| # | Time | Nick | Message |
|---|
| # | 00:50:36 | jamesrf has joined #evergreen |
| # | 01:40:30 | dbs has quit IRC |
| # | 02:08:51 | atz_ has joined #evergreen |
| # | 02:11:16 | atz has quit IRC |
| # | 02:25:28 | atz__ has joined #evergreen |
| # | 02:27:22 | atz_ has quit IRC |
| # | 07:08:42 | Dyrcona has joined #evergreen |
| # | 07:13:33 | rsinger has joined #evergreen |
| # | 07:35:55 | alxp has joined #evergreen |
| # | 07:36:36 | shopkins has joined #evergreen |
| # | 08:10:06 | mck9 has left #evergreen |
| # | 08:10:16 | mck9 has joined #evergreen |
| # | 08:11:16 | atheos_dc has joined #evergreen |
| # | 08:14:09 | shopkins has quit IRC |
| # | 08:16:07 | atheos_dc | I'm interesting in making a change in our build of Evergreen, so that ALL new users are created with actor.usr_setting.opac.hold_notify='email' Basically, looking to change the default "opt-in phone & email" notifications for new users. Can someone point me into the right direction |
| # | 08:17:11 | jeff | something i've thought on. should be able to just change the default in the opac js. |
| # | 08:17:25 | jeff | such that users with no preference will get 'email only' |
| # | 08:17:35 | atheos_dc | correct |
| # | 08:17:49 | jeff | then, no need to auto-populate a user setting on actor creation |
| # | 08:21:51 | atheos_dc | jeff , if opac.hold_notify is not defined, phone notification is set to true in action.hold_request - making a user default to email and phone notifications if they've never adjusted their opac settings |
| # | 08:24:47 | jeff | tweak 'selected' in skin/default/xml/myopac/myopac_prefs.xml -- the logic in myOPACShowHoldNotify in skin/default/js/myopac.js and some tweaks to __holdsDrawWindow in skin/default/js/holds.js at minimum |
| # | 08:26:50 | atheos_dc | ok jeff, I'll look those over - Thanks for your input |
| # | 08:27:25 | cerpy has joined #evergreen |
| # | 08:39:51 | atheos_dc has quit IRC |
| # | 09:02:26 | Meliss has joined #evergreen |
| # | 09:17:36 | jenny has joined #evergreen |
| # | 09:28:16 | miker_ | grabbing 0369 |
| # | 09:29:06 | bshum has joined #evergreen |
| # | 09:29:09 | bshum has joined #evergreen |
| # | 09:32:08 | yboston has joined #evergreen |
| # | 09:36:06 | shopkins has joined #evergreen |
| # | 10:13:46 | shopkins has quit IRC |
| # | 10:19:43 | atheos_ has left #evergreen |
| # | 10:20:44 | shopkins has joined #evergreen |
| # | 10:36:26 | afterl has joined #evergreen |
| # | 10:37:29 | youdonotexist has joined #evergreen |
| # | 10:37:54 | moodaepo | jeff: Talking about the same old "email" as default notification, after looking through it for sometime I rationalized that if there is an email address for a patron they get notified anyway. So if the staff notice there's an email address in the hold receipt that pops-up they can ignore calling the patron. The overdues are set to run with patrons with email address get electronic notification and ones without print. Result: Leave it at phone/emai |
| # | 10:40:38 | tsbere | moodaepo: What if someone sets up an auto-caller? |
| # | 10:42:18 | moodaepo | tsbere: Right in that case it'd be better to default to email IF the patron has an email address or adds one on file. But for that we'd need a script running and checking the db. |
| # | 10:49:53 | atz__ | moodaepo: or just an action/trigger filter right? |
| # | 10:53:51 | jeff | moodaepo: our hold notification phone calls are automated, so we'll be working on the patch that allows us to set a different default if the patron doesn't have one explicitly set. |
| # | 10:55:11 | jeff | moodaepo: at time of hold request, if the patron has an email address we will default to email only. if the patron has no email but has a phone, we will default to phone only. if there are neither, the patron will only be notified if they list a phone number on that specific hold. |
| # | 10:55:50 | jeff | moodaepo: and of course all of this is just default with no patron preference saved. if the patron has specified a preference, we use that, and of course patron or staff can override all of this before clicking Place Hold |
| # | 10:57:32 | jeff | javascript pref for now, because i'd rather not delve into making it an OU setting (then do you set based on pickup lib or home lib, etc ;) |
| # | 10:57:44 | jeff | but i can see it being an ou setting later |
| # | 11:07:14 | agJohn has joined #evergreen |
| # | 11:09:13 | Dmagick has quit IRC |
| # | 11:09:13 | agJohn | Do any of you folks' libraries circulate uncataloged, donated paperbacks or similar types of items that you want to track CKO counts for, but do not barcode and do not want to charge fines for? If so, would you share how you have them set up? |
| # | 11:09:15 | leed has quit IRC |
| # | 11:10:09 | phasefx has quit IRC |
| # | 11:10:23 | agJohn | I can't figure out any way to associate circ rules w/ uncataloged copies--did I just miss it? |
| # | 11:10:39 | gdunbar has quit IRC |
| # | 11:11:09 | bshum | agJohn: I would imagine that noncat items follow the default circ rule. |
| # | 11:11:16 | bshum | Or the most generic one in your setup. |
| # | 11:11:16 | moodaepo is back at the desk |
| # | 11:11:22 | bshum | Since they wouldn't have any circ modifiers to control behavior. |
| # | 11:11:28 | bshum | (I think) |
| # | 11:11:35 | atz__ is now known as atz |
| # | 11:11:39 | Callender has quit IRC |
| # | 11:11:59 | bshum | We usually include a rule with no circ mod defined, to be a "catch all" |
| # | 11:12:51 | atz | presumably among the more restrictive rules |
| # | 11:12:54 | cerpy has quit IRC |
| # | 11:13:17 | phasefx_ | if using an actual "non-cat" checkout, the only rule is the loan period associated with the non-cat |
| # | 11:13:36 | phasefx_ | doesn't use circ scripts or in-db circ |
| # | 11:14:08 | agJohn | Good suggestions. Thanks much. |
| # | 11:14:10 | phasefx_ | when the due date hits, a non-cat circ will "fade away" from the patron's account |
| # | 11:15:23 | agJohn | Hmmm. Gotta go check settings; not the behavior the librarians are reporting.... |
| # | 11:15:52 | phasefx_ | if they're using barcodes at all (even fake barcodes taped to a monitor), they're not using non-cats |
| # | 11:17:19 | agJohn | Right; they claim they're doing Non-cat CKO's.... |
| # | 11:21:47 | moodaepo | jeff++ # For the explaining your desired setup. |
| # | 11:23:17 | phasefx_ | agJohn: so you should look in the non-cat editor |
| # | 11:23:39 | phasefx_ | non-cat's can be specific to libs too, or shared |
| # | 11:23:57 | moodaepo | atz: Yea action triggers would do well. I keep forgetting they exist since I haven't created one, do you know of any tutorial available or do I need to just dig in to an existing one? |
| # | 11:24:34 | atz | no good reference that I can recall |
| # | 11:27:41 | phasefx_ | moodaepo: you can gleam some stuff about A/T by looking at the db upgrade scripts that add A/T templates. They usually touch all the tables needed |
| # | 11:28:15 | dbs has joined #evergreen |
| # | 11:28:40 | moodaepo | Will do. I think dbs had mentioned he might do a blog post when he had time |
| # | 11:29:43 | moodaepo or became part of the Q continuum |
| # | 11:29:43 | dbs | speaking of the devil... |
| # | 11:30:14 | moodaepo | he appears |
| # | 11:33:33 | dbs reads through backscroll - ah, action/trigger |
| # | 11:34:35 | phasefx_ | moodaepo: also see http://markmail.org/message/n6ktuc2xevparakn |
| # | 11:35:01 | phasefx_ | need to wiki that |
| # | 11:36:58 | moodaepo | This might not be news to people but we just figured out it is quite important to set hours of operation. We didn't have hours set on the system level. Well librarians at HQ were trying to checkout items and it didn't work yesterday. But it works today. Turns out yesterday's checkouts would be due on Labour Day which we have set as a holiday. Well it then tries to find the next available open day but since at this level we hadn't set open hours it |
| # | 11:37:33 | dbs | damn you phasefx, I was just tracking that down :) |
| # | 11:38:47 | dbs | see also this thread: http://markmail.org/thread/rs2ntcum3krbmrga (perhaps useful for going through the puzzling-out process from the bottom up rather than the top-down from the GUI perspective) |
| # | 11:53:51 | phasefx has joined #evergreen |
| # | 12:01:56 | leed has joined #evergreen |
| # | 12:06:01 | _jschuyle_ has joined #evergreen |
| # | 12:09:36 | Dmagick_ has joined #evergreen |
| # | 12:12:27 | gdunbar has joined #evergreen |
| # | 12:13:00 | Callender has joined #evergreen |
| # | 12:31:43 | jamesrf has quit IRC |
| # | 12:33:10 | dbs has quit IRC |
| # | 12:34:12 | branflakes has joined #evergreen |
| # | 12:48:42 | dbs has joined #evergreen |
| # | 13:06:21 | mrpeters-isl_ has joined #evergreen |
| # | 13:51:25 | tsbere | phasefx, dbs, or anyone else who wants to chime in, would you guys prefer an initial launchpad entry that "describes" my patch with notes and patch attached after that, or is dumping my notes into the initial description and attaching the patch file ok? |
| # | 13:53:36 | gmcharlt | tsbere: I don't think it makes much of a difference, although having the initial description be a concise description of the change and adding the detailed notes as comments might be modestly easier for others to parse |
| # | 13:55:58 | miker_ | tsbere: you may be looking for "blueprints" on launchpad? |
| # | 13:56:19 | tsbere | Can blueprints have patches attached? |
| # | 13:58:25 | tsbere thinks that launchpad doesn't really have anything good category-wise for this patch to begin with, but was told he should submit it there and link to the launchpad entry in an email |
| # | 14:00:21 | jenny1 has joined #evergreen |
| # | 14:02:01 | dbs | LaunchPad blueprints are just highlevel descriptions of a work item that then link to the detailed stuff |
| # | 14:02:07 | phasefx | tsbere: or at least, that's an idea. Whatever is low barrier for you :) |
| # | 14:02:54 | jenny has quit IRC |
| # | 14:03:06 | dbs | a launchpad bug that contains the description + patch would be plenty; an email linking to it would be a bonus. but yeah, just getting it to the project in any way is awesome |
| # | 14:04:09 | phasefx | IRC is a bit ephemeral, though you have my attention; I just need to set aside time to play with it |
| # | 14:04:12 | jenny1 has left #evergreen |
| # | 14:04:46 | phasefx | email might reach others who are also interested |
| # | 14:07:25 | tsbere | I didn't want to post it, via email or launchpad, until I had the "Check for Updates" button/menu/whatever in place. Didn't seem "complete" for me until then. |
| # | 14:07:39 | tsbere | Since I did that yesterday, time to post it outside of IRC |
| # | 14:12:23 | phasefx | tsbere++ # not that you fall into this group, but there are folks out there in libraryland who don't share code because it doesn't feel "good enough" or "generalized enough", and we want to do what we can to make it easy |
| # | 14:14:19 | tsbere | phasefx: Sometimes, they are right. I have seen, and replaced, some very annoying code written in libraryland. |
| # | 14:14:57 | phasefx | easier for code to stagnate when it's unobserved |
| # | 14:15:24 | tsbere | Oh, no, in this case the code *was* being shared. |
| # | 14:15:36 | phasefx | I hope you get the itch to clean up all my annoying code :D |
| # | 14:16:23 | gmcharlt | tsbere: also, for a project that takes more than a few days, putting up a wishlist bug and stating that you're working on a patch for it lets you give people a heads up, identify possible sources of help, and increase our changes of avoiding duplicate effort |
| # | 14:16:52 | gmcharlt | i.e., IMO it's perfectly fine to use launchpad to signal work in progress |
| # | 14:17:35 | gmcharlt | not that talking on #evergreen, as you did, wasn't also a Good Thing |
| # | 14:17:48 | tsbere | True. But I forgot about launchpad and didn't see it mentioned on the website as a reminder until I was almost done. Anyone added it to the website yet? ;) |
| # | 14:19:32 | phasefx is game, just wants to see some "aye aye"'s that it's a good idea, and maybe past the "let's experiment with launchpad" stage |
| # | 14:20:13 | phasefx | it's certainly getting some use as a bug tracker |
| # | 14:20:27 | miker_ | phasefx: aye aye |
| # | 14:21:03 | phasefx | alright, I'll set aside some time to tweak the contributing doc and website, if dbs or someone doesn't beat me to it :) |
| # | 14:21:46 | phasefx | should still make it optional for folks wanting to share patches, for low barrier |
| # | 14:22:38 | dbs | sure |
| # | 14:22:53 | phasefx | what is using Safe in Evergreen? I had trouble upgrading it with cpan |
| # | 14:23:14 | miker_ | phasefx: action trigger IIRC |
| # | 14:23:59 | phasefx | ah, I remember seeing that now |
| # | 14:27:08 | tsbere has finished adding to launchpad and sending a message to the dev list |
| # | 14:35:15 | tsbere | I don't think I can change it from undecided to wishlist, though |
| # | 14:35:52 | atz | phasefx: yeah, otherwise, system access was totally exposed via template |
| # | 14:39:49 | phasefx | hey, what's wrong with a little print `rm -rf /`; ? |
| # | 14:40:07 | phasefx | #don't run that at home folks |
| # | 14:40:50 | gmcharlt | phasefx: so I should run it at work, instead? |
| # | 14:41:31 | tsbere | gmcharlt: No, you should run it at someone else's home, or someone else's work ;) #not really |
| # | 14:44:28 | phasefx | gmcharlt: yeah, they're insured |
| # | 14:45:11 | phasefx | hrm, though if you're using ssh to/from work, where would you be running it? |
| # | 14:45:43 | jamesrf has joined #evergreen |
| # | 14:47:38 | moodaepo | phasefx: heh I thought you run that before a backup test, no? |
| # | 14:49:03 | phasefx | moodaepo: I think you're right. We should add it to the Magic Spells page |
| # | 14:49:22 | gmcharlt | phasefx++ |
| # | 14:49:42 | moodaepo | gmcharlt: How was the vacation? |
| # | 14:49:52 | gmcharlt | short |
| # | 14:50:55 | moodaepo | Ah as always |
| # | 15:04:36 | alxp has quit IRC |
| # | 15:06:57 | bshum has quit IRC |
| # | 15:30:24 | Dyrcona has left #evergreen |
| # | 15:31:20 | atz | is there something wrong with tabs where inactivity is counted *per tab*? i have situations where i re-login with one tab, and then click reload on a 2nd and it prompts me immediately for a login again |
| # | 15:31:27 | atz | same w/ a 3rd, etc. |
| # | 15:36:07 | phasefx | in the staff client? curious, are you re-logging in via the oils proxy dialog embedded in the page, or by a xul pop-up dialog? |
| # | 15:36:43 | atz | both... usually the xul |
| # | 15:38:15 | phasefx | if you get an oils proxy login, I could see the rest of the client being blithely unaware of any new cookie that sets, and even overriding it later |
| # | 15:39:28 | moodaepo | What action trigger hooks are available by default? I see the list but is it just cosmetic or can they all be enabled? |
| # | 15:40:19 | phasefx | atz: but I thought dojo interaces at least are supposed to look fo xulG.get_new_session and use that when needed if it exists |
| # | 15:44:26 | phasefx | moodaepo: main thing I think is whether the code is actually firing events for those hooks (grep for the hook name to find examples of such). For example, in Money.pm, return $U->fire_object_event(undef, 'money.format.payment_receipt.print', $payments, $$payments[0]->xact->usr->home_ou); so there is a hook that templates can latch onto called money.format.payment_receipt.print |
| # | 15:44:32 | shopkins has quit IRC |
| # | 15:44:57 | phasefx | I forget the difference between active/passive here |
| # | 15:45:51 | phasefx | it's not an enabled/disabled thing, though |
| # | 15:46:40 | moodaepo | phasefx: Yup that was the plan if we didn't have a list somewhere and in /openils/conf/action_trigger_filters.json I just see an entry for checkout.due |
| # | 15:48:08 | mrpeters-isl_ has quit IRC |
| # | 15:48:45 | phasefx | and I forgot all about that file. For firing passive events? |
| # | 15:48:46 | dbs | moodaepo: there were two uses for "active" in the 1.6.0 interface, one of which meant "enabled" - in recent 1.6.0 versions that label has actually been changed to "enabled". can't remember where |
| # | 15:48:46 | moodaepo | Yea in the discussion you pointed to earlier it was clarified on IRC and dbs changed it in the staff client |
| # | 15:48:56 | dbs | heh |
| # | 15:49:25 | moodaepo | dbs++ |
| # | 15:51:16 | moodaepo | phasefx: > http://markmail.org/thread/lpdu77rrqmjq5sgu#query:+page:1+mid:rs2ntcum3krbmrga+state:results (first para active/passive) |
| # | 15:51:51 | moodaepo | As for that file, I'd also be interested to know when we need to use it/how |
| # | 15:55:03 | moodaepo | Well actually there berickson corrects dbs about "Active" but dbs's explanation applies to active/passive in the "hooks" tab. I think. |
| # | 15:55:15 | phasefx | anyone familiar with a dojo is not defined during workstation registration? my first console error is aout is not defined in OrgTree.js |
| # | 15:55:38 | collum has joined #evergreen |
| # | 15:55:44 | dbs | autogen.sh? |
| # | 15:55:48 | moodaepo | atz: I can confirm your issues with tab specific inactivity |
| # | 15:55:54 | phasefx | no errors with autogen.sh that I can see |
| # | 15:56:16 | dbs | dojo is installed? |
| # | 15:56:27 | dbs goes for the dumb things he usually stumbles over |
| # | 15:56:49 | phasefx | I can retrieve dojo.js from apache |
| # | 15:56:59 | senator | dbwells (or anyone else who may know): is there a limited set of possible values for 85{3,4,5} $i-$m (chronology captions)? all examples i can find only use year, season, month, week or day with or without parentheses, but is that the complete set of possibilities or no? |
| # | 15:58:20 | phasefx | though I don't see it actually trying to retrieve dojo.js in the apache logs during that sequence |
| # | 15:59:06 | dbs | senator: http://www.loc.gov/marc/holdings/hd853855.html also has an example with hour |
| # | 15:59:18 | gmcharlt | senator: no, I don't think it's constrained that that list. that said, as long as you handle the chron types you've identified (+ hour) and fail gracefully if something else gets put in, that's good enough |
| # | 15:59:20 | senator | dbs: thanks. i actually was just eyeballing that. |
| # | 15:59:21 | tsbere | phasefx: Did you check to see if Orgtree.js is corrupt? |
| # | 15:59:22 | Meliss has quit IRC |
| # | 15:59:44 | phasefx | tsbere: looks sane, and I'm using a stock org tree |
| # | 15:59:47 | senator | gmcharlt: all right, thanks |
| # | 15:59:57 | dbs | include "equinox" in there, just becaue |
| # | 16:00:26 | senator | IOW, one needn't be prepared for total anarchy in those subfields, but only reasonable units of time |
| # | 16:00:42 | gmcharlt | dbs++ # that chronology setting, when used, will pop up a message saying "Just right a ERMS, already" |
| # | 16:00:45 | dbs | I could imagine a farmer's almanac, vernal equinox |
| # | 16:00:47 | senator | haha @ dbs |
| # | 16:00:50 | gmcharlt | s/right/write/ |
| # | 16:00:57 | dbs | heh |
| # | 16:04:46 | tsbere | phasefx: How about data.js? That being requested/look sane? (server/OpenILS/data.js) |
| # | 16:06:24 | phasefx | not requested at that point in time, though it should be after workstation registration on subsequent logins |
| # | 16:08:48 | dbwells | senator: I concur with what others have said, thanks |
| # | 16:09:10 | tsbere | Near as I can tell, aout is defined in data.js, unless I missed it somewhere else in the javascript (not that I fully understand that part yet, though, and I am barely looking while working on two other things) |
| # | 16:11:00 | phasefx | it should be loaded after dojo.js, but it's not. aout would get defined by dojo.require('fieldmapper.AutoIDL'); in this case |
| # | 16:11:07 | atz | moodaepo, do tabs not share cookies? |
| # | 16:13:22 | phasefx | atz: the staff client keeps track of the auth token as a global variable, though it also sets a cookie for those embedded interfaces that expect one. if those interfaces change that cookie on their own, the client doesn't know, and it'll keep shoving a stale cookie on every page change |
| # | 16:14:07 | phasefx | we could get the client to just use the cookie as the definitive value of the authtoken |
| # | 16:14:19 | senator | dbwells: no, thank you |
| # | 16:14:23 | phasefx | and by global, I mean cross-window global |
| # | 16:14:59 | phasefx | well, that's still misleading. Forget global variable, but think singleton object that every window could access if it tried |
| # | 16:19:07 | atz | is that considered faster or more reliable than the cookie? |
| # | 16:20:35 | tsbere | Is there any support for saying "If I am in the xul app, ask the xul app to renew my auth, otherwise do the current method"? Because having anything other than the xul app ask for auth seems like over complicating matters when in it. |
| # | 16:21:17 | phasefx | it's a horrible kludge that preceded the invention of stuff like window.localStorage, and cookies weren't on my radar (this was before JSON as a way to serialize data) |
| # | 16:22:08 | dbs | tsbere: isXUL() mostly works |
| # | 16:22:52 | phasefx | tsbere: we don't check for a valid auth before hand, but any method that tries to use an invalid authtoken will return a NO_SESSION event. At that point, we go through the process of getting a new auth, and then retry the method. The xul part of the client exposes a method that content can use in this case to re-auth |
| # | 16:23:28 | phasefx | but if atz is seeing the oils proxy login prompt (which can work outside of the staff client), then that method isn't being invoked |
| # | 16:25:39 | tsbere | I thought that was how it was supposed to work, but I wasn't 100% sure what I saw where. Too much "autoupdate" focused code hunting the past week or so, combined with not fully caring about things that were working fine for me. |
| # | 16:26:40 | phasefx doesn't know how oils proxy gets triggered, just that it's implemented with an apache module |
| # | 16:27:57 | jeff | you request a page protected by it, and per apache directives the ses cookie is checked to ensure that it is valid and has a certain permission. |
| # | 16:28:13 | phasefx | what's probably happening is that if any page load happens before the dojo can tell the client, hey give me a new auth token, then the proxy steps in first and breaks thing |
| # | 16:29:36 | jeff | oils_proxy returns 200 OK on the login page. it probably shouldn't. |
| # | 16:29:48 | phasefx | could teach oils proxy to look for xulG.get_new_session |
| # | 16:30:05 | jeff | i don't think there's anything in the staff client that currently looks for not-200\OK, but it could. |
| # | 16:32:02 | phasefx | or could get the ses() method that all the xul interfaces use to look for a cookie instead of grabbing things out of the xpcom that OpenILS.data uses |
| # | 16:32:49 | phasefx | we'd have inconsistent interfaces for re-authing, but either would then work, and hey, the client is a frankenstein as it is anyway :) |
| # | 16:33:45 | phasefx | be fun to see interactions with operator change, expired sessions, and oils proxy though |
| # | 16:37:12 | phasefx | okay, r: dojo not found. I had switched environments, and in this new one, I was using dojo-release-1.3.3-src instead of simply dojo-release-1.3.3 |
| # | 16:38:03 | phasefx | so, -src doesn't work (at least without some sort of build process) |
| # | 16:38:42 | tsbere | Ahh |
| # | 16:38:45 | tsbere | I made that mistake once |
| # | 16:39:05 | phasefx | fun fun |
| # | 16:42:05 | tsbere | I think in src version you need to run build.sh in util/buildscripts |
| # | 16:43:21 | tsbere | not worth the effort, I think, I just made note to always use the release version. >_> |
| # | 16:45:00 | dbs | phasefx: pulling password from a cookie? that sounds some alarm bells |
| # | 16:45:16 | atz | dbs: no just the session key |
| # | 16:45:49 | dbs | atz: have you read the patch? var password = cgi.param('password') || dojo.cookie('password'); // looks an awful lot like a password to me |
| # | 16:46:38 | atz | oh, i thought you were replying to our talking about xul vs. cookie auth |
| # | 16:46:40 | phasefx | dbs: what patch is this? |
| # | 16:47:14 | dbs | r17176 - berick just committed it |
| # | 16:48:03 | dbs | part of Open-ILS/web/js/ui/base.js |
| # | 16:48:31 | berick | note the commit msg |
| # | 16:48:48 | dbs | noting, but I reserve the right to fret |
| # | 16:48:59 | berick | of course |
| # | 16:49:13 | atz | what external forces are putting our (valid) logins in cookies? |
| # | 16:50:34 | berick | imagine automating the setup of many self-check worksations, too many for humans to go to each and manage |
| # | 16:51:33 | atz | fair enough |
| # | 16:51:43 | berick | and imagine a tool to push cookie data (or any data) out to all of these workstations automatically |
| # | 16:51:54 | berick | FWIW, I'm all ears for alternate approaches |
| # | 16:52:16 | atz | would be nice to be all cert-based, but you can basically count on failed maintenance of certs |
| # | 16:52:16 | jeff | use trunk's "long term session" support instead, with a longer-than-session cookie? |
| # | 16:52:50 | berick | jeff: the problem is getting the session cookie in the first place |
| # | 16:52:56 | pmplett has joined #evergreen |
| # | 16:53:15 | berick | and the secondary problem is what happens when memcache goes down and every PC has to be re-logged in |
| # | 16:53:23 | jeff nods |
| # | 16:53:26 | berick | s/session cookie/authtoken/ |
| # | 16:53:30 | berick | same thing |
| # | 16:53:33 | berick | i guess ;) |
| # | 16:54:25 | berick | i agree this is less than ideal and my hope is that no one uses it and that those that do are well aware of the risks (and use SSL and lock down all cookie access) |
| # | 16:54:40 | phasefx | every machine/browser gets a unique UUID cookie on first connect, and UI somewhere vets (with data collected such as IP address, operating system, etc.), and associates each UUID with credentials, workstation names, settings, etc. |
| # | 16:54:51 | jeff | i agree that it is less than ideal, but don't have an alternative that doesn't require additional infrastructure. musing on it a bit. |
| # | 16:55:06 | jeff | infrastructure similar to that, yeah. |
| # | 16:56:59 | jamesrf has quit IRC |
| # | 16:57:29 | berick | phasefx: not totally following... |
| # | 16:58:30 | tsbere | berick: I think the idea would be "machine connects, gets a UUID cookie that can be written to the prefs file, and then an admin vettes the machine as auto-auth based on the UUID, the IP, the workstation ID, etc for a given purpose database side" |
| # | 16:58:59 | jeff | berick: admin interface giving "the following machines have tried to access the passwordless interface FOO. pick which ones you want to authorize and tell me what you want to authorize them to do" or similar. |
| # | 16:59:11 | jeff | then those uuids would get long term permission to do 'stuff' |
| # | 16:59:20 | phasefx | right |
| # | 16:59:39 | moodaepo | atz phasefx: Was away from the desk. Just to document how I tested the issue atz brought up and ya'll had huge long discussion about..I'm pasting the notes in paste lisp. |
| # | 16:59:42 | lisppaste | moodaepo pasted "tab specific inactivity monitor in staff client" at http://paste.lisp.org/display/113421 |
| # | 17:00:06 | jeff | lots of ways to do it server-side, and there are a few other options that perhaps don't require as much infrastructure |
| # | 17:01:06 | phasefx | moodaepo: muchos gracias. that's seems pretty borked, and unrelated to oils proxy |
| # | 17:01:10 | jeff | moodaepo: cool. that's about what i would expect, with the addition of the copy bucket fixme. :) |
| # | 17:02:08 | moodaepo | oh it's not oils proxy...well then it's a non-issue and I didn't understand what atz brought up aye (?) : ) |
| # | 17:02:43 | jeff | moodaepo: what version of evergreen is this? |
| # | 17:02:51 | moodaepo goes to scroll back |
| # | 17:02:59 | moodaepo | jeff: 1.6.0.6 |
| # | 17:03:19 | afterl has quit IRC |
| # | 17:04:02 | berick nods |
| # | 17:06:06 | phasefx | moodaepo: jeff: I'd expect for copy buckets to work in tab 2 after a new session was fetched in tab 1 :( |
| # | 17:06:28 | jeff | yeah, that was the unexpected for me. |
| # | 17:06:29 | moodaepo | Ok so the oils proxy is the one used when we use the browser not the staff client |
| # | 17:06:54 | phasefx | it's using ses(), which pulls from OpenILS.data, and the network code that does the juggling/dialog for new auth sets the data in the same location |
| # | 17:06:56 | moodaepo | phasefx: Let me try that again.. |
| # | 17:08:02 | agJohn | When attempt to use the SC's Admin | Server Administration options, I'm getting an error message. The Apache log say: |
| # | 17:08:04 | agJohn | Can't locate object method "home_ou" via package "au" at /openils/lib/perl5/OpenILS/WWW/Proxy.pm line 124.\n |
| # | 17:08:05 | agJohn | I'm logged in as admin (w/ a home_ou of 1--the consortium level). Huh? |
| # | 17:08:49 | agJohn | Nothing terribly exciting about the line in Proxy.pm: |
| # | 17:08:52 | agJohn | $ws_ou ||= $user->home_ou; |
| # | 17:08:58 | collum has quit IRC |
| # | 17:14:18 | phasefx | agJohn: my guess is that the open-ils.auth.session.retrieve method returned something other than a user object or a NO_SESSION event |
| # | 17:14:32 | jeff | but something that was still an object. |
| # | 17:15:06 | jeff | well... |
| # | 17:15:11 | jeff | nevermind me. |
| # | 17:16:06 | agJohn | phasefx: And that would suggest what to resolve it? (This is 1.6.0.6 and it happens with a fresh login and everything started cleanly/freshly....) |
| # | 17:16:11 | jeff | something that passed ref($user) in verify_login, but i don't know if that means "was still an object" in perl-pedantry :) |
| # | 17:16:32 | phasefx | I'd say put a use Data::Dumper; warn Dumper('agJohn user = ' . Dumper($user)); in there right before it blows up |
| # | 17:16:50 | jeff | agJohn: check osrfsys.log around that time? in theory, a call to open-ils.auth.session.retrieve returned something unexpected |
| # | 17:17:16 | phasefx | you'll notice jeff is more of a detective, whereas I like blowing stuff up |
| # | 17:17:40 | phasefx <- kept away from production systems |
| # | 17:18:55 | agJohn | Riiight.... |
| # | 17:19:22 | agJohn | osrfsys.log has lotta lines in there; searching for the needle.... |
| # | 17:19:24 | phasefx | exploratory surgery |
| # | 17:20:13 | tsbere does his detective work by way of blowing stuff up |
| # | 17:20:18 | tsbere is also a fan of Mythbusters |
| # | 17:20:55 | berick | almost sounds like fieldmapper (which sets the class hints -> package mapping) didn't load |
| # | 17:21:31 | berick | if there's no hint map for "au" it will bless the parsed object into an "au" object, instead of a fieldmapper::actor::user object |
| # | 17:22:21 | berick | hm, but if everything else is working, IDL/fieldmapper is probably fine |
| # | 17:23:09 | dbs | berick: apologies for the double-take on the cookie password thing. the additional context helps |
| # | 17:24:12 | jeff | agJohn: are you able to use other functions of the system, log in to the staff client, etc? |
| # | 17:24:28 | jeff | agJohn: or are you trying to log in to the initial interfaces to configure a new install? |
| # | 17:24:41 | jeff | agJohn: apologies, i think you already said you're getting there from the staff client to begin with. |
| # | 17:26:12 | dbs | agJohn: are you shutting down the staff client completely, or just logging off / logging on? |
| # | 17:26:48 | berick | dbs: double-take at will. it made me feel kinda dirty. |
| # | 17:26:50 | jeff | agJohn: in osrfsys.log there should be a "Retrieving auth session" line |
| # | 17:27:00 | dbs | $user is returned by verify_login($ses) |
| # | 17:27:10 | dbs | err, s/ses/auth_ses/ |
| # | 17:27:13 | agJohn | OK. Parsing.... |
| # | 17:27:57 | agJohn | jeff: Yes, all other functions work--including local admin stuff--it's just the system admin stuff that is grumpy. |
| # | 17:28:08 | tsbere has quit IRC |
| # | 17:29:38 | moodaepo | agJohn: Set the log level to 4 in opensrf_core to go looking for a real needle in the...that's how real cats debug. |
| # | 17:30:44 | agJohn | Log level's set to debug level. And yes, there is a "Retrieving auth session" line: |
| # | 17:30:46 | agJohn | open-ils.auth 2010-08-11 14:59:45 [DEBG:5269:oils_auth.c:563:] Retrieving auth session: 876c38f8a7916c986bcf79009cd769b8 |
| # | 17:30:47 | agJohn | Looks like a token to me.... |
| # | 17:31:09 | dbs | I was asking if you were shutting down the staff client because I was wondering if the session had timed out but the cookie was still in existence (until the browser/staff client is shut down) |
| # | 17:31:51 | phasefx | could take that token and try the method in srfsh: request open-ils.auth open-ils.auth.session.retrieve "token" and see what you get back |
| # | 17:32:20 | phasefx | (assuming the token hasn't been destroyed by logging out of the client) |
| # | 17:33:00 | agJohn | dbs: I have not shut it down since originally opening it and trying the failed functions; I'll test the token and then see what happens (but since this has been an on-going problem, I don't expect quitting/restarting SC to help). |
| # | 17:34:00 | moodaepo | agJohn: This seems to have cropped up before > http://www.mail-archive.com/open-ils-dev@list.georgialibraries.org/msg04685.html |
| # | 17:34:25 | moodaepo | What version EG are you running? |
| # | 17:34:39 | jeff | he's on 1.6.0.6 |
| # | 17:35:04 | agJohn | phasefx: Gives me all kinds of goo. Can I use the IDL stuff to figure out which element in the JSON record is the home-ou? Maybe I'll check out moodaepo's reference... (it's 1.6.0.6--with two hand-applied patches) |
| # | 17:35:34 | moodaepo | agJohn: No answer there just the same issue. |
