Commit graph

393 commits

Author SHA1 Message Date
9ba40e1adf Bug 26274: Add cashups api routes
This patch creates a Koha::Cash::Register::Cashup(s) class pair which
subclass Koha::Cash::Register::Action(s) and moves the cashup specific
code into these new classes to improve code separation.

We then introduce API routes based on these classes to allow fetching
a list of cashups associated to a cash register and a full cashup with
emeddable summary for individual cashups.

Test plan
1/ Run the updated unit tests.
   t/db_dependent/Koha/Cash/Register/Action.t
   t/db_dependent/Koha/Cash/Register/Cashup.t
2/ Run the incuded api tests.
   t/db_dependent/api/v1/cashups.t

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-02-12 12:33:41 +01:00
15fcd755a2 Bug 26181: Disable override by default in /holds
This patch disables AllowHoldPolicyOverride by default in /holds. It
also adds a header that can be used to request the override explicitly.

Tests are added for this behaviour

To test:
1. Apply the regression tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Tests fail because the behaviour is not implemented
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-02-12 12:14:50 +01:00
fd27224415 Bug 27330: (QA follow-up) Return 409 instead
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-02-01 16:36:38 +01:00
401987bdad Bug 27251: Rewrite QOTD with the Koha REST API
This patch replace the QOTD editor with our new way to CRUD the
adminitration page (like libraries and STMP servers)

Test plan:
Play with the QOTD by adding, removing, updating quotes
Try to find bugs :)

Bug 27251: Fix capitalization

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-01-29 09:03:45 +01:00
0f11d6acbb Bug 27352: Add GET /biblios/:biblio_id/items
This patch adds a route to fetch the items for a biblio. It relies
entirely on already existing methods.

To test:
1. Use your favourite REST tool
2. Play with the new route.
=> SUCCESS: It works as expected!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-01-29 09:03:45 +01:00
ade441def4 Bug 20212: Add more embeddable objects to orders
This patch adds options to embed more related objects based on the needs
by parcel.tt.

For filtering by biblioitems fields (ISBN and EAN) I had to make the
'list' method a modified version of the objects->search helper. I
thought of doing it in a more generic way but I didn't find any other
use cases and it would certainly make an already complex piece of code
even more complex.

So this is quite similar, but at some steps the biblio.<biblioitem
field> gets translated into the proper relation names, and the same
happens for prefetching.

A new parameter is also added: only_active. It makes the controller use
Koha::Acquisition::Orders->filter_by_active, avoiding the need to build
complex queries in the UI.

The same handling is done when the order_id parameter is passed (outside
the q= parameters). In this case using Koha::Acquisition::Orders->filter_by_id_including_transfers

This is all respecting the C4::Acquisitions::SearchOrders behaviour.

TL;DR:

This patch adapts the code from the list() sub so it manipulates the
query parameters and the embed header so:
- the biblioitem relationship is prefetch
- any queries on biblio.isbn and biblio.ean are correctly translated into search on the
  biblioitems table.
- Adds an only_active parameter to the /acquisitions/orders route to
  easily request only the active orders.

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-01-28 16:44:11 +01:00
a60c1b77f8 Bug 27015: Make pickup locations searchable
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-01-04 16:33:15 +01:00
69c01ee0f2 Bug 27117: Only place_holds permission is needed to adjust pickup locations
The GET /pickup_locations route is requesting the whole reserveforothers
permission whereas only the subpermission place_holds is needed.

Test plan:
0. Don't apply this patch
1. Set the subpermission place_holds but modify_holds_priority
2. Edit a hold and click the pickup library dropdown list
3. You get a JS alert and log displays
  GET /api/v1/app.pl/api/v1/holds/5/pickup_locations
  403 Forbidden
4. Apply this patch
5. Reload the page, click the dropdown list, modify the pickup location
and save
=> Success!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-12-21 10:07:49 +01:00
1450604029 Bug 26988: (QA follow-up) Make the API return proper library objects
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-13 14:20:11 +01:00
83d4713945 Bug 26988: Add API route to fetch hold pickup locations and use it in the holds table
To test:
1 - Place a number of holds on a record
2 - Have different pickup locations for the holds
3 - Have some libraries that are not pickup locations
4 - Load the holds tab for the record and note libraries not pickup locations are not in dropdowns
5 - Apply patch and restart all things
6 - Reload the holds table
7 - Click on a dropdown, note the spinner, should load successfully
8 - Confirm the dropdown matches the options before the patch
9 - Confirm updating the hold location works

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>

Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-13 14:20:11 +01:00
Andrew Isherwood
8595e80b78 Bug 24083: Add support for unseen_renewals
This patch adds support for unseen renewals.

Here we retrofit knowledge of unseen renewals and add the display of unseen
renewal counts and warnings, in addition to adding the ability to
specify a renewal as being "unseen".

The functionality added here is goverened by the UnseenRenewals syspref.

Signed-off-by: Sally Healey <sally.Healey@cheshirewestandchester.gov.uk>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-11 16:09:58 +01:00
Agustin Moyano
6853a2d7f6 Bug 23019: (follow-up) Fix test permissions and API definition bugs
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-11 15:55:49 +01:00
Agustin Moyano
9f5596afd6 Bug 23019: (follow-up) Fix other things
This patch:
* Fixes table name change
* Adds schema file
* Changes api parameter name
* Fixes string escaping
* Fixes error handling

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-11 15:55:49 +01:00
Agustin Moyano
0001155429 Bug 23019: (follow-up) Fix usability issues
This patch place profile buttons in the bottom of the page, next to "Stage for import"

It removes the "Update profile" button, and changes "Add profile" to "Save profile". Save profile can be used to add and to update a profile.

It also adds feedback when a profile was saved or deleted.

Last, it also replaces input-batch-profile endpoint name for input_batch_profile, which is more aligned with other endpoint names.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-11 15:55:49 +01:00
Agustin Moyano
8b3a108558 Bug 23019: Add profiles to stage-import-batch and magnage-import-batch pages
This patch adds the logic and the needed UI elements to be able to pre-load an import profile. It also displays which profile was used to stage an import in staged import manager.

To test:
1. Apply all patches
2. Updatedatabase
3. Go to Stage MARC records for Import tool in admin, and upload a file with MARC records.
CHECK => after uploading, there is a fieldset with the legend “Profile settings”
              => inside the fieldset there is a select labeled “Pre fill values with profile”. The only value it has is “Do not use profile”.

4. Change some settings, and set “profile 1” as profile name and click on “Add profile”
SUCCESS => The select now has the new profile selected

5. Change profile select to “Do not use profile”
SUCCESS => Default values are now displayed in the form

6. Reload the page and upload the file again
SUCCESS => the select still has the profile recently added

7. Select the profile, change some parameter in the form and set the profile name to “profile 2”, and click add profile
SUCCESS => there are two profiles now, and if you toggle between them, the parameter changes

8. Select profile 1, change one parameter and click on update profile
SUCCESS => if you toggle that profile with the other, the new parameter of the value is shown when you select profile 1

9. Select profile 2, change some parameter and click Add profile (leaving the name as profile 2)
SUCCESS => the page complains there is another profile with the same name, and asks if you want to replace it.

10. Click on accept
SUCCESS => profile 2 now has the new value in the parameter

11. Select profile 2 and change the name to profile 1
SUCCESS => the page complains there is another profile with that name, and asks if you want to replace it

12. Click on accept
SUCCESS => in profile select there is only one profile called profile 1 that has the values of profile 2

13. Select profile 1 and click remove profile
SUCCESS => there is no profile in profile select.

14. Create a profile and click on “Stage for import”
15. Go to Staged MARC management page
SUCCESS => Improt should have the name of the profile in profile column, and when you click on the file name, there should be the name of the profile in the details.

16. prove t/db_dependent/ImportBatch.t t/db_dependent/api/v1/import_batch_profiles.t
17. Sign off

Signed-off-by: Abbey Holt <aholt@dubuque.lib.ia.us>

Signed-off-by: Abbey Holt <aholt@dubuque.lib.ia.us>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-11 15:55:49 +01:00
Andrew Isherwood
afd13b6a9b Bug 22818: (follow-up) Respond to feedback
This commit fixes this bug, it was broken in a number of ways.

Fixes include:

- Added necessary config block in C4::Letters to enable the TT notice
syntax introduced in an earlier commit to work
- Changed template variables to refer to singular objects rather than
multiple e.g. borrowers -> borrower
- Fixed missing / misnamed variables

This commit also implements the additional syspref checks suggested by
Katrin in comment #87

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-11 08:35:10 +01:00
e00d07fe79 Bug 23916: Allow embedding the issuer object
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-10 15:00:14 +01:00
b854e285f1 Bug 23916: Add new attribute to API
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-10 15:00:14 +01:00
Katrin Fischer
a27c22bffc Bug 26718: Rename "reading history" to "checkout history"
This changes all occurences of reading history to the more
accurate term 'checokut history' as it was correctly pointed out
that 'reading' doesn't apply to all kind of items available
at the library (audio books, games, etc.)

To test:
- Verify that the term reding history has been replaced by checkout
  history in:
  - System preferences
  - OPAC tab "your checkout history"
  - OPAC tab "your privacy" (switch OpacPrivacy pref first)
  - Staff permission for patron batch anonymization

Signed-off-by: Barbara Johnson  <barbara.johnson@bedfordtx.gov>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-04 12:59:33 +01:00
8eb68c082a Bug 26595: Embed the whole smtp_server object
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-14 15:53:38 +02:00
c59b022783 Bug 26595: Add smtp_server_info embed option to /libraries
This patch simply adds the option to embed the return value from
Koha::Library->smtp_server_info on the libraries GET actions.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-14 15:53:38 +02:00
95aa8fc64b Bug 22343: API routes for SMTP servers CRUD
This patch introduces API routes for handling SMTP servers.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-02 10:54:40 +02:00
Joonas Kylmälä
089b857586 Bug 26271: Add null to the list of accepted account_line data types
The database schema for accountlines table allows the
manager_id/user_id column to be NULL. If request to
/api/v1/patrons/<patron_id>/account returns such an accountline where
it is NULL we get 500 error as response. Adding NULL to allowed data
types fixes this issue.

To test:
 1) Run prove t/db_dependent/api/v1/patrons_accounts.t and notice it
    doesn't fail

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-09-03 14:18:23 +02:00
76bd932296 Bug 19889: Add new attribute to the REST API definition
It fixes t/db_dependent/api/v1/items.t

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-09-01 12:22:06 +02:00
Katrin Fischer
ed066caf58 Bug 26015: Terminology: Fix tons more staff clients to staff interfaces
This takes care of more occurences of staff client and changes it to
staff interface, including in code comments.

To test:
- I think in this case careful code review is what we look for.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-08-31 16:10:25 +02:00
Agustin Moyano
d390b2f7cf Bug 22789: Add non priority feature to C4 classes and staff interface
This patch implements necesary code to implement non priority feature

To test:
1) Apply all patches.
2) Run updatedatabase.
3) Checkout a specific item for patron1.
4) Place a hold on the same item for patron2 (do not check non priority
   hold checkbox).
5) Try to renew the item for patron1.
CHECK => in checkouts table, there is a message that the item could not
be renewed because there was a hold.
6) Cleanup all checkouts and holds.
7) repeat steps 3 to 5, but this time check the non priority checkbox.
SUCCESS => item was renewed
8) prove t/db_dependent/Holds.t

Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-08-31 16:10:25 +02:00
e0a4bad3fc Bug 23653: use local copy of swagger v2 schema
By default, JSON::Validator::OpenAPI tries to fetch the
swagger v2 schema from http://swagger.io/v2/schema.json.

If you've installed from CPAN, JSON::Validator::OpenAPI will
come with a cached copy, so it won't try to fetch it over HTTP.

However, if you've installed from libjson-validator-perl
from Debian/Ubuntu, the Debian package excludes the cached copy,
so JSON::Validator::OpenAPI tries to fetch it over HTTP.

Unfortunately, today and other days in the past, the file at
http://swagger.io/v2/schema.json has been unavailable, and this causes
Koha to crash in a perpetual loop.

This patch includes a copy of the swagger v2 schema, and it loads
it locally rather than fetching over HTTP.

The changes to Koha/REST/Plugin/PluginRoutes.pm are not required,
since the validator isn't currently called there, but I've added
a patch to future proof it.

To Test:
0a) Remove /usr/share/perl5/JSON/Validator/cache/36d1bd12eeed51e86c8695bd8876a9df
if it exists
0b) Block external access to http://swagger.io/v2/schema.json or
test during an outage when it's unavailable
0c) Do not apply patch
1) koha-plack --restart kohadev
2) Note that it crashes in a loop and is unavailable in web browser
3) Apply patch
4) koha-plack --restart kohadev
5) Note that Koha comes up and there are no errors in the Plack logs

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-08-26 14:26:29 +02:00
Agustin Moyano
8ed09ff7de Bug 23820: Add checkout to default to patron's home branch on club hold
This patch adds a checkbox to make holds created by club hold to default to patron's home branch if possible.

To test:
1. Apply this patch
2. Create a club, and add two patrons (from now on called patron A and patron B) to it, each one form a different library..
3. Create a hold for the club, and in the details set pickup location different from any of the patrons.
4. Check "Pickup at patron's home library when possible" checkbox
SUCCESS => when submitted, pickup location of holds defaults to patron's home branch
5. Modify patron A's library and set pickup location to no.
6. Repeat steps 3 and 4.
SUCCESS => when submitted, patron A's hold now points to pickup location setted on step 3, and patron B's hold still points to his home branch.
7. Sign off

Sponsored-by: Southeast Kansas Library - SEKLS

Signed-off-by: Jason Robb <jrobb@sekls.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-07-20 17:45:30 +02:00
40ab030060
Bug 25944: Schema fix for illrequests route
The illrequests path was missing the `comments` and `status_alias`
embedable relations in the path specification.

Test plan:
1/ Ensure you have the latest Mojolicious + OpenAPI modules installed.
2/ Navigate to the ill requests page and note that the table is empty.
3/ Note that under the networking tab in your browsers developer tools
that the api call fails with a 400 error.
4/ Apply the patch
5/ Refresh the page
6/ The table should now load and the api route should return a proper
200 response.
7/ Signoff

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Applied the patch to a production server that was having the 400
error on the main ILL page, and the error was gone.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-07-16 15:32:51 +01:00
032e11c7f4 Bug 25288: Add general query parameters to the /libraries route
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-06-24 15:15:41 +02:00
7a4cf3569d
Bug 25502: Adapt Advanced macros routes to current guidelines
The original development started before the changes we introduced in the guidelines in late 2019, and the major code changes that took place in January 2020.

- Attribute mapping logic is now on the Koha::Object-level (the patches implement that, but are not using it)
- Related to the above, some helper methods like to_api and to_model are kept, the same for the mappings in the controller, they should all go away
- Related to the above, set_from_api and new_from_api should be used instead of using helper to_api and to_model methods in the controller
- $c->objects->search doesn't use the to_model and to_api params
- Response status codes need to be changed, at least for DELETE operations

Those are fixed by this patch.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/advanced_editor_macros.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-05-19 15:21:16 +01:00
96b4f6802b
Bug 25535: Hold API mapping maps cancellationdate to cancelation_date, but it should be cancellation_date
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-05-19 08:30:08 +01:00
810e761660
Bug 25482: Wrong permissions specification for adv editor macros
The current permissions are defined as a hash, with a duplicate key.
This is generally invalid, but Debian 9's Mojolicious::Plugin::OpenAPI
lets it go through, even though the results are, random?

This patch sets the required permissions right, and following the
haspermissions() syntax correctly.

Tests for searching macros are not passing. Still trying to figure.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-05-15 12:47:08 +01:00
a07c5c153a
Bug 25279: Add general query parameters to the /cities route
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-05-12 11:39:36 +01:00
240b52170b
Bug 17268: Update patchs per RFC
https://wiki.koha-community.org/wiki/Advanced_editor_macros_endpoint_RFC

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-05-04 08:26:33 +01:00
c34eb3c950
Bug 17268: (follow-up) Fix translatability
This patch moves the error messages to translatable strings

Also includes capitalization fixes and POD adjustment

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-05-04 08:26:22 +01:00
537ba245ee
Bug 17268: Advanced cataloging editor macros - add endpoint
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Heather Hernandez <Heather_Hernandez@nps.gov>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-05-04 08:25:21 +01:00
e03e5a2ece
Bug 24908: Add text-formatted MARC support in /biblios/{biblio_id}
This patch makes the route support requesting (through the Accept
header) the MARC record to be output as formatted text as in
$record->as_formatted.

To test:
1. Apply the unit tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/biblios.t
=> FAIL: Tests fail
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Try the route with your favourite API testing tool (Postman?)
=> SUCCESS: Accept: text/plain returns the expected results
=> SUCCESS: Wrong Accept header returns a list of valid formats, and
includes 'text/plain'.
6. Sign off :-D

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-04-29 17:13:36 +01:00
0bb0b6c7b4
Bug 25048: Make successful resource deletion return 204
This patch adapts the spec and the controllers so existing routes return
204 and an empty response body when a successful deletion happens.

Right now we have a coding guideline but haven't adapted the existing
routes.

To test:
1. Apply the regression tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/*.t
=> FAIL: Some tests fail
3. Apply this patch
4. Repeat 2.
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-04-29 16:24:43 +01:00
572f486697
Bug 24909: Route spec
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-04-27 11:15:10 +01:00
e3c6c4beed
Bug 24476: Rename autorenewal to autorenew_checkouts
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-24 11:23:54 +00:00
4e69b19de8
Bug 24476: API Updates
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-24 11:23:36 +00:00
d6ac30323b
Bug 24818: (RM follow-up) Update account_line date definition
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-19 13:07:06 +00:00
81655e7dbf
Bug 22615: Add endpoint for getting one ill backend
Signed-off-by: Andrew Isherwood <andrew.isherwood@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-05 13:03:40 +00:00
def667f7fc
Bug 22615: Add /ill_backends endpoint
Signed-off-by: Andrew Isherwood <andrew.isherwood@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-05 13:03:32 +00:00
Agustin Moyano
863f129a58
Bug 24502: (follow-up) Add all 3 query parameters in api definition
This patch adds api definition for body, query or header parameters.

To use them include:

* "$ref": "../parameters.json#/q_body" for body parameter.
* "$ref": "../parameters.json#/q_param" for query parameter.
* "$ref": "../parameters.json#/q_header" for header parameter.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-03 09:17:04 +00:00
Ere Maijala
d7407055a8
Bug 22522: Fix several REST API tests
Fixes among others the invalid use of json_has() which caused broken tests to pass with older Mojolicious versions.

Signed-off-by: Mason James <mason@kohaaloha.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-02-25 13:44:22 +00:00
7d8b96803f
Bug 24545: Fix license statements
Bug 9978 should have fixed them all, but some were missing.
We want all the license statements part of Koha to be identical, and
using the GPLv3 statement.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-02-24 13:31:26 +00:00
b9ecf361a8
Bug 24592: Reword LOST_RETURN to LOST_FOUND
This patch updates the wording in the 'lost and found' process to more
closely reflect what the process is achieving by replacing 'RETURNED'
with 'FOUND'

Test plan:
1) Grep codebase for _FixAccountForLostAndReturned and note there are no
   longer any instanced of it.
2) Run t/db_dependent/Circulation.t and note it passes
3) Test returning/renewing an item that has been marked as lost and note
   the updated values in the accountlines now use LOST_FOUND as
   credit_type_code and 'FOUND' as the status for the 'LOST' fee
   (debit_type_code 'LOST')

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-02-13 15:58:49 +00:00
ac8d607411
Bug 24611: Fix wrong budget_id query param in /acquisitions/orders
This patch fixes the wrong query parameter that slipped on rewriting the
patches for the voted RFC.

To test:
1. Apply the tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/acquisitions_orders.t
=> FAIL: Tests fail because fund_id is not a valid query parameter
3. Apply this patch
4. Repeat (2)
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-02-13 15:55:50 +00:00
Jesse Weaver
18570614c4
Bug 18936: (follow-up) Update REST definition for /.../kinds
Signed-off-by: Minna Kivinen <minna.kivinen@hamk.fi>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-02-04 09:56:24 +00:00
Jesse Weaver
f2dfa17f0e
Bug 18936: (follow-up) Add foreign key and scope enhancement to circ rules
This necessitates moving the circ rules from using '*' to using
undef/NULL.

Signed-off-by: Minna Kivinen <minna.kivinen@hamk.fi>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-02-04 09:56:24 +00:00
5cd9c904c4
Bug 18731: OpenAPI definitions
This patch introduces the OpenAPI definitions required for the orders
endpoint. It matches the voted RFC.

Sponsored-by: Camden County
Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-01-09 16:25:57 +00:00
4ba67994a9
Bug 24321: Clean /libraries
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-01-08 14:42:36 +00:00
3ac92ea881
Bug 24321: Clean /acquisitions/vendors
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-01-08 14:42:32 +00:00
8fbb7caed3
Bug 24321: Clean /acquisitions/funds
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-01-08 14:42:28 +00:00
62dcfa95da
Bug 24232: Fix required permissions in DELETE /biblios/:biblio_id
This patch fixes the required permissions defined on the spec for the
mentioned endpoint.

To test:
1. Apply the tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/biblios.t
=> FAIL: Tests fail due to badly defined permissions
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! Notice parameters: edit_catelogue didn't exist
5. Sign off :-D

Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-12-20 12:07:20 +00:00
4de24b70e5
Bug 23859: Make POST add the Location header on cities endpoint
According to the coding guidelines, this endpoint should be adding the
Location header on POST actions.

To test:
1. Apply the tests patch
2. Run:
    $ kshell
    k$ prove t/db_dependent/api/v1/cities.t
=> FAIL: Tests fail!
3. Apply this patch
4. Repeat (1)
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-11-01 08:48:18 +00:00
bfcbe72edb
Bug 14697: (QA follow-up) Organize tests in subtests
This patch organizes the tests better, and adds some more.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-31 12:05:14 +00:00
9dbf0ff0e0
Bug 14697: Make controller methods rely on the stashed user
This patch adjusts the return values and HTTP status codes, as well as
removing the use of C4::Context->userenv. It also makes the date
calculation happen on the DB engine in the case of resolving the claim.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-31 12:05:03 +00:00
40e841da98
Bug 14697: (follow-up) Rely on the UNIQUE constraint and return 409 for issue_id
This patch avoids querying the DB for an already existing
Koha::Checkouts::ReturnClaim with the same issue_id, now that there's a
UNIQUE constraint on it.

Also, 409 should be returned instead. Tests added for this changes.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/return_claims.t
=> SUCCESS: tests pass!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-31 12:04:55 +00:00
a44ffa0926
Bug 14697: Add routes to handle return claims
This patch adds the /return_claims route to add new return claims, and
then routes to updates notes and the resolution code.

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/return_claims.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-31 12:04:13 +00:00
2ae0cc83f3
Bug 23667: Add spec
Signed-off-by: Jesse Maseto <jesse@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-29 12:20:35 +00:00
618d8a690e
Bug 23858: (follow-up) Return code fix
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-28 12:36:46 +00:00
5fbf423e94
Bug 23805: Update 'W' to 'WRITEOFF' for consistency
Signed-off-by: Kyle Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-24 17:35:20 +01:00
6bfd41eb0a
Bug 23805: Update 'Pay' to 'PAYMENT' for consistency
Signed-off-by: Kyle Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-24 17:35:20 +01:00
ce479d7a7d
Bug 23805: Update 'lost_item_return' to 'LOST_RETURN' for consistency
Signed-off-by: Kyle Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-24 17:35:20 +01:00
2665dc9094
Bug 23805: Update 'FOR' to 'FORGIVEN' for consistency
Signed-off-by: Kyle Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-24 17:35:20 +01:00
40613eb3c8
Bug 23805: Update 'C' to 'CREDIT' for consistency
Signed-off-by: Kyle Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-24 17:35:19 +01:00
7189c4f0a2
Bug 23049: (QA follow-up) Fix swagger spec for account line
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-24 17:25:21 +01:00
0bd6e03c65
Bug 23049: Update API
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-24 17:24:48 +01:00
1b9f3621df
Bug 23843: Add mapping to Koha::Acquisition::Fund
This patch adds a to_api_mapping method to the class. This in effect
enables calling ->to_api on the object. The mapping is borrowed from the
API controller. It is not removed from the controller so we are able to
verify (through the tests) that there is no behavior change.
Once this is pushed we need to implement the counter-wise methods and
clean the controllers.
To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/acquisitions_funds.t
=> SUCCESS: Tests pass
2. Apply this patch
3. Repeat (1)
=> SUCCESS: Tests still pass!
4. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-23 18:03:24 +01:00
c2d7189d0e
Bug 17005: Add plugin parameters to /checkouts endpoint
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-08 14:33:39 +01:00
321b1c1f3c
Bug 17005: Add checked_in checkouts to REST API response
This patch implements parameter 'checked_in' on checkouts endpoint to
enable getting circulation history.

Test plan:
1) Apply the patch and restart plack
2) Use your favorite REST API tester and play with /checkouts endpoint:
    - use it without checked_in parameter
    - use checked_in=1 for getting returned checkouts

Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-08 14:33:39 +01:00
4fb59c87ed
Bug 23677: OpenAPI spec for GET /biblios/{biblio_id}
Signed-off-by: Arthur Suzuki <arthur.suzuki@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-08 14:33:34 +01:00
Agustin Moyano
a902efb83b
Bug 19618: Add api endpoint for club holds
This patch adds an endpoint in thi api in /api/v1/clubs/{club_id}/holds whith the verb POST that maps to Koha::REST::V1::Clubs::Holds#add controller.
Classes for club_holds and club_holds_to_patron_holds new tables where also added.

To test:
1) Reach SUCCESS.3 test point of previous patch with club that has no enrollments
2) Click on "Place Hold"
SUCCESS => an alert should appear that you cannot place hold on a club without patrons
3) Reach SUCCESS.3 test point of previous patch with club that has enrollments
4) Click on "Place Hold"
SUCCESS => holds priority list should appear with holds for every patron in club
5) Repeat steps 3 and 4.
SUCCESS => new holds should appear in different order
6) Sign off

Sponsored-by: Southeast Kansas Library - SEKLS
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-01 08:05:58 +01:00
8171c9d05d
Bug 23607: Make /patrons/:patron_id/account staff only
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-27 14:00:48 +01:00
c9e3060f31
Bug 23517: Add a spec for PUT /holds/{hold_id}/priority
This patch adds the OpenAPI spec for the endpoint, and tests for the
desired behaviour.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-23 11:51:58 +01:00
c415476a37
Bug 23584: Add spec for PUT /public/patron/:patron_id/guarantors
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-23 10:52:39 +01:00
410e9bc0e8
Bug 23597: Add missing reserved query parameters to GET /holds
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-17 12:40:22 +01:00
Lari Taskula
e9e6537fae
Bug 16825: Add API route for getting an item
GET /api/v1/items/{item_id} Gets one Item

This patch adds route to get one item from koha.items table.

To test:
1. Apply patch
2. Open a browser tab on Koha staff and log in (to create CGISESSID
   cookie).
3. Send GET request to http://yourlibrary/api/v1/items/YYY
   where YYY is an existing itemnumber.
4. Make sure the returned data is correct.
5. Run unit tests in t/db_dependent/api/v1/items.t

Sponsored-by: Koha-Suomi Oy
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-12 16:41:09 +01:00
81b2e7f4cb
Bug 20691: (QA follow-up) API-related fixes
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-11 08:54:03 +01:00
Kyle M Hall
1ad03f5509
Bug 20691: Add ability to turn feature on and off
This patch adds two preferences
1. AllowPatronToSetFinesVisibilityForGuarantor: Allow/Don't allow patrons to choose their own privacy settings for showing the patron's fines to the patron's guarantor
2. AllowStaffToSetFinesVisibilityForGuarantor: Allow/Don't allow staff to set the ability for a patron's fines to be viewed by linked patrons in the OPAC

Also adds a tinyint, non nullable, default to 0 column in borrower and deletedborrower named privacy_guarantor_fines.
1. privacy_guarantor_fines = 0 => don't allow guarantor to see guarantee's fines
2. privacy_guarantor_fines = 1 => allow guarantor to see guarantee's fines

To test:
1) git reset --hard master
2) apply patches (including dependencies)
3) perl installer/data/mysql/updatedatabase.pl
4) dbic
5) restart_all
6) in intranet search for AllowPatronToSetFinesVisibilityForGuarantor and AllowStaffToSetFinesVisibilityForGuarantor preferences
SUCCESS => both preferences should be present
7) search for a patron with guarantor
SUCCESS => in details tab, in "Library use" section you should see a row labeled "Show fines to guarantor"
8) edit
CHECK => in Guarantor information there is no "Show fines to guarantor" select
9) set AllowStaffToSetFinesVisibilityForGuarantor preference to "Allow"
10) return to patron with guarantor and edit
SUCCESS => in Guarantor information section there is a "Show fines to guarantor" select
11) change "Show fines to guarantor" select to "Yes" and save
SUCCESS => Value is saved
12) go to details tab
SUCCESS => in "Library use" section you see a row labeled "Show fines to guarantor" with value "Yes"
13) set OPACPrivacy preference to "Allow"
14) open 2 opacs, one with a patron that has a guarantor and another that hasn't and go to "your privacy" tab.
CHECK => in both opacs you should not see a "Allow your guarantor to view your current fines?" select
15) in intranet set AllowPatronToSetFinesVisibilityForGuarantor to "Allow"
16) refresh both opacs
SUCCESS => in Patron that has guarantor you see a "Allow your guarantor to view your current fines?" select
	=> in Patron without guarantor you don't see a "Allow your guarantor to view your current fines?" select
17) in Patron with guarantor change value of select and save
SUCCESS => Value is saved
18) in intranet set OPACPrivacy preference to "Don't allow" and AllowPatronToSetFinesVisibilityForGuarantor to "Don't allow"
19) got to "your personal details" in both opacs
CHECK => in both opacs you should not see no Privacy section with a "Allow your guarantor to view your current fines?" select
20) in intranet set AllowPatronToSetFinesVisibilityForGuarantor to "Allow"
21) refresh both opacs
SUCCESS => in Patron that has guarantor you see a "Allow your guarantor to view your current fines?" select in a Privacy section
        => in Patron without guarantor there is no Privacy section
22) in Patron with guarantor change value of select and update
SUCCESS => Value is saved
23) Sign off

Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-11 08:53:46 +01:00
109334102f
Bug 14570: Make it possible to add multiple guarantors to a record
This patch adds the ability to set an unlimited number of guarantors
for a given patron. As before, each guarantor may be linked to another
Koha patron, and all the behavior that applies to a given guarantor
remains the same.

Test Plan:
 1) Apply this patch
 2) Run updatedatabase.pl
 3) Find some patrons with guarantors, verify the still have their guarantor
 4) Test adding and removing guarantors on a patron record, both Koha users and not
 5) Verify the "Add child" button works
 6) Verify NoIssuesChargeGuarantees still works
 7) Verify tools/cleanborrowers.pl will not delete a guarantor
 8) Verify the guarantors are displayed on moremember.pl
 9) Verify the guarantor is removed by members/update-child.pl
10) Verify the guarantor is removed by misc/cronjobs/j2a.pl
11) Verify import patrons converts guarantor_id, relationship, contactfirstname,
  and contactsurname into a guarantor
12) prove t/Patron.t
13) prove t/db_dependent/Circulation.t
14) prove t/db_dependent/Circulation/NoIssuesChargeGuarantees.t
15) prove t/db_dependent/Items.t
16) prove t/db_dependent/Koha/Patrons.t
17) prove t/db_dependent/Members.t
18) prove t/db_dependent/Patron/Relationships.t

Signed-off-by: Kim Peine <kmpeine@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-08-20 16:04:48 +01:00
0619aab997
Bug 17003: (follow-up) Update definitions according to voted RFC
Test plan:
1) Have some patrons with checkouts, some renewable and some not
renewable
2) Use your favorite API tester and access GET
http://koha.url/api/v1/checkouts/{checkout_id}/allows_renewal
3) Check the response is OK according to voted RFC:
https://wiki.koha-community.org/wiki/Checkouts_endpoint_RFC#Checkout_renewability_2
4) prove t/db_dependent/api/v1/checkouts.t

Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-07-01 16:10:15 +01:00
0404ecec4b
Bug 17003: Adapt to OpenAPI
Test plan:
prove t/db_dependent/api/v1/checkouts.t

Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-07-01 16:10:01 +01:00
Lari Taskula
563458f20e
Bug 17003: Add API route to get checkout's renewability
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-07-01 16:09:46 +01:00
Julian Maurice
088522032f
Bug 23154: Add pagination to /api/v1/checkouts
Allow to use _page and _per_page query parameters for
/api/v1/checkouts
Also fix a timezone problem in t/db_dependent/api/v1/checkouts.t

Test plan:
1. With your favorite REST tester tool, or directly in the browser,
   fetch http://koha/api/v1/checkouts and check that you have results
2. Fetch /api/v1/checkouts?_per_page=1&_page=1 and check that only the
   first result is returned. Check that response contains headers
   X-Total-Count and Link
3. Fetch /api/v1/checkouts?_per_page=1&_page=2 and check that only the
   second result is returned. Check that response contains headers
   X-Total-Count and Link
4. prove t/db_dependent/api/v1/checkouts.t

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-06-24 16:14:42 +01:00
5aaae31a78
Bug 9834: (QA follow-up) API Corrections
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-06-20 17:12:12 +01:00
5743bb2945 Bug 15496: (QA follow-up) Change success status on api
DELETE response code must be 204, not 200 according to our API coding
guidelines

Test plan:

prove t/db_dependent/api/v1/biblios.t

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-26 12:06:58 +00:00
2b45630e42 Bug 15496: Add API endoint for deleting a bib
Signed-off-by: Liz Rea <wizzyrea@gmail.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-26 10:54:49 +00:00
7021af6879 Bug 22729: Adapt /patrons controller code to the change
This patch makes the controller code aware of the flgAnonymized =>
anonymized change.

To test:
- Run
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-25 10:06:44 +00:00
da8ca6c865 Bug 21336: Fix the API
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-18 09:49:57 +00:00
eabcec1d6c Bug 13895: (QA follow-up) Make the class plural
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
a142369b30 Bug 13895: Adapt naming according to voted RFC
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
47ad7afcca Bug 13895: (follow-up) Fix POST response
Test plan:
prove t/db_dependent/api/v1/chcekouts.t

Signed-off-by: Michal Denar <black23@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
95d23bc3c3 Bug 13895: Change renewal endpoint
Instead of PUT on /checkout/{checkout_id} endpoint, you should now call
POST on /checkouts/{checkout_id}/renewal

Test plan:
prove t/db_dependent/api/v1/checkouts.t

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
1dfb57164f Bug 13895: (follow-up) Adapt checkout endpoint to openapi, update terminology
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
b63fd774c1 Bug 13895: (QA follow-up) Adjust OpenAPI definitions for checkouts
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
Julian Maurice
e3f2e346f8 Bug 13895: Add API routes for checkouts retrieval and renewal
GET /checkouts?borrowernumber={borrowernumber}
GET /checkouts/{checkout_id}
PUT /checkouts/{checkout_id}

+ unit tests in t/db_dependent/api/v1/checkouts.t

Test plan:
1. Open a browser tab on Koha staff and log in (to create CGISESSID
   cookie). You should have permission circulate_remaining_permissions.
2. Go to http://yourlibrary/api/v1/checkouts?borrowernumber=XXX (replace
   XXX with a borrowernumber that has checkouts) and check you receive
   correct data
3. Go to http://yourlibrary/api/v1/checkouts/YYY (replace YYY with an
   existing checkout id) and check you receive correct data
4. Send PUT requests to http://yourlibrary/api/v1/checkouts/YYY until
   the maximum number of renewals is reached (you should have a 403
   error)
5. Run unit tests in t/db_dependent/api/v1/checkouts.t

Depends on bugs 16699 and 14868

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Lari Taskula <larit@student.uef.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
Matthias Meusburger
6e98cc4503 Bug 19661: Add and change properties and parameters to conform to the funds RFC.
Also, perform an exact search when searching on the fund owner id.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-22 19:40:37 +00:00
Matthias Meusburger
717975abeb Bug 19661: REST API - Funds Endpoint
This patch adds a new route to the REST api:

/api/v1/acquisitions/funds/

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-22 19:40:36 +00:00
6ebcc255d3 Bug 22206: (follow-up) Voted RFC changes
This patch changes expiration_date for end_date as voted when the RFC
was approved.

It also adds a test for the Location header being added correctly when
suspending a hold (SWAGGER3.4.1)

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:35:30 +00:00
51a887a81d Bug 22206: OpenAPI spec
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:35:30 +00:00
41f394f4ee Bug 20006: (follow-up) Plural class name
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:35:26 +00:00
62f1b2df68 Bug 20006: Spec changes
This patch makes the spec match the voted RFC.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:35:26 +00:00
Andrew Isherwood
0c7d9e4cc8 Bug 20563: Allow display of requested partners
This patch adds the display of requested partner email addresses when an
ILL backend provides the ability to send requests to partners. Partner
email addresses are displayed in the illlist and illview displays, they
are also included in the 'illrequests' API response.

* api/v1/swagger/paths/illrequests.json:
  - Add 'requested_partners' as an 'embed' enum
* Koha/Illrequest.pm:
  - Add 'requested_partners' accessor calling optional backend 'get_requested_partners' method.
  - Store requested partners upon email send, calling optional backend 'set_requested_partners' method.
  - Add 'requested_parners' embed to overloaded TO_JSON method.
* koha-tmpl/intranet-tmpl/prog/en/modules/ill/ill-requests.tt:
  - Add 'requested_partners' embed to illrequests API call
  - Add render function for "Additional status" datatables column
  - Add display of requested partner email addresses to illlist table
  - Add display of requested partner email addresses to illview display

To test:
1) Enable Interlibrary loans
2) Add a backend that supports sending requests to partners, e.g.
FreeForm
3) Set up at least one partner
4) Create an ILL request
5) Send request to partner(s)
6) Observe partner(s) email address(es) are displayed in "View ILL
requests" view
7) Observe partner(s) email address(es) are displayed in "Manage ILL
request" view

Signed-off-by: mmg@interleaf.ie

https://bugs.koha-community.org/show_bug.cgi?id=20653

Bug 20563: (follow-up) Fix requested partners

As per:
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20563#c10

Thanks for the suggestion on merging the "Status" and "Additional status" columns, looks much better!

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:33:37 +00:00
Andrew Isherwood
7413de82f2 Bug 21063: Add "Columns settings" for ILL
This patch adds the "Columns settings" values for the illrequests table

Signed-off-by: Niamh.Walker-Headon@it-tallaght.ie

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: Add ability to show / hide columns

This patch adds the "Column visibility" functionality to the main ILL
request list table.

To test:
- Ensure ILL is enabled and you have some requests
- Apply patch
- From the "Koha administration screen, select "Configure columns"
- In the "Columns settings" page:
  => TEST: Ensure an "Interlibrary loans" category exists
  - Upon expanding the category:
  => TEST: Ensure a table is displayed showing columns
  => TEST: Ensure the "action" column has "Cannot be toggled"
  pre-selected
  => TEST: Change values for columns and ensure they're saved
- From the main staff menu, select "ILL requests"
- In the table:
  => TEST: Click the "Column visibility" button and ensure a modal
  containing all columns (except "Action")  is displayed
  => TEST: Select various columns and ensure they are shown and hidden

Signed-off-by: Niamh.Walker-Headon@it-tallaght.ie

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: (follow-up) Add user ID to column list

As originally specified in bug 20883, there is a requirement for some
users to be able to display the user ID (borrowernumber) in the UI.

This patch adds that ability to this bug, 20883 will be marked as a
duplicate of this one.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: (follow-up) Amendments for rebase

Modify to add the additional changes required now we're rebasing on top
of the dependency tree. Includes adding additional columns (and changing
indexes for search/filter where appropriate)

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: (follow-up) Add comments to column list

Since this bug is now dependent on Bug 18591 (Allow an arbitrary number
of comments on ILLs) we need to add the comments column to this table
and the list of selectable columns. This patch does this.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: (follow-up) Sanitize datatable data

This mitigates bug 22268 by sanitizing data prior to display using the
built in $.fn.dataTable.render.text() helper provided by Datatables.

The patch was added here, rather that in 22268 since this is the bug
that introduced the problem by increasing the number of fields that are
displayed in the table, some of which could contain user provided
malicious data

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:33:36 +00:00
8083bc2ff0 Bug 22216: Make GET /patrons/{patron_id} staff only
This patch removes the possibility to access the patron object
identified by patron_id by the patron itself, or a guarantor.

It does so by removing the permissions from the spec. The tests are
adjusted to remove that use case.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-22 13:15:11 +00:00
Andrew Isherwood
4e4d77d702 Bug 20600: (follow-up) Fix API spec
We now return placed_formatted and updated_formatted, the API spec
should reflect this

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 16:36:43 +00:00
562eaa154b Bug 16497: (follow-up) GET operations require staff access
With the introduction of the /public namespace all other endpoints, the
rest of the endpoints are restricted to privileged users.

This patch makes the GET /libraries and GET /libraries/:library_id
endpoints require 'catalogue' permissions.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
0718416ff1 Bug 16497: (follow-up) Adapt to existing guidelines and RFC
This patch makes the original implementation match what is specified on
the RFC [1].

The controller is updated, and so the tests.

To test:
- Apply this patches:
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/libraries.t
=> SUCCESS: Tests pass!

[1] https://wiki.koha-community.org/wiki/Libraries_endpoint_RFC

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
145f578d26 Bug 16497: (follow-up) New column marcorgcode added
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
99ad829f99 Bug 16497: Add missing field in definitions due to bug 18066
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
Jiří Kozlovský
96456cadc2 Bug 16497: Add /api/v1/libraries
CRUD for libraries via REST API.

GET    /api/v1/libraries              - List all libraries
GET    /api/v1/libraries/{branchcode} - Get one Library
POST   /api/v1/libraries              - Add new Library
DELETE /api/v1/libraries/{branchcode} - Delete Library

Test plan:
  - apply patch
  - run tests: t/db_dependent/api/v1/libraries.t
  - test API with some API tool or simple curl

e.g.:
curl http://host:port/api/v1/libraries
curl http://host:port/api/v1/libraries/cpl

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
6aadbcc4be Bug 22227: Make GET /cities staff only
This patch removes the possibility to access the city objects without
privileged access (minimum permissions == catalogue).

It does so by adding the required permissions to the spec. The tests are
adjusted.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/cities.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-15 18:42:46 +00:00
15ca95ca1d Bug 22061: (QA follow-up) Rename password_2 => password_repeated
As voted when the RFC was discussed, the attribute gets renamed. The
tests are adjusted accordingly.

To test:
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons_password.t
=> SUCCESS: Tests pass!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-28 15:45:56 +00:00
b65e4bee0e Bug 22061: OpenAPI spec
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-28 15:45:55 +00:00
d4570947b0 Bug 17006: OpenAPI spec
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-28 15:25:39 +00:00
986a52d718 Bug 21786: (QA follow-up) library_id can be null
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-08 15:50:51 +00:00
55f0427629 Bug 21786: Add library_id to the spec definitions
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-08 15:50:47 +00:00
Katrin Fischer
252f4674a5 Bug 14391: Add granular permissions to the administration module
So far the administration module only allowed for 2 permissions:
- circulation conditions (manage_circ_rules)
- everything else (parameters_remaining_permissions)

With this patch almost every section of the administration page
will have its own granular permission.

To test:
- Create different staff users:
  1) One with parameters_remaining_permissions
  2) One with parameters
  3) One with catalogue and no parameters
  4) One superlibrarian
- Apply the patch
- Run the database update
- Check the staff users:
  1) All subpermissions, but manage_circ_rules
     should be checked
  2) Nothing should have changed
  3) manage_item_serach_fields shoudl be checked
     (page had catalogue permission before)
  4) Nothing should have changed
- Try different settings of the permissions and
  verify that
  - Administration page behaves correctly
  - Administration menu behaves correctly
  ! You shoudl only see what you have permission for

https://bugs.koha-community.org/show_bug.cgi?id=14391

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-07 12:29:32 +00:00
Andrew Isherwood
00178268ca Bug 20772: Return cost & price_paid in API
Signed-off-by: Barry Cannon <bc@interleaf.ie>

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2018-10-13 08:34:32 -03:00
a9248f237d Bug 11897: Use 'stockrotation' permission for the endpoint
This patch makes the tests for 'authorized' session use the
'stockrotation' permission instead of 'superlibrarian'.

The path x-koha-permission is fixed accordingly.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-09 15:46:06 +00:00
85be5a8188 Bug 11897: Stockrotation
The stock rotation feature adds a batch process to automate rotation of
catalgue items with a staff client page under tools to manage rotas/schedules.

Once a rota is configured, and your staff user has the right permissions
to allocate items, then an additional tab will appear on biblio records
allowing the management of of which rota, if any, individual items belong to.

It also includes a cron script to process the items on a daily basis.

Signed-off-by: Kathleen Milne <kathleen.milne@cne-siar.gov.uk>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Edit: I removed a temporary file

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-09 15:46:05 +00:00
566badf12a Bug 20944: OpenAPI spec for /patrons/{patron_id}/account/credits
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-31 12:46:59 +00:00
bb7c908dc0 Bug 20942: Split debit and credit lines
This patch splits the balance to match this object schema:

{
    balance             => #,
    outstanding_credits => {
        total => #,
        lines => [ credit_line_1, ..., credit_line_n ]
    },
    outstanding_debits  => {
        total => #,
        lines => [ debit_line_1, ..., debit_line_m ]
    }
}

This change is made to ease usage from the UI. Also because the
outstanding credits need to be applied to outstanding debits in order to
the balance value to make sense. So we still need to have each total.

Tests are added for this change, and the schema files are adjusted as
well.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons_accounts.t
=> SUCCESS: Tests pass!
- Sign off :-D

staff_id is changed into user_id as voted on the dev meeting the RFC got
approved.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-18 16:49:27 +00:00
d383b49987 Bug 20942: OpenAPI spec for /patrons/{patron_id}/account
This patch adds the OpenAPI spec for the following paths:
- /patrons/{patron_id}/account

It also adds object definitions for:
- balance
- account line

Account line is to be used on both /account/lines (when implemented)
and for embeding the outstanding lines in the balance endpoint
(/patrons/{patron_id}/account).

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-18 16:49:25 +00:00
Julian Maurice
43a4b3c22c Bug 20402: Implement OAuth2 authentication for REST API
It implements only the "client credentials" flow with no scopes
support. API clients are tied to an existing patron and have the same
permissions as the patron they are tied to.
API Clients are defined in $KOHA_CONF.

Test plan:
0. Install Net::OAuth2::AuthorizationServer 0.16
1. In $KOHA_CONF, add an <api_client> element under <config>:
     <api_client>
       <client_id>$CLIENT_ID</client_id>
       <client_secret>$CLIENT_SECRET</client_secret>
       <patron_id>X</patron_id> <!-- X is an existing borrowernumber -->
     </api_client>
2. Apply patch, run updatedatabase.pl and reload starman
3. Install Firefox extension RESTer [1]
4. In RESTer, go to "Authorization" tab and create a new OAuth2
   configuration:
   - OAuth flow: Client credentials
   - Access Token Request Method: POST
   - Access Token Request Endpoint: http://$KOHA_URL/api/v1/oauth/token
   - Access Token Request Client Authentication: Credentials in request
     body
   - Client ID: $CLIENT_ID
   - Client Secret: $CLIENT_SECRET
5. Click on the newly created configuration to generate a new token
   (which will be valid only for an hour)
6. In RESTer, set HTTP method to GET and url to
   http://$KOHA_URL/api/v1/patrons then click on SEND
   If patron X has permission 'borrowers', it should return 200 OK
   with the list of patrons
   Otherwise it should return 403 with the list of required permissions
   (Please test both cases)
7. Wait an hour (or run the following SQL query:
   UPDATE oauth_access_tokens SET expires = 0) and repeat step 6.
   You should have a 403 Forbidden status, and the token must have been
   removed from the database.
8. Create a bunch of tokens using RESTer, make some of them expires
   using the previous SQL query, and run the following command:
     misc/cronjobs/cleanup_database.pl --oauth-tokens
   Verify that expired tokens were removed, and that the others are
   still there
9. prove t/db_dependent/api/v1/oauth.t

[1] https://addons.mozilla.org/en-US/firefox/addon/rester/

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:42 -03:00
a7e46047cf Bug 19784: Adapt /v1/patrons to new naming guidelines
This patch introduces two functions to the patrons endpoint:
- _to_api
- _to_model

This are in charge of field mappings in order to comply with the
guidelines.

Koha::REST::V1:Auth is adjusted to handle 'patron_id' as well. 'borrowernumber'
handling is kept until the existing endpoints get updated.

To test:
- Apply the patches
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/*.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-29 11:42:08 -03:00
87dc9b0ac1 Bug 19784: Remove reference to 'borrowernumber' param from other endpoints
This patch removes the $ref occurences for borrowernumber in not
patron-specific endpoints. 'borrowernumber' is still used on them, but as a
hardcoded parameter. The param rename will happen on a separate bug for
each endpoint.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-29 11:42:08 -03:00
6c3a273af9 Bug 16330: (QA follow-up) Repect guidelines on plurals Patron > Patrons
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-29 11:42:07 -03:00
dd9b6c1651 Bug 16330: Move patches to OpenAPI
This patch refactors the original work so it implements the controllers
and the spec using Mojolicious::Plugin::OpenAPI, and OpenAPI for the specification.

It removes the ability for patrons without permissions to edit their own data or their
guarantee's. This will be moved to a patron modification requests endpoint for simplicity.

It makes use of bugs 19410 and 19686 and their dependencies to deal with parameters handling,
query building and pagination.

Tests are adapted.

To test:
- Apply this patches and the dependencies
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D

Sponsored-by: ByWater Solutions

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-29 11:42:06 -03:00
Benjamin Rokseth
7b8909cb90 Bug 16330: Add routes to add, update and delete patrons
This patch adds support for add, edit and delete patrons via REST API.

GET  /api/v1/patrons                   Get patron list from params
GET  /api/v1/patrons/<borrowernumber>  Get single patron
POST /api/v1/patrons                   Create a new patron
PUT  /api/v1/patrons/<borrowernumber>  Update data about patron
DEL  /api/v1/patrons/<borrowernumber>  Delete a patron

Revised Test plan:
1) Apply this patch
2) Run tests perl t/db_dependent/api/v1/patrons.t
3) Add a user with proper rights to use the REST API
4) play with your favourite REST client (curl/httpie, etc.):
   Authenticate with the user created above and get a CGISESSION id.
   Use the CGISESSION to add, edit and delete patrons via the API.
5) Use PUT /patrons/<borrowernumber> for a patron without borrowers
   flag. This should go into pending patron modification status and
   needs to be accepted by a librarian.

Please note there is no validation of body input in PUT/POST other
than branchcode,category,userid,cardnumber.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-29 11:42:06 -03:00
dfbadc70d4 Bug 20004: Adapt /v1/cities to new naming guidelines
This patch implements the changes required by the cities endpoint RFC
[1].

It uses the objects.search helper, and relies on bug 19686.

To test:
- Apply the patches
- Compare the spec with the RFC (api/v1/swagger/definitions/city.json)
=> SUCCESS: It makes sense
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/cities.t
=> Tests pass!
- Sign off :-D

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-16 17:53:42 -03:00
8c489457ca Bug 20144: (follow-up) Adjust /patrons endpoint
Fields 'address' and 'city' have been maybe nullable by this bug. This
patch makes them nullable on the API as well.

To test:
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons.t
=> FAIL: Tests fail (randomly) when address or city are set to null by
         TestBuilder.
- Apply this patch
- Run:
 k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-13 16:08:47 -03:00
5c8365e4a7 Bug 18403: REST API - patrons endpoint
There is something wrond here, the userenv is no set and so we cannot
user search_limited.
Should we set the userenv or filter on the libraries using
libraries_where_can_see_patrons?
WAITING FOR FEEDBACK HERE.

Signed-off-by: Signed-off-by: Jon McGowan <jon.mcgowan@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-12 15:41:42 -03:00
bd2d2fd433 Bug 16213: (QA follow-up) Fix terminology
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-01-30 14:21:28 -03:00
Julian Maurice
c76281f3fc Bug 16213: Allow to select hold's itemtype when using API
Test plan:
1/ Use your usual "REST testing" tool to place a title-level hold with
an itemtype. The request should look like this:

POST /api/v1/holds
{
    "borrowernumber": 1234,
    "biblionumber": 456,
    "branchcode": "CPL",
    "itemtype": "A"
}

2/ Check that the hold was placed and the itemtype is correctly selected
3/ prove t/db_dependent/api/v1/holds.t

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-01-30 14:21:28 -03:00
ec9f747913 Bug 19410: (follow-up) Add reserved params definitions
This patch re-adds some parameters I left out during some rebasing tasks
and ended up on a separate patchset (bug 18731).

The introduced parameters definitions are only used on endpoint definitions
that implement (at least) pagination. No need to test them here but easier
adding them here than on a patch implementing a new enpoint, which would become
a dependency for other endpoints.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-11 17:46:59 -03:00
c9880bd02a Bug 7317: (QA followup) Make query parameters consistent with other endpoints
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-11-09 11:42:16 -03:00
2725d3156a Bug 7317: (QA followup) Rename 'branch' for 'library'
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-11-09 11:42:16 -03:00
c99e814a6f Bug 7317: (followup) Migrate endpoint to OpenAPI
This patch moves the current endpoint implementation from Swagger2 to
the OpenAPI plugin.

It also takes advantage of the overloaded Koha::Illrequest::TO_JSON method
which has now the option to embed what's needed for the REST api.

The path spec is adjusted to fit OpenAPI, and some minor fixes are
applied:
- Missing 'metadata' query param
- 'ill' permissions should be required instead of 'borrowers'
- Full test coverage

To test:
- Apply  this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/illrequests.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-11-09 11:42:13 -03:00
Alex Sassmannshausen
8e86b5e093 Bug 7317: Interlibrary loans framework for Koha.
This Commit is at the heart of adding an interlibrary loans framework
for Koha.  The framework does not prescribe a particular workflow.
Instead it provides a general framework that can be extended &
implemented by individual backends whose responsibility it is to
implement a specific workflow.

The module is largely self-sufficient: it adds new tables to the Koha
database and touches only a few files in the Koha source tree.

Primarily, we add our files to the Makefile and the koha-conf.xml,
define ill paths for the REST API, and introduce links from the main
intranet, opac pages & user permissions.

Outside of this we simply add new files & functionality.

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-11-09 11:42:12 -03:00
7367274c62 Bug 18120: (QA followup) 'vendors_manage' permission fits better than full acq
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 17:13:13 -03:00
Katrin Fischer
52c677166d Bug 18120: Update field descriptions
Trying to clarify some of the descriptions.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 17:13:13 -03:00
6d52d57fac Bug 18120: Add '/acquisitions/vendors' endpoint
This patch introduces an /acquisitions/vendors endpoint.
To test:
- Apply the patch
- Run:
  $ sudo koha-shell kohadev
 k$ prove t/db_dependent/api/v1/acquisitions_vendors.t
=> SUCCESS: Tests pass
- Sign off :-D

Sponsored-by: ByWater Solutions

Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 17:13:13 -03:00
Lari Taskula
b4e525e4f6 Bug 18282: operationId must be unique
operationId has the following documentation:
 "Unique string used to identify the operation. The id MUST be unique among all
  operations described in the API."

This patch modifies operationIds to be unique accross our API operations.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 12:02:39 -03:00
Lari Taskula
fbda925f85 Bug 18137: (follow-up) Sort definitions.json
Before this file grows, we should sort it alphabetically.

To test:
1. prove t/db_dependent/api/v1

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
1f9e262ab5 Bug 18137: Remove x-mojo-around-action
Mojolicious::Plugin::OpenAPI does not support x-mojo-around action. This patch
removes it from our specification document.

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
047508bb8d Bug 18137: Make /holds Mojolicious::Plugin::OpenAPI compatible
Also
- adding some missing and new response definitions into Swagger spec.
- fixing failing tests due to Bug 17932's change of boolean values

To test:
1. prove t/db_dependent/api/v1/holds.t

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
b007919e35 Bug 18137: Make /cities Mojolicious::Plugin::OpenAPI compatible
Also:
- adding some missing and new response definitions into Swagger spec.

To test:
1. prove t/db_dependent/api/v1/cities.t

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
915963ba7f Bug 18137: Make /patrons Mojolicious::Plugin::OpenAPI compatible
Also:
- adding some missing and new response definitions into Swagger spec.
- fixing failing test due to Bug 17932's change of boolean values

To test:
1. prove t/db_dependent/api/v1/patrons.t

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
779089a62a Bug 18508: Fix t/db_dependent/api/v1/swagger/definitions.t (follow-up of 6758)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-20 16:07:07 -03:00
75a62e9392 Bug 18763: Fix swagger/definitions.t
Test plan:
  prove api/v1/swagger/definitions/patron.json
must return green

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
swagger/definitions.t test returns green
2017-06-14 14:36:28 -03:00
694c09aa87 Bug 18409: Make the controller for holds use Koha::Holds
Recently, there's been a major fix on the REST api swagger spec,
which involved fixing boolean values so they are actually booleans
and Koha::Object was extended to handle that.
While the swagger spec for this endpoint got fixed, such is not the case
with the implementation (the controller class).

This patch fixes this situation by:
- Specifying boolean properties as boolean in the schema file
- Fixes the controller so it returns Koha::Hold objects instead of the
  hashref returned by GetReserve, which is wrong.
- Better (than empty) descriptions are added to 'suspend',
  'suspend_until' and 'lowestPriority' on the spec.

To test:
- Run:
  $ sudo koha-shell kohadev
 k$ cd kohaclone
 k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Tests fail, mostly due to error 500 results.
- Apply this patch
- Run:
 k$ prove t/db_dependent/api/v1/holds.t
=> SUCCESS: Tests pass!
- Sign off :-D

This can also be tested using any interface for REST apis.

Note: This endpoint lacks several of the new guidelines and is not
complete (there's no GET for single holds, etc). It is also missing
exception handling. There are probably
other bug reports for that, just thought it was worth mentioning.

Followed test plan and this patch worked as intended
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-04-24 09:40:40 -04:00
2f64fd3918 Bug 17927: (QA followup) Fix timestamp nullable in hold.json
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-02-07 17:55:43 +00:00
105b82b846 Bug 17927: (QA followup) Fix boolean types
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-02-07 17:55:43 +00:00
d628cd828d Bug 17927: (followup) Fix /cities cityid type
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-02-07 17:55:43 +00:00
Lari Taskula
9d805b5b5f Bug 17927: Fix /holds and /patrons data types
This patch changes current Swagger definitions for patrons and holds to have
data types corresponding to column data types in their database tables.

To test:
1. GET http://yourlibrary/api/v1/patrons/YYY where YYY is existing borrowernumber
2. Observe that numbers / integers are in string data type.
3. Apply this patch
4. Repeat step 1.
5. Observe that numbers / integers are now actually numbers / integers.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-02-07 17:55:43 +00:00
Lari Taskula
153e07fe5e Bug 17086: Reword borrowers to patrons in Swagger tags for holds
Routes for holds have tags called "borrowers". We should use "patrons" instead
in order not to have both (endpoints for patrons already add "patrons").

This patch changes the tags from borrowers to patrons in:
GET  /holds
POST /holds

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Katrin Fischer  <katrin.fischer@bsz-bw.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-11-22 11:31:08 +00:00
68173511bf Bug 17651: borrowers.updated_on can be null - swagger def
The swagger file does not consider borrowers.updated_on as a nullable
value, it should

Test plan:
0/ Do not apply this patch
1/ update borrowers set updated_on=null;
2/ prove t/db_dependent/api/v1/patrons.t
=> Fail
3/ Apply this patch
4/ prove t/db_dependent/api/v1/patrons.t
=> green

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-11-18 13:39:06 +00:00
2975c01020 Bug 17607: Fix patron definition in Swagger
This patch makes the patron swagger definition match the DB schema.
To test:
- Run:
  $ prove t/db_dependent/api/v1/swagger/definitions.t
=> FAIL: 'lastseen' field is not declared in the swagger definition
- Apply the patch
- Run:
  $ prove t/db_dependent/api/v1/swagger/definitions.t
=> SUCCESS: Tests pass!
- Sigh off :-D

Sponsored-by: ByWater Solutions
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
All tests pass successfuly

Signed-off-by: Lari Taskula <lari.taskula@jns.fi>
Fixed a typo: seed -> seen

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-11-14 11:25:25 +00:00
96a112e961 Bug 17428: (QA followup) Fix community site in swagger file
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-10-28 14:42:50 +00:00
e08639129a Bug 17428: [REST] best practice followup
This followup alters a few area's to be aligned more closely with
RESTfull best practices:

* PUT should always be full objects, and not partial updates (use PATCH
  for partials)
* Validate query parameters instead of blindly passing them to the model
  * Functional Change: Convert filter params from 'equality' to 'starts with'
    matching
* Update tests to check for swagger validation errors instead of koha exceptions
* Mark 'id' as readOnly so swagger may prevent, via validation, id
  changes.

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-10-28 14:42:49 +00:00
217d0df517 Bug 17428: [REST] Cities swagger specification
This patch adds the swagger definitions for the /cities endpoint

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-10-28 14:42:48 +00:00
a8376f99d9 Bug 17432: Remove minification
The swagger specification file is currently being minified adding
manual steps to release management and restful api route development.
The minification is not required; The deferenced version of the
specification is now internally validated at runtime and relavant errors
output and the dereferenced schema has been made publically available at
/api/v1/spec, so it can be copy&pasted into validation tools

Test Plan
1) Apply patch
2) Ensure api routes still function (applying the /cities patch might be
    helpful)
3) Ensure /api/v1/spec page exists (it should be the de-referenced
    swagger.json file)

Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-10-11 06:57:38 +00:00
0646478be0 Bug 14868 - Update swagger.min.json
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-09-02 12:25:59 +00:00
Lari Taskula
00a50a9400 Bug 14868: Use x-koha-authorization in current routes
To test:
1. Run t/db_dependent/api/v1/holds.t
2. Run t/db_dependent/api/v1/patrons.t

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-09-02 12:20:36 +00:00
Olli-Antti Kivilahti
ac1286dacd Bug 14868: Swagger2-driven Permission checking
Define 'x-koha-permission' for the Swagger2 Operation Object, to automatically
authorize against the required permissions.

This way we immediately tell the API consumer in the Swagger2-definition, which
permissions are needed to access defined resources.
Also we don't need to maintain permissions in multiple locations and we can build
a smart testing framework to help a lot in creating tests for the new REST API.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-09-02 12:20:35 +00:00
53631f9ffd Bug 16699: (QA followup) Move minified swagger file into the swagger/ dir
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-26 12:08:52 +00:00
Lari Taskula
eeab7d0666 Bug 16699: Remove requirement from borrowernumberQueryParam
borrowernumberQueryParam shouldn't be required as also changed in Bug 16271.

To test:
1. Don't apply the patch yet, but first minify Swagger and run
   t/db_dependent/api/v1/holds.t
2. Observe that some tests fail with response code 400 when expecting 200.
3. Apply patch and minify Swagger
4. Run t/db_dependent/api/v1/holds.t
5. Observe that tests pass.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-26 12:08:52 +00:00
Lari Taskula
7b8c7b038f Bug 16699: Move Swagger-related files to api/v1/swagger
This patch separates Swagger-specifications and the minifySwagger.pl from other
api-files by moving specifications & minifier into api/v1/swagger.

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.

Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>

My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-26 12:08:52 +00:00
Lari Taskula
c523c1e056 Bug 16699: Reference new x-primitives in currently defined objects
Since we have defined some basic x-primitives in x-primitives.json, we can now
start to reuse them in our currently defined objects.

To test:
1. Apply patch
2. Run minifySwagger.pl
3. Validate your Swagger specifications
4. Observe that validation passes

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.

Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>

My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-26 12:08:52 +00:00
Lari Taskula
55a8389bb3 Bug 16699: Support multiple types in primitive definitions
Currently it is not possible to define multiple types for primitive definitions
in /definitions/*. If you try to use the following
"firstname": {
  "type": ["string", "null"],
  "description": "patron's first name"
}
in definitions.json, online.swagger.io validator will not validate it:
{"messages":["attribute definitions.firstname.type is not of type `string`"]}

One way to get around this issue is to extend definitions with custom
"x-primitives" object, where we will define all reusable primitive definitions.

To test:
1. Add the "firstname" example above to definitions.json
2. Run minifySwagger.pl
3. Validate your specification
4. Observe that error with description mentioned above is given
5. Apply patch
6. Repeat step 2 and 3
7. Observe that validation passes

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.

Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>

My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-26 12:08:51 +00:00
Lari Taskula
2aa333fb5f Bug 16699: Fix mixed-up indentation from 2-4 spaces to 2 spaces
These definitions had indentation of 4 spaces, while rest of the specification
uses 2 spaces. This patch simply maintains the consistency in indentations and
provides no other modifications to code.

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.

Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>

My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-26 12:08:51 +00:00
Lari Taskula
baaeb725d2 Bug 16699: Add borrowernumberQueryParam for reusability
The borrowernumber as a query parameter should be defined in parameters.json
in order to allow its reusability.

To test:
1. Apply patch
2. Run minifySwagger.pl
3. Validate swagger.min.json in online.swagger.io/validator/debug?url=url_to+
   _your_swagger_min_json or your local swagger-api/validator-badge validator
4. Observe that validation passes

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.

Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>

My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-26 12:08:51 +00:00
Lari Taskula
0eaf72ab26 Bug 16699: Split parameters and paths in Swagger
Parameters and paths should be split in our Swagger specification, because
otherwise swagger.json would become messy with all the paths and their
further specification in the same file. Also parameters should be split
for the same reason.

Instead of using index.json for definitions, parameters and paths, we define
new files "definitions.json", "parameters.json" and "paths.json" in order to
simplify the references. If we kept using index.json and try to reference
"/definitions/error.json" from "/paths/holds.json", reference would be
"../definitions/index.json#/error" instead of now simplified version,
"../definitions.json#/error".

Here is the proposed structure:

.
├── swagger.json
├── definitions.json
├── paths.json
├── parameters.json
├── definitions
│   └── error.json
│   └── patron.json
├── parameters
│   └── patron.json
├── paths
│   └── patrons.json
├── minifySwagger.pl
└── swagger.min.js

The swagger.json paths, definitions and parameters will look as follows:
...
  "paths": {
    "$ref": "paths.json"
  },
  "definitions": {
    "$ref": "definitions.json"
  },
  "parameters": {
    "$ref": "parameters.json"
  }
...

A problem with splitting specification into multiple files directly from
swagger.json (e.g. "paths": { "$ref": "paths.json" }) is that it is not
following the Swagger specification and an error will be thrown by the
Swagger-UI default validator (online.swagger.io/validator).

To overcome this problem, we use the minifySwagger.pl script from Buug 16212.
This allows the developers to work with the structure introduced in this patch
thus allowing developers to split the specification nicely, and still have a
valid Swagger specification in the minified swagger.min.json.

To test:
-2: Apply the minifier-patch in Buug 16212.
-1: Make sure you can validate your specification with Swagger2 validator at
    online.swagger.io/validator/debug?url=url_to_swaggerjson, or install it
    locally from https://github.com/swagger-api/validator-badge.

1. Don't apply this patch yet, but first validate swagger.json
   with swagger.io-validator (or your local version, if you installed it)
2. Observe that validation errors are given
3. Run minifySwagger.pl
4. Validate swagger.min.json with the validator you used in step 1
5. Observe that validation passes and we overcame the invalid specification
   problem in swagger.min.json
6. Apply this patch
7. Run minifySwagger.pl
8. Repeat step 4
9. Observe that validation passes with new structure
10. Run REST tests at t/db_dependents/api/v1

(11. Study the new structure of our Swagger specifications :))

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.

Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>

My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-26 12:08:51 +00:00
4b140a2e91 Bug 16212 - Generate initial swagger.min.json file
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-25 12:50:01 +00:00
Lari Taskula
92b36fb717 Bug 17041: Fix missing properties in patron.json
Swagger definition for patron was missing two properties.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-08-05 06:08:12 +00:00
Lari Taskula
2ea99517ae Bug 17042: Fix missing column in hold.json
Swagger definition for hold was missing a property.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-08-05 06:06:22 +00:00
Julian Maurice
975be0aef0 Bug 16271: Allow more filters on /api/v1/holds
borrowernumber parameter is no longer required and you can filter on
every column of reserves table

Some example requests
- GET /api/v1/holds
- GET /api/v1/holds?biblionumber=123
- GET /api/v1/holds?borrowernumber=456
- GET /api/v1/holds?priority=0&found=W

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-07-08 14:18:19 +00:00
Julian Maurice
9d31efa2b5 Bug 13903: (QA followup) change routes to /holds
GET    /holds?borrowernumber=X (list)
POST   /holds                  (create)
PUT    /holds/{reserve_id}     (update)
DELETE /holds/{reserve_id}     (delete)

Unit tests in t/db_dependent/api/v1/holds.t

Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-05-04 13:54:01 +00:00
Julian Maurice
70928807d8 Bug 13903: Add API routes to list, create, update, delete reserves
GET    /reserves?borrowernumber=X (list)
POST   /reserves                  (create)
PUT    /reserves/{reserve_id}     (update)
DELETE /reserves/{reserve_id}     (delete)

Unit tests in t/db_dependent/api/v1/reserves.t

Test plan:
1. Apply patch
2. Run unit tests
3. Play with the API with your favorite REST client, using documentation
   in the swagger.json file
4. Try to make reserves until the maximum number of reserves for a user
   is reached (you should have a 403 error)

Depends on bug 15126

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-05-04 13:54:01 +00:00
Julian Maurice
7b6a9f3be1 Bug 15126: Update patron definition
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-05-04 13:52:14 +00:00
d59b4596d5 Bug 15126: x-mojo-controller deprecation
Remove the use of soon to be deprecated x-mojo-controller from our
specification and replace with the recommended operationId format.

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-05-04 13:52:14 +00:00
c7800cf2c5 Bug 15126: Refactor spec file
Spreading the specification over multiple files should lead to a more
manageable specification long term

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-05-04 13:52:13 +00:00
Julian Maurice
35ecddec89 Bug 13799: Add types for patron's fields in Swagger spec
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-11-04 13:47:33 -03:00
Julian Maurice
d074c77deb Bug 13799: Reword 'borrower' to 'patron'
Also, complete the Swagger definition of a patron

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-11-04 13:47:33 -03:00
Julian Maurice
7fe57de8e2 Bug 13799: Change 'required' value type from string to boolean
String is not accepted as a valid value in more recent versions of
Swagger2 module

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-11-04 13:47:33 -03:00
Julian Maurice
63cb4b9d3e Bug 13799: Add missing license notices
Signed-off-by: Joonas Kylmälä <j.kylmala@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-11-04 13:47:33 -03:00
Julian Maurice
b4c6ad6603 Bug 13799: Add cookie-based authentication to REST API
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-11-04 13:47:32 -03:00
Julian Maurice
c83cd77411 Bug 13799: RESTful API with Mojolicious and Swagger2
Actual routes are:
  /borrowers
    Return a list of all borrowers in Koha

  /borrowers/{borrowernumber}
    Return the borrower identified by {borrowernumber}
    (eg. /borrowers/1)

There is a test file you can run with:
  $ prove t/db_dependent/rest/borrowers.t

All API stuff is in /api/v1 (except Perl modules)
So we have:
  /api/v1/script.cgi     CGI script
  /api/v1/swagger.json   Swagger specification

Change both OPAC and Intranet VirtualHosts to access the API,
so we have:
  http://OPAC/api/v1/swagger.json   Swagger specification
  http://OPAC/api/v1/{path}         API endpoint
  http://INTRANET/api/v1/swagger.json   Swagger specification
  http://INTRANET/api/v1/{path}         API endpoint

Add a (disabled) virtual host in Apache configuration api.HOSTNAME,
so we have:
  http://api.HOSTNAME/api/v1/swagger.json   Swagger specification
  http://api.HOSTNAME/api/v1/{path}         API endpoint

Add 'unblessed' subroutines to both Koha::Objects and Koha::Object to be
able to pass it to Mojolicious

Test plan:
  1/ Install Perl modules Mojolicious and Swagger2
  2/ perl Makefile.PL
  3/ make && make install
  4/ Change etc/koha-httpd.conf and copy it to the right place if needed
  5/ Reload Apache
  6/ Check that http://(OPAC|INTRANET)/api/v1/borrowers and
     http://(OPAC|INTRANET)/api/v1/borrowers/{borrowernumber} works

Optionally, you could verify that http://(OPAC|INTRANET)/vX/borrowers
(where X is an integer greater than 1) returns a 404 error

Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-11-04 13:47:32 -03:00