a bit horrible
15:14 tcohen I wrote a plugin like that a while back
15:14 tcohen it was a POC
15:14 tcohen for a self-payment machine
15:15 cait1 antoher idea we had was comparing to the password... but the rest API doesn't expose it
15:15 cait1 https://wiki.koha-community.org/wiki/Patrons_endpoint_RFC it's in the list here, but it isn't there
15:15 tcohen it is generally bad to have a middle party handed the patron credentials
15:16 tcohen that's why OAuth and friends were designed
15:16 cait1 meaning?
15:17 * ashimema hasn't read the above
15:17 ashimema but.. that generally means
15:17 ashimema "Don't ask for username + password as a third party'
15:17 ashimema instead
15:17 ashimema "Ask 'is this person who they say they are'"
15:18 ashimema and be happy with a 'yes/no' response
15:18 cait1 but you go to enter the password somewhere for that
15:18 ashimema yup
15:18 ashimema you have to get redirected into the first party system
15:18 tcohen you usually ask the identity provider to give you the yes/no answer
15:18 cait1 i don't think we offer that currently?
15:18 ashimema that first party system then varifies you are who you say you are
15:19 cait1 not with koha as the IDP
15:19 cait1 and then is the issue of legacy systems who can't implement that
15:19 tcohen I strongly suggest you implement a plugin route for that
15:19 ashimema and redirects you back with a 'yes it is, no it's not' token
15:19 ashimema pass.. I can't remember what level our OAuth got ti..
15:19 ashimema in reality OAuth sends back more than that..
15:20 ashimema it say's "yes it is person X and yes you are allowed to do a bunch of things for them as Y"
15:20 cait1 we'd want a patron category as well, i think most would for privileges
15:20 cait1 yep
15:20 * ashimema really wants to impliment full fat OAuth for Koha
15:20 cait1 I think most of waht we have in terms of auth is SP
15:21 ashimema though for 'just identifying a user'.. your more talking OpenID.. which is a subset really
15:21 cait1 tcohen: so the get patron not exposing hte password hash IS intentional? or oversight?
15:21 tcohen it is intentional
15:21 cait1 then we shoudl change the wiki
15:22 cait1 iwill do it
15:23 cait1 but... i believe a lot of systems need something like we want with the other things no option... and i feel like this has come up a lot
15:23 cait1 how would you solve it? don't you ever had to? what about VuFInd for an example?
15:25 cait1 is the driver still using ILS-DI?
15:25 tcohen it is probably using that
15:25 cait1 if i made a bug... what woudl i call the route? /patron/authentication ?
15:26 tcohen there's one from olli
15:26 tcohen to get a cookie from a user/pass combination
15:26 tcohen I'd go for that one
15:27 cait1 but cookie?
15:27 cait1 it seems more like something to log into koha
15:27 cait1 like properly
15:27 cait1 not just checking, the use case is impler here
15:32 cait1 it looks like ashimema killed the existing bug 17004 ;)
15:32 huginn Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17004 enhancement, P3, ---, koha-bugs, In Discussion , REST API: add route to authenticate patron (Single Sign On - SSO)
15:32 cait1 i cannot spot any other
15:32 cait1 and nothing from olli
15:33 ashimema I just haven't had a moment to get to it :(
15:33 ashimema would love for someone to try
15:34 cait1 as i said
15:34 cait1 i think oauth is not an option for every third party service
15:34 cait1 we should offer it
15:34 ashimema basically.. if we did it the way that was initially being suggested we'd have immediately opened up a bunch of security issues and failed pen tests
15:35 cait1 but not having any standard way to do it and people using sip etc to do it... seems not good
15:35 cait1 we currently allow login with url parameters
15:35 cait1 already
15:35 ashimema that's still different
15:35 cait1 in an api whre you can protect this, ti woudl be better
15:36 ashimema it's one thing letting a user stick a password in a URL..
15:36 ashimema it's another encouraging them to give their credentials away to the third party
15:36 cait1 but people are ending up doing just that
15:36 cait1 becuse there is no secure way to get that
15:37 ashimema the point is.. a user should be saying 'WTF.. why does thing X want my password for Y"
15:37 cait1 I can't imagine us being able to implement what you suggest in the service
15:37 ashimema that should basically never happen
15:37 cait1 it happens all th time
15:37 cait1 what else is SSO?
15:37 ashimema it's really bad practice
15:37 cait1 i enter my same credentials everywhere in a uni and it works
15:37 cait1 LDAP
15:37 cait1 to the user it's allt he same
15:37 ashimema LDAP is also bad...
15:37 cait1 shib might even have a common landing page
15:37 cait1 ldap not
15:37 ashimema it's why SSO was invented to replace it
15:37 ashimema SSO IS different
15:37 cait1 all the sip based auth for overdrive and such
15:38 cait1 not even encrypted by default
15:38 ashimema SSO does the exact thing I said above.. it does NOT ask the user for their username and password
15:38 cait1 i think by not providing an easy way to do safely, we end up with all this
15:38 cait1 yep, ldap being the better example here
15:38 ashimema it asks the user to go to somewhere they recognise and trust and ask them to verify who they are.
15:39 cait1 i'd hate us needind to fall back to ils-di for this
15:39 cait1 but atm it seems the only thing we can do
15:39 cait1 or sip
15:40 cait1 :(
15:40 cait1 thx for your help
15:40 cait1 tcohen++ ashimema++
15:40 cait1 or maybe we could build it into the backend
15:40 ashimema does koha really not offer any form of this yet..
15:40 ashimema I'm kinda shocked with all the work that's happened since that bug
15:40 cait1 if you and tcohen don't know..?
15:41 ashimema build into what backend.. a koha ILL backend?
15:41 cait1 yeah
15:41 cait1 because that's a piece we will ahve to get developed anyway
15:41 ashimema that already knows if a person is logged in or not
15:41 cait1 i know
15:41 cait1 but koha
15:41 ashimema what exactly is your workflow cait?
15:42 cait1 ill requests are made otside koha
15:42 cait1 we have a discovery based on vufind for that
15:42 ashimema and what is the very first thing that happens?
15:42 cait1 reimplementing the serach options that offers within koha would be insane
15:42 ashimema so do users not have to login prior to submitting an ILL request?
15:42 cait1 actually it happens after
15:43 cait1 it#s not a real login, afaik it's part of the equest form
15:43 ashimema from memory, VuFind has a driver that already uses Koha API's to do logins
15:43 cait1 we can't use the driver
15:43 ashimema ?
15:44 cait1 the driver as is still requires afull database access afaik and this is a modified vudind used by very many very different installations
15:44 cait1 the driver doesn't fit
15:44 * ashimema used the driver for years without issue.. lol
15:44 cait1 because your vufind was for one institution
15:45 cait1 i am not saying it doesn't work in general, i am saying we can't use it
15:45 cait1 in ours
15:45 cait1 it's not a standard vufind
15:45 ashimema ok
15:45 cait1 ... and if the driver requires ils-di.... that doesn't change anything
15:45 cait1 then we can just use ils-di
15:46 cait1 because the issue of setup and protection remains the same
16:06 reiveune bye