| # | 17:35:35 | agJohn | phasefx: That is, the token is clearly valid and gives me back a long JSON record. |
| # | 17:35:46 | agJohn | Ah...well, dang... |
| # | 17:35:55 | agJohn | I like to have *new* issues.... |
| # | 17:37:19 | agJohn | But, yes, that's it exactly. |
| # | 17:37:34 | jamesrf has joined #evergreen |
| # | 17:38:41 | jeff | agJohn: in srfsh, does your received data begin with |
| # | 17:38:42 | jeff | Received Data: { |
| # | 17:38:42 | jeff | "__c":"au", |
| # | 17:38:42 | jeff | "__p":[ |
| # | 17:38:44 | jeff | ? |
| # | 17:39:43 | agJohn | Indeed it does; any point to pasting it to past.lisp.org? |
| # | 17:39:52 | agJohn | past > paste... |
| # | 17:40:31 | jeff | not much, but wouldn't hurt -- as long as you haven't populated private data in the admin user's fields. |
| # | 17:41:02 | dbs | I like phasefx's approach of adding a Data::Dumper call or 5 into Proxy.pm at this point |
| # | 17:41:19 | lisppaste | agJohn pasted "Authorized user goo" at http://paste.lisp.org/display/113422 |
| # | 17:41:39 | agJohn | dbs: I'll do it.... |
| # | 17:41:40 | jeff | dbs: agreed. |
| # | 17:41:43 | jeff | agJohn: do it! |
| # | 17:41:45 | jeff grins |
| # | 17:41:55 | dbs | now match up those fields with the fields defined in fm_IDL.xml for class id="au" |
| # | 17:43:09 | dbs | bah, looks like home_ou is coming across as 1 (just after "First name" of "Administrator") |
| # | 17:43:25 | dbs | all looks good there. off to the Dump! |
| # | 17:43:50 | dbs is off to home |
| # | 17:44:01 | dbs has quit IRC |
| # | 17:44:45 | yboston has quit IRC |
| # | 17:52:45 | jeffdavis has joined #evergreen |
| # | 17:53:52 | agJohn | phasefx: Sorry for the dum[bp] question, but where is that Data::Dumper output going to appear--I'm not seeing it in the osrfsys.log. Maybe I messed something up, but at least it compiled.... |
| # | 17:54:13 | jeff | agJohn: check apache error.log |
| # | 17:54:19 | agJohn | Ah... |
| # | 17:54:37 | jeffdavis | hi, I just noticed that your password appears in cleartext in the console output when you login to the staff client, which seems undesirable. |
| # | 17:54:45 | phasefx | agJohn: if it's an apache module, I'd expect apache log files. You could also output to a file. open FILE, ">/tmp/foo.txt"; print FOO Dumper(etc) . "\n"; close FILE; |
| # | 17:55:04 | jeff | agJohn: also, you'll need to have restarted apache after adding that line to Proxy.pm |
| # | 17:55:05 | phasefx | or better, >> /tmp/foo.txt |
| # | 17:55:50 | jeff | jeffdavis: agreed, it's "less than optimal" -- patch to hide it when the staff client's "developer/debug" mode isn't enabled would probably be welcome. |
| # | 17:55:58 | agJohn | jeffdavis--not a big deal; the whole install is hiding behind a firewall for now (and the client will set a different password later) |
| # | 17:56:02 | jeff | jeffdavis: is it a problem because you're logging the console to disk, or? |
| # | 17:56:31 | jeff | agJohn: i think jeffdavis was talking about a general concern of his, not the current troubleshooting process for your issue. :) |
| # | 17:56:32 | agJohn | jeffdavis--never mind.... |
| # | 17:56:35 | jeff | heh |
| # | 17:56:43 | jeffdavis | yeah sorry for the derail :) |
| # | 17:57:11 | jeffdavis | jeff: not a specific problem, just seems like maybe not good practice. |
| # | 17:57:23 | jeffdavis | It's easy enough to patch, just wanted to make sure it wasn't a deliberate choice. |
| # | 17:57:28 | agJohn | NP. |
| # | 17:57:30 | agJohn | Um, is there really any point in trying to dump this data from Proxy.pm when the data is clearly there.... |
| # | 17:57:36 | branflakes has quit IRC |
| # | 17:57:38 | phasefx | I didn't think the actual password was exposed in cleartext. humbug |
| # | 17:58:19 | phasefx | I must be overlooking it |
| # | 17:58:27 | agJohn | phasefx: probably only when the MD5 of the password happens to be the same as the cleartext ;-) |
| # | 17:58:56 | phasefx | ha, that's a nifty password |
| # | 17:58:59 | jeff | agJohn: the Dumper($user) call just before the $ws_ou ||= $user->home_ou; line should be helpful. |
| # | 18:00:04 | agJohn | Being a Perl innocent, I'm not getting the syntax right, presumably--not showing up anywhere. I have: |
| # | 18:00:06 | agJohn | warn Dumper('agJohn user = ' . Dumper($user)); |
| # | 18:00:08 | agJohn | $ws_ou ||= $user->home_ou; |
| # | 18:00:09 | agJohn | That "warn" is perhaps spurious? |
| # | 18:00:41 | jeff | no, the warn is useful because it will cause it to go to the error.log instead of print, which would (i think) send to the browser |
| # | 18:00:47 | jeff | but... |
| # | 18:01:02 | agJohn | Hey--anywhere's okay with me .... |
| # | 18:01:18 | phasefx | agJohn: you don't need two dumpers there |
| # | 18:01:20 | jeff | use this instead: warn "agJohn user = ", Dumper($user); |
| # | 18:01:27 | phasefx | jeff++ |
| # | 18:02:09 | phasefx | jeffdavis: where is the password being exposed? I see the md5sum that is part of the handshaking |
| # | 18:02:28 | jeffdavis | phasefx: xul/staff_client/chrome/content/auth/controller.js +414 in trunk |
| # | 18:02:34 | phasefx | thanks |
| # | 18:02:39 | agJohn | Ah, and perhaps I need to do an Apache reload for it to pick up on this rather than restarting the OSRF Perl modules.... |
| # | 18:02:45 | jeff | Dumper($object) returns a string-based representation of $object. we want to use "warn" to output the "agJohn user = " mark plus the dump |
| # | 18:02:56 | jeff | agJohn: yes, you will need to restart apache, and likely only apache. |
| # | 18:04:05 | jeff | agJohn: apache reload should be sufficient (restart not required) |
| # | 18:04:09 | phasefx | jeffdavis: ah, D_AUTH is disabled by default |
| # | 18:05:16 | phasefx | I can see it being bad if folks aren't careful, though |
| # | 18:05:21 | moodaepo | @wunder 56001 |
| # | 18:05:21 | pinesol | moodaepo: Error: "wunder" is not a valid command. |
| # | 18:05:32 | moodaepo Whoops |
| # | 18:05:40 | phasefx | say they enable D_ALL and log to disk |
| # | 18:06:21 | jeff | agJohn: the Dumper call should output $VAR1 = bless([an array goes here], 'Fieldmapper::actor::user' ); -- that's for a normal value, which we don't expect to find. I'm guessing we'll get an ILS Event object instead, not a Fieldmapper::actor::user |
| # | 18:06:55 | agJohn | Well, that's cool--I get messages from apache's error.log showing the user info and then it repeats itself... And then the screen comes up! Wha? I'll paste the results. |
| # | 18:07:04 | phasefx | one problem I find with Dumper and $logger (not sure about warn for Apache) is that the output can get truncated |
| # | 18:08:34 | lisppaste | agJohn annotated #113422 "From Dumper" at http://paste.lisp.org/display/113422#1 |
| # | 18:08:56 | jeffdavis | phasefx: hmm, looks like D_ALL and D_AUTH are both set to false on my install, is there another sdump level that would override my D_AUTH setting? |
| # | 18:09:03 | jeffdavis | (or possibly I am misunderstanding you) |
| # | 18:09:23 | agJohn | So, here I am looking at the Org Units screen with a messy error log, but otherwise all seems to be working... |
| # | 18:09:32 | jeff | i'll bet the restart of apache cleared the problem. |
| # | 18:09:33 | phasefx | jeffdavis: it could be a bug in how the logging works. My trunk client is not outputting D_AUTH lines to the console |
| # | 18:10:07 | agJohn | What's odd is that I'd just barely rebooted the whole Evg server.... And this stuff has never worked before.... Trying other options.... |
| # | 18:10:21 | jeff | agJohn: this could fall under the category of "heisenbug" |
| # | 18:10:35 | jeff | agJohn: if you reboot the whole thing it might cause it to happen again. |
| # | 18:10:44 | moodaepo | heisenbug++ jeff++ |
| # | 18:10:47 | agJohn | True enough... |
| # | 18:11:11 | jeff | agJohn: since after this reboot, you'd have no reason to restart apache after editing the Proxy.pm file. |
| # | 18:11:12 | phasefx | heisenburger, where's the beef? |
| # | 18:11:19 | moodaepo wonders wouldn't this be a heisenfix? |
| # | 18:11:48 | jeff | moodaepo: only if adding the Dumper call turns out to have fixed it, and not the apache restart being what fixed it ;-) |
| # | 18:12:01 | agJohn | Well, better call the client and have her get on it right now--despite the late hour.... Heisenfix++ |
| # | 18:12:20 | jeff | agJohn: i've got to run, good luck on reproducing. i'll look back later tonight to see if you were able to reproduce and what the output of the Dumper call was! |
| # | 18:12:28 | moodaepo | jeff: Well this has been a recurring problem which got fixed only by adding Dumber & then restarting apache |
| # | 18:12:37 | moodaepo | If it returns after a complete restart... |
| # | 18:12:52 | jeffdavis | phasefx: bah nevermind, I was looking at trunk instead of at my actual staff client; D_AUTH is set to dump so it's working correctly |
| # | 18:12:54 | jeffdavis | so a local config problem rather than a bug |
| # | 18:13:02 | phasefx | jeffdavis: maybe forceDebugDump? ah, okay :) |
| # | 18:13:02 | agJohn | Job 1 is to get the setup for the client done--I'll fiddle with it later.... |
| # | 18:13:33 | agJohn | Thanks gents, 1 & all! |
| # | 18:13:46 | phasefx | jeffdavis: I've always wanted to make a local interface for overriding the server-side error.js values, but never do |
| # | 18:14:34 | moodaepo | phasefx: On my wishlist is to add an option where staff can click send debug output to admin and it send the admin an email with the log. |
| # | 18:16:24 | phasefx | moodaepo: one thing SITKA did I thought was neat was set up URL strings such they could parse their apache logs for certain errors |
| # | 18:16:34 | jeffdavis | I guess the easiest thing for us might be to modify our locale so it doesn't include the password in the staff.auth.controller.error_login string |
| # | 18:17:15 | moodaepo | phasefx: I wonder if it's documented somewhere, must be since they are just awesome. |
| # | 18:17:35 | phasefx | jeffdavis: in my head I think the only reason that option was there at all was as a way of seeing if the password staff thought they were entering was really being entered |
| # | 18:17:58 | phasefx | moodaepo: in a launchpad ticket about inner print tree, it was mentioned |
| # | 18:18:47 | phasefx | at this point in the life of the staff client, I'd be happy to see some heavy pruning of debug output.. especially the stuff going out with raw dumps and not using error.js |
| # | 18:19:30 | phasefx | of course, I say that, and then someone will hit me with a problem where I wish there was more debug output available :) |
| # | 18:20:19 | phasefx takes a break *waves* |
| # | 18:21:03 | phasefx | but I bet it would speed things up a bit (less I/O) |
| # | 18:25:58 | youdonotexist has quit IRC |
| # | 18:51:12 | jeffdavis is now known as jeff-afk |
| # | 20:08:07 | rjackson-isl has quit IRC |
| # | 20:11:04 | bshum has joined #evergreen |
| # | 20:23:25 | jamesrf has quit IRC |
| # | 20:43:53 | bshum has quit IRC |
| # | 21:58:24 | dbs has joined #evergreen |
| # | 22:03:06 | pmplett has quit IRC |
| # | 23:23:50 | pmplett has joined #evergreen |
| # | 23:39:59 | jeff-afk is now known as jeffdavis |
| # | 23:48:43 | dbs | yay bibliomation! http://biblio-os.blogspot.com/2010/08/you-came-you-saw-you-ate-some-ice-cream.html |
April 10-13