This patch replaces opac-ratings-ajax.pl with a new REST API route
POST /public/biblios/42/ratings
Note that we could go further and refactor the 'start_rating' select
code.
Test plan:
Test the "star ratings" feature at the OPAC, on the different page
where it's displayed.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 28786 let librarians enable a Two-factor authentication but force them to use
an application to generate the TOTP token.
This new enhancement add the ability to send an email containing the token to the
patron once it's authenticaed
The new notice template has the code '2FA_OTP_TOKEN'
Test plan:
- Setup the two-factor authentication (you need the config entry and the
syspref ON)
- Enable it for your logged in patron
- Logout
- Login and notice the new link "Send the code by email"
- Click on it and confirm that you received an email with the code
- Use the code to be fully logged in
QA question: Is 400 the correct error code to tell the email has not
been sent?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds effective_item_type_id to the items api.
We overload the to_api method to append the effective_item_type_id field
with that of the effective itemtype code.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch removes the circ/ysearch.pl script used by the jQuery autocomplete widget.
We can now use the /api/v1/patrons endpoint to retrieve the patrons and
generate the patron result list.
Prior to this patch the different occurrences were defining the style
and the list of patron's attributes to display for each option (name,
date of birth, age, address, etc.). Now they are all displaying the same
information.
To acchieve this we had to:
* Make js-date-format.inc and js-patron-get-age.inc available from js_includes.inc
and so available from everywhere, which is certainly a good move. We
could discuss why this code is in include file instead of JS files
however.
* Remove the .ajaxSetup call in tags-review.js to reduce its scope: an
underscore parameter was added to the REST API query (?)
A better solution would have been to extend the existing widget
(https://learn.jquery.com/jquery-ui/widget-factory/extending-widgets/)
but I didn't manage to do it, and I feel like there is a bug in jQuery
autocomplete. The "source" was not taken into account.
We could think about replacing the jQuery autocomplete with something
else, but that's outside the scope of this bug.
Test plan:
Search for patrons and confirm the autocomplete works and that the
"select" action works as before (either a redirect or select the
patrons) on the different views:
* Place a hold
* Search for tags (form on the left)
* In the header, "Check out" and "Search patrons"
* Add instructors to course reserves
* View logs (the "librarian" input)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the return claim details to the bundle item status
display on the catalogue details page.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds methods the the Koha::Item object for managing item
bundling operations and then exposes those methods via the REST API.
We include the new `BundleNotLoanValue` preference for setting not
for loan values when an item is added to a bundle.
Finally, we expose bundle management via the catalogue details page.
Test plan:
0) Apply patches up to this point and run the database update
1) Configuration: `BundleNotLoanValue` should have been set by the
database update and point to a newly added AV value.
2) Creating a new bundle
* Add a new bib record
* Mark the bib record as a 'collection' type by setting leader
position 7 to 'c'
* Add a new item to this bib record
* You should see a new 'Manage bundle' button available in the
'Actions' column of the Holdings table.
* Clicking 'Manage bundle' should expand the table to include a new
row directly beneath this one.
* Use the new 'Add to bundle' button that appears in this row to
trigger a modal that allows entering the barcode of items you wish
to add to the bundle
* Upon closing the modal, the bundle content table should reload and
contain your newly associated items.
* You can subsequently remove an item from a bundle using the new
'Remove' button.
3) Not for loan
* Items that have been added into a bundle should now appear as 'Not
for loan' from their original biblio record and note which bundle
they belong to.
4) Error cases
* Try adding an item that already belongs to a bundle to another
bundle: Note an error is displayed in the modal form.
5) The bundles feature can be disabled by unsetting the
`BundleNotLoanValue` system preference.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
quote_id should not be required
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Rename the issues.renewals field to renewals_count to prevent a method
name collision with the new relation accessor introