To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Get the id of an authority
4. Make a DELETE request to /api/v1/authorities/{authid}
5. Check that the authority was deleted
6. Sign off
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Get the id of an authority
4. Make a GET request to /api/v1/authorities/{authid} with one of the following content type header
- application/json
- application/marcxml+xml
- application/marc-in-json
- application/marc
- text/plain
5. Check that you get the authority in the corresponding format
6. Sign off
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the missing unit tests for the ticket updates api
endpoints.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a catalog concern management page to the staff client
accessible via the cataloging home page and a new 'Pending catalog
concerns' link on the front page.
This includes added the requisit ticket_updates api endpoints and notice
triggers and templates for notifying patrons of changes to their
reported concerns.
Test plan
1) Enable the `OpacCatalogConcerns` system preference
2) Catalog concern management is tied to your users ability to edit the
catalog, `editcatalogue`.
3) Confirm that you can see 'Catalog concerns' listed on the cataloging
home page if you have the `editcatalogue` permission and not if you
do not.
4) Add a new concern as an opac user.
5) Confirm that once a concern is present in the system you see a count
of 'catalog concerns pending' on the intranet main page if you have
the `editcatalogue` permission.
6) Click through either the cataloging home page or pending concerns
link on the main page to view the new concerns management page.
7) Confirm the table displays as one would expect.
8) Confirm clicking on details or the concern title exposes a 'details'
modal with the option to add an update or resolve the concern.
9) Verify that if selecting 'notify' when updateing or resolving a
concern triggers a notice to be sent to the opac user who first
reported the issue.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Helen Oliver <HOliver@tavi-port.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds basic CRUD API's for the ticket endpoints.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Helen Oliver <HOliver@tavi-port.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch renames that for consistency, and also makes use of the
->authorised_values accessor on the category.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
For, at least, the ERM module we would like to retrieve the authorised
values for a given category to build a dropdown list with the different options.
It has been decided on bug 17390 to use
GET /authorised_value_categories/:authorised_value_category_id/values
Test plan:
curl -v -s -u koha:koha --request GET http://kohadev-intra.mydnsname.org:8081/api/v1/authorised_value_categories/LOC/values
Should display the list of LOC
curl -v -s -u koha:koha --request GET http://kohadev-intra.mydnsname.org:8081/api/v1/authorised_value_categories/xLOCx/values
Should return a 404
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Agreement.vendor_id has a default value defined in TestBuilder, but here
we were assuming there was one.
We should then generate it and pass the value when building the
agreement objects.
The failure was:
koha_1 | # Failed test '200 OK'
koha_1 | # at t/db_dependent/api/v1/erm_agreements.t line 95.
koha_1 | # got: '400'
koha_1 | # expected: '200'
koha_1 |
koha_1 | # Failed test 'exact match for JSON Pointer ""'
koha_1 | # at t/db_dependent/api/v1/erm_agreements.t line 95.
koha_1 | # Structures begin differing at:
koha_1 | # $got = HASH(0x55cde781a480)
koha_1 | # $expected = ARRAY(0x55cde75af9c8)
koha_1 | # Looks like you failed 2 tests of 32.
400 because we were calling
http://localhost:8081/api/v1/erm/agreements?vendor_id='
which returns {"errors":[{"message":"Expected integer - got string.","path":"\/vendor_id"}],"status":400}%
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes the renewal_type an enum, to match the change on the
DB. A test is added to account the fact the API is always setting
'Manual' request type.
Bonus: small portion of code gets a tidy, should've been asked by QA.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
0. Apply patch
1. prove -v t/db_dependent/api/v1/password_validation.t
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the mentioned endpoint. The controller relies on
Koha::Item->safe_to_delete for checks and uses `safe_delete` as
additem.pl does.
The required permissions are edit_catalogue.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass!
3. Play with item deletion using a REST tool like Postman
=> SUCCESS: All works as expected
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
12:01:12 koha_1 | # Failed test 'Holds retrieved'
12:01:12 koha_1 | # at t/db_dependent/api/v1/patrons_holds.t line 56.
12:01:12 koha_1 | # Structures begin differing at:
12:01:12 koha_1 | # $got->[0]{hold_id} = '256'
12:01:12 koha_1 | # $expected->[0]{hold_id} = '255'
12:01:12 koha_1 | # Looks like you failed 1 test of 9.
12:01:12 koha_1 |
12:01:12 koha_1 | # Failed test 'list() tests'
12:01:12 koha_1 | # at t/db_dependent/api/v1/patrons_holds.t line 70.
This is a weird one, and the only solution I see it to force the order
we want to receive the holds.
I guess we should not rely on an order if no order by clause is passed
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
We should not (never) remove all patrons before tests
Test plan:
0. Don't apply the patch
1. Check an item out
2. Run the tests
=> Fail
3. Apply the patch
4. Create a patron with the erm permission
5. Run the tests
=> Must return green
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch perltidys the tests added lately. It also removes some
commented debugging lines.
Note: There's an attempt to write tests on the full auth workflow that
is commented out but left there on purpose for now.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Several FIXME comments added on the report addressed here.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lukasz Koszyk <lukasz.koszyk@kit.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
- Agreements: Added tests for search and filter_expired as well as some missing comments; fix user flags
- Licenses: Updated tests to be on par with agreements; fix user flags
- EHoldings Packages: New tests on par with others
- EHoldings Titles: New tests on par with others plus import titles tests
- EHoldings Resources: New tests - get and list
- Documents: New tests; Only has GET endpoint; Tests to better mirror real documents lifecycle through a license;
- Users: New tests
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Comment speaks for itself. Look at surrounding code.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch removes not required (for now) query parameters as we can
query using q= on those. They can be added back eventually, if needed.
Attributes now match the database as well.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This adds the API routes and tests
Sponsored-by: Sponsored by: Round Rock Public Library [https://www.roundrocktexas.gov/departments/library/]
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch changes holds' GET REST API endpoint permission
to place_holds to match with request.pl
Test plan:
1) prove t/db_dependent/api/v1/holds.t
Sponsored-by: Koha-Suomi Oy
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Disable password change notifications for the api test to negate the
need for setting up notices.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes the following changes to the 'background_jobs' API:
* We now call them 'jobs'
* Removed deprecated query parameter definitions
* Added only_current query parameter
* Controller gets adapted to use $rs->filter_by_current when
only_current is passed
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
Run t/db_dependent/Circulation/GetHardDueDate.t
Run t/db_dependent/Circulation/OfflineOperation.t
Run t/db_dependent/RotatingCollections.t
Run t/db_dependent/api/v1/libraries.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch replaces opac-ratings-ajax.pl with a new REST API route
POST /public/biblios/42/ratings
Note that we could go further and refactor the 'start_rating' select
code.
Test plan:
Test the "star ratings" feature at the OPAC, on the different page
where it's displayed.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
We were having a "Patron is not authenticated yet" comment, but it was not correct,
we set 'number' and 'id' in session, and waiting-for-2FA was not set => the patron is fully authenticated.
The test returned 401 because we fully authenticated user cannot request
an otp token when not waiting for the second auth step.
This situation is already covered (last test of the subtest).
Test plan:
prove t/db_dependent/api/v1/two_factor_auth.t
must return green
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Adding a test for a 403 status when lowering authorization.
The Auth mock for check_cookie_auth is not needed here.
Reading back the session after flush either.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To make the tests pass even if no SMTP server is defined.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
If we are fully logged-in or haven't pass the password phase, don't send
the notice!
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Changing flags to 20 to include the required Staff access for
intranet login.
This changes the http status. The API raises an exception now.
Test plan:
Run t/db_dependent/api/v1/two_factor_auth.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 28786 let librarians enable a Two-factor authentication but force them to use
an application to generate the TOTP token.
This new enhancement add the ability to send an email containing the token to the
patron once it's authenticaed
The new notice template has the code '2FA_OTP_TOKEN'
Test plan:
- Setup the two-factor authentication (you need the config entry and the
syspref ON)
- Enable it for your logged in patron
- Logout
- Login and notice the new link "Send the code by email"
- Click on it and confirm that you received an email with the code
- Use the code to be fully logged in
QA question: Is 400 the correct error code to tell the email has not
been sent?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds unit tests for the new effective_not_for_loan_status
which I add to the items api responses in this patchset.
Test plan
1) Run the unit test without applying the next commit, it should fail
2) RUn the test again after applying the next commit, it should pass
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a unit test for the addition of effective_item_type_id
to the items responses.
Test plan
1) Run the unit test prior to applying the second patch and confirm it
fails
2) Apply the second patch and confirm the unit test now passes
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
