Koha-community
/
Koha
14
4
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Bug 17268: Update patchs per RFC 

https://wiki.koha-community.org/wiki/Advanced_editor_macros_endpoint_RFC

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
20.05.x
Nick Clemens 2 years ago
committed by Martin Renvoize
parent
c34eb3c950
commit
240b52170b
Signed by: martin.renvoize GPG Key ID: 422B469130441A0F
5 changed files with 64 additions and 64 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      Koha/REST/V1/AdvancedEditorMacro.pm
  2. 16
      api/v1/swagger/paths.json
  3. 8
      api/v1/swagger/paths/advancededitormacros.json
  4. 12
      koha-tmpl/intranet-tmpl/prog/en/includes/cateditor-ui.inc
  5. 86
      t/db_dependent/api/v1/advanced_editor_macros.t

6
Koha/REST/V1/AdvancedEditorMacro.pm
View File

@ -72,7 +72,7 @@ sub get {
}
if( $macro->shared ){
return $c->render( status => 403, openapi => {
error => "This macro is shared, you must access it via advancededitormacros/shared"
error => "This macro is shared, you must access it via advanced_editor/macros/shared"
});
}
warn $macro->borrowernumber;
@ -104,7 +104,7 @@ sub get_shared {
}
unless( $macro->shared ){
return $c->render( status => 403, openapi => {
error => "This macro is not shared, you must access it via advancededitormacros"
error => "This macro is not shared, you must access it via advanced_editor/macros"
});
}
return $c->render( status => 200, openapi => $macro->to_api );
@ -180,7 +180,7 @@ sub update {
if( $macro->shared == 1 || defined $c->validation->param('body')->{shared} && $c->validation->param('body')->{shared} == 1 ){
return $c->render( status => 403,
openapi => { error => "To update a macro as shared you must use the advancededitormacros/shared endpoint" } );
openapi => { error => "To update a macro as shared you must use the advanced_editor/macros/shared endpoint" } );
} else {
unless ( $macro->borrowernumber == $patron->borrowernumber ){
return $c->render( status => 403,

16
api/v1/swagger/paths.json
View File

@ -68,17 +68,17 @@
"/checkouts/{checkout_id}/allows_renewal": {
"$ref": "paths/checkouts.json#/~1checkouts~1{checkout_id}~1allows_renewal"
},
"/advancededitormacros": {
"$ref": "paths/advancededitormacros.json#/~1advancededitormacros"
"/advanced_editor/macros": {
"$ref": "paths/advancededitormacros.json#/~1advanced_editor~1macros"
},
"/advancededitormacros/{advancededitormacro_id}": {
"$ref": "paths/advancededitormacros.json#/~1advancededitormacros~1{advancededitormacro_id}"
"/advanced_editor/macros/{advancededitormacro_id}": {
"$ref": "paths/advancededitormacros.json#/~1advanced_editor~1macros~1{advancededitormacro_id}"
},
"/advancededitormacros/shared": {
"$ref": "paths/advancededitormacros.json#/~1advancededitormacros~1shared"
"/advanced_editor/macros/shared": {
"$ref": "paths/advancededitormacros.json#/~1advanced_editor~1macros~1shared"
},
"/advancededitormacros/shared/{advancededitormacro_id}": {
"$ref": "paths/advancededitormacros.json#/~1advancededitormacros~1shared~1{advancededitormacro_id}"
"/advanced_editor/macros/shared/{advancededitormacro_id}": {
"$ref": "paths/advancededitormacros.json#/~1advanced_editor~1macros~1shared~1{advancededitormacro_id}"
},
"/patrons": {
"$ref": "paths/patrons.json#/~1patrons"

8
api/v1/swagger/paths/advancededitormacros.json
View File

@ -1,5 +1,5 @@
{
"/advancededitormacros": {
"/advanced_editor/macros": {
"get": {
"x-mojo-to": "AdvancedEditorMacro#list",
"operationId": "listMacro",
@ -127,7 +127,7 @@
}
}
},
"/advancededitormacros/shared": {
"/advanced_editor/macros/shared": {
"post": {
"x-mojo-to": "AdvancedEditorMacro#add_shared",
"operationId": "addsharedAdvancedEditorMacro",
@ -184,7 +184,7 @@
}
}
},
"/advancededitormacros/{advancededitormacro_id}": {
"/advanced_editor/macros/{advancededitormacro_id}": {
"get": {
"x-mojo-to": "AdvancedEditorMacro#get",
"operationId": "getAdvancedEditorMacro",
@ -350,7 +350,7 @@
}
}
},
"/advancededitormacros/shared/{advancededitormacro_id}": {
"/advanced_editor/macros/shared/{advancededitormacro_id}": {
"get": {
"x-mojo-to": "AdvancedEditorMacro#get_shared",
"operationId": "getsharedAdvancedEditorMacro",

12
koha-tmpl/intranet-tmpl/prog/en/includes/cateditor-ui.inc
View File

@ -702,7 +702,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr
var shared = macroEditor.activeMacroShared;
var id = macroEditor.activeMacroId;
macroEditor.activeMacroId = null;
api_url = "/api/v1/advancededitormacros/";
api_url = "/api/v1/advanced_editor/macros/";
if( shared ) { api_url += "shared/" }
let options = {
url: api_url + id,
@ -741,7 +741,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr
return;
}
$( '#macro-list li[data-name="' + name + '"][data-id="' + id + '"]' ).addClass( 'active' );
api_url = "/api/v1/advancededitormacros/";
api_url = "/api/v1/advanced_editor/macros/";
if( shared ) { api_url += "shared/" }
let options = {
url: api_url + id,
@ -792,7 +792,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr
} );
$.each( macro_list, function( index, macro ) {
let options = {
url: "/api/v1/advancededitormacros/",
url: "/api/v1/advanced_editor/macros/",
method: "POST",
contentType: "application/json",
data: JSON.stringify({
@ -838,7 +838,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr
$("#macro-toolbar").prepend($convert);
}
let options = {
url: "/api/v1/advancededitormacros/",
url: "/api/v1/advanced_editor/macros/",
method: "GET",
contentType: "application/json",
};
@ -866,7 +866,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr
// if ( !Preferences.user.macros[name] ) storeMacro( name, { format: "rancor", contents: "" } );
let options = {
url: "/api/v1/advancededitormacros/",
url: "/api/v1/advanced_editor/macros/",
method: "POST",
contentType: "application/json",
data: JSON.stringify({
@ -903,7 +903,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr
if ( !name || macroEditor.savedGeneration == macroEditor.changeGeneration() && was_shared == shared ) return;
macroEditor.savedGeneration = macroEditor.changeGeneration();
api_url = "/api/v1/advancededitormacros/";
api_url = "/api/v1/advanced_editor/macros/";
if( shared || was_shared ) { api_url += "shared/" }
let options = {

86
t/db_dependent/api/v1/advanced_editor_macros.t
View File

@ -85,7 +85,7 @@ subtest 'list() tests' => sub {
my $macros_index = Koha::AdvancedEditorMacros->search({ -or => { shared => 1, borrowernumber => $patron_1->borrowernumber } })->count-1;
## Authorized user tests
# Make sure we are returned with the correct amount of macros
$t->get_ok( "//$userid:$password@/api/v1/advancededitormacros" )
$t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros" )
->status_is( 200, 'SWAGGER3.2.2' )
->json_has('/' . $macros_index . '/macro_id')
->json_hasnt('/' . ($macros_index + 1) . '/macro_id');
@ -93,25 +93,25 @@ subtest 'list() tests' => sub {
subtest 'query parameters' => sub {
plan tests => 15;
$t->get_ok("//$userid:$password@/api/v1/advancededitormacros?name=" . $macro_2->name)
$t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?name=" . $macro_2->name)
->status_is(200)
->json_has( [ $macro_2 ] );
$t->get_ok("//$userid:$password@/api/v1/advancededitormacros?name=" . $macro_3->name)
$t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?name=" . $macro_3->name)
->status_is(200)
->json_has( [ ] );
$t->get_ok("//$userid:$password@/api/v1/advancededitormacros?macro_text=delete 100")
$t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?macro_text=delete 100")
->status_is(200)
->json_has( [ $macro_1, $macro_2, $macro_4 ] );
$t->get_ok("//$userid:$password@/api/v1/advancededitormacros?patron_id=" . $patron_1->borrowernumber)
$t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?patron_id=" . $patron_1->borrowernumber)
->status_is(200)
->json_has( [ $macro_1, $macro_2 ] );
$t->get_ok("//$userid:$password@/api/v1/advancededitormacros?shared=1")
$t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?shared=1")
->status_is(200)
->json_has( [ $macro_2, $macro_4 ] );
};
# Warn on unsupported query parameter
$t->get_ok( "//$userid:$password@/api/v1/advancededitormacros?macro_blah=blah" )
$t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros?macro_blah=blah" )
->status_is(400)
->json_is( [{ path => '/query/macro_blah', message => 'Malformed query string'}] );
@ -143,26 +143,26 @@ subtest 'get() tests' => sub {
}
});
$t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/" . $macro_1->id )
$t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/" . $macro_1->id )
->status_is( 403, 'Cannot get a shared macro via regular endpoint' )
->json_is( '/error' => 'This macro is shared, you must access it via advancededitormacros/shared' );
->json_is( '/error' => 'This macro is shared, you must access it via advanced_editor/macros/shared' );
$t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/shared/" . $macro_1->id )
$t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/shared/" . $macro_1->id )
->status_is( 200, 'Can get a shared macro via shared endpoint' )
->json_is( '' => Koha::REST::V1::AdvancedEditorMacro::_to_api( $macro_1->TO_JSON ), 'Macro correctly retrieved' );
$t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/" . $macro_2->id )
$t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/" . $macro_2->id )
->status_is( 403, 'Cannot access another users macro' )
->json_is( '/error' => 'You do not have permission to access this macro' );
$t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/" . $macro_3->id )
$t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/" . $macro_3->id )
->status_is( 200, 'Can get your own private macro' )
->json_is( '' => Koha::REST::V1::AdvancedEditorMacro::_to_api( $macro_3->TO_JSON ), 'Macro correctly retrieved' );
my $non_existent_code = $macro_1->id;
$macro_1->delete;
$t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/" . $non_existent_code )
$t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/" . $non_existent_code )
->status_is(404)
->json_is( '/error' => 'Macro not found' );
@ -205,14 +205,14 @@ subtest 'add() tests' => sub {
$macro->delete;
# Unauthorized attempt to write
$t->post_ok( "//$unauth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values )
$t->post_ok( "//$unauth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values )
->status_is(403);
# Authorized attempt to write invalid data
my $macro_with_invalid_field = { %$macro_values };
$macro_with_invalid_field->{'big_mac_ro'} = 'Mac attack';
$t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_with_invalid_field )
$t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_with_invalid_field )
->status_is(400)
->json_is(
"/errors" => [
@ -224,14 +224,14 @@ subtest 'add() tests' => sub {
);
# Authorized attempt to write
$t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values )
$t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values )
->status_is( 201, 'SWAGGER3.2.1' )
->json_has( '/macro_id', 'We generated a new id' )
->json_is( '/name' => $macro_values->{name}, 'The name matches what we supplied' )
->json_is( '/macro_text' => $macro_values->{macro_text}, 'The text matches what we supplied' )
->json_is( '/patron_id' => $macro_values->{patron_id}, 'The borrower matches the borrower who submitted' )
->json_is( '/shared' => 0, 'The macro is not shared' )
->header_like( Location => qr|^\/api\/v1\/advancededitormacros\/d*|, 'Correct location' );
->json_is( '/shared' => Mojo::JSON->false, 'The macro is not shared' )
->header_like( Location => qr|^\/api\/v1\/advanced_editor/macros\/d*|, 'Correct location' );
# save the library_id
my $macro_id = 999;
@ -239,7 +239,7 @@ subtest 'add() tests' => sub {
# Authorized attempt to create with existing id
$macro_values->{macro_id} = $macro_id;
$t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values )
$t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values )
->status_is(400)
->json_is( '/errors' => [
{
@ -249,14 +249,14 @@ subtest 'add() tests' => sub {
]
);
$macro_values->{shared} = 1;
$macro_values->{shared} = Mojo::JSON->true;
delete $macro_values->{macro_id};
# Unauthorized attempt to write a shared macro on private endpoint
$t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values )
$t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values )
->status_is(403);
# Unauthorized attempt to write a private macro on shared endpoint
$t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared" => json => $macro_values )
$t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared" => json => $macro_values )
->status_is(403);
$builder->build({
@ -269,11 +269,11 @@ subtest 'add() tests' => sub {
});
# Authorized attempt to write a shared macro on private endpoint
$t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values )
$t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values )
->status_is(403);
# Authorized attempt to write a shared macro on shared endpoint
$t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared" => json => $macro_values )
$t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared" => json => $macro_values )
->status_is(201);
};
@ -319,7 +319,7 @@ subtest 'update() tests' => sub {
delete $macro_values->{macro_id};
# Unauthorized attempt to update
$t->put_ok( "//$unauth_userid:$password@/api/v1/advancededitormacros/$macro_id"
$t->put_ok( "//$unauth_userid:$password@/api/v1/advanced_editor/macros/$macro_id"
=> json => { name => 'New unauthorized name change' } )
->status_is(403);
@ -328,7 +328,7 @@ subtest 'update() tests' => sub {
name => "Call it macro-roni",
};
$t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id" => json => $macro_with_missing_field )
$t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id" => json => $macro_with_missing_field )
->status_is(400)
->json_has( "/errors" =>
[ { message => "Missing property.", path => "/body/macro_text" } ]
@ -338,10 +338,10 @@ subtest 'update() tests' => sub {
name => "Macro-update",
macro_text => "delete 100",
patron_id => $authorized_patron->borrowernumber,
shared => 0,
shared => Mojo::JSON->false,
};
my $test = $t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id" => json => $macro_update )
my $test = $t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id" => json => $macro_update )
->status_is(200, 'Authorized user can update a macro')
->json_is( '/macro_id' => $macro_id, 'We get the id back' )
->json_is( '/name' => $macro_update->{name}, 'We get the name back' )
@ -350,11 +350,11 @@ subtest 'update() tests' => sub {
->json_is( '/shared' => $macro_update->{shared}, 'It should still not be shared' );
# Now try to make the macro shared
$macro_update->{shared} = 1;
$macro_update->{shared} = Mojo::JSON->true;
$t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_id" => json => $macro_update )
$t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_id" => json => $macro_update )
->status_is(403, 'Cannot make your macro shared on private endpoint');
$t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_id" => json => $macro_update )
$t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_id" => json => $macro_update )
->status_is(403, 'Cannot make your macro shared without permission');
$builder->build({
@ -366,22 +366,22 @@ subtest 'update() tests' => sub {
},
});
$t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id" => json => $macro_update )
$t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id" => json => $macro_update )
->status_is(403, 'Cannot make your macro shared on the private endpoint');
$t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_id" => json => $macro_update )
$t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_id" => json => $macro_update )
->status_is(200, 'Can update macro to shared with permission')
->json_is( '/macro_id' => $macro_id, 'We get back the id' )
->json_is( '/name' => $macro_update->{name}, 'We get back the name' )
->json_is( '/macro_text' => $macro_update->{macro_text}, 'We get back the text' )
->json_is( '/patron_id' => $macro_update->{patron_id}, 'We get back our patron id' )
->json_is( '/shared' => 1, 'It is shared' );
->json_is( '/shared' => Mojo::JSON->true, 'It is shared' );
# Authorized attempt to write invalid data
my $macro_with_invalid_field = { %$macro_update };
$macro_with_invalid_field->{'big_mac_ro'} = 'Mac attack';
$t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id" => json => $macro_with_invalid_field )
$t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id" => json => $macro_with_invalid_field )
->status_is(400)
->json_is(
"/errors" => [
@ -396,10 +396,10 @@ subtest 'update() tests' => sub {
my $non_existent_code = $non_existent_macro->id;
$non_existent_macro->delete;
$t->put_ok("//$auth_userid:$password@/api/v1/advancededitormacros/$non_existent_code" => json => $macro_update)
$t->put_ok("//$auth_userid:$password@/api/v1/advanced_editor/macros/$non_existent_code" => json => $macro_update)
->status_is(404);
$t->put_ok("//$auth_userid:$password@/api/v1/advancededitormacros/$macro_2_id" => json => $macro_update)
$t->put_ok("//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_2_id" => json => $macro_update)
->status_is(403, "Cannot update other borrowers private macro");
};
@ -442,18 +442,18 @@ subtest 'delete() tests' => sub {
my $macro_2_id = $macro_2->id;
# Unauthorized attempt to delete
$t->delete_ok( "//$unauth_userid:$password@/api/v1/advancededitormacros/$macro_2_id")
$t->delete_ok( "//$unauth_userid:$password@/api/v1/advanced_editor/macros/$macro_2_id")
->status_is(403, "Cannot delete macro without permission");
$t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id")
$t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id")
->status_is(200, 'Can delete macro with permission');
$t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_2_id")
$t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_2_id")
->status_is(403, 'Cannot delete other users macro with permission');
$macro_2->shared(1)->store();
$t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_2_id")
$t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_2_id")
->status_is(403, 'Cannot delete other users shared macro without permission');
$builder->build({
@ -464,9 +464,9 @@ subtest 'delete() tests' => sub {
code => 'delete_shared_macros',
},
});
$t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_2_id")
$t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_2_id")
->status_is(403, 'Cannot delete other users shared macro with permission on private endpoint');
$t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_2_id")
$t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_2_id")
->status_is(200, 'Can delete other users shared macro with permission');
};

Write Preview
Loading…
Cancel
Save