Bug 25045: Add the RESTPublicAnonymousRequests syspref

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-04-13 11:36:12 -03:00 · 2020-04-13 11:36:12 -03:00 · 5394e8443f
commit 5394e8443f
parent b97158dd13
3 changed files with 22 additions and 0 deletions
--- a/installer/data/mysql/atomicupdate/bug_25045.perl
+++ b/installer/data/mysql/atomicupdate/bug_25045.perl
@ -0,0 +1,15 @@
+$DBversion = 'XXX'; # will be replaced by the RM
+if( CheckVersion( $DBversion ) ) {
+
+    # Default to the homologous OpacPublic syspref
+    my $opac_public = C4::Context->preference('OpacPublic') ? 1 : 0;
+
+    $dbh->do(qq{
+        INSERT IGNORE INTO `systempreferences`
+            (`variable`,`value`,`explanation`,`options`,`type`)
+        VALUES
+            ('RESTPublicAnonymousRequests', $opac_public, NULL,'If enabled, the API will allow anonymous access to public routes that don\'t require authenticated access'.','YesNo');
+    });
+
+    NewVersion( $DBversion, 25045, "Add a way to restrict anonymous access to public routes (OpacPublic behaviour)");
+}
--- a/installer/data/mysql/sysprefs.sql
+++ b/installer/data/mysql/sysprefs.sql
@ -543,6 +543,7 @@ INSERT INTO systempreferences ( `variable`, `value`, `options`, `explanation`, `
 ('RESTBasicAuth','0',NULL,'If enabled, Basic authentication is enabled for the REST API.','YesNo'),
 ('RESTdefaultPageSize','20','','Default page size for endpoints listing objects','Integer'),
 ('RESTOAuth2ClientCredentials','0',NULL,'If enabled, the OAuth2 client credentials flow is enabled for the REST API.','YesNo'),
+('RESTPublicAnonymousRequests','1',NULL,'If enabled, the API will allow anonymous access to public routes that don\'t require authenticated access'.','YesNo'),
 ('RESTPublicAPI','1',NULL,'If enabled, the REST API will expose the /public endpoints.','YesNo'),
 ('RestrictedPageLocalIPs','',NULL,'Beginning of IP addresses considered as local (comma separated ex: "127.0.0,127.0.2")','Free'),
 ('RestrictedPageContent','',NULL,'HTML content of the restricted page','TextArea'),
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/web_services.pref
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/web_services.pref
@ -23,6 +23,12 @@ Web services:
                  yes: Enable
                  no: "Disable"
            - "the OAuth2 client credentials grant for the REST API. Requires Net::OAuth2::AuthorizationServer installed. [EXPERIMENTAL]"
+        -
+            - pref: RESTPublicAnonymousRequests
+              choices:
+                yes: "Enable"
+                no: "Disable"
+            - anonymous access to public routes (that don't require authenticated access)
        -
            - pref: RESTPublicAPI
              choices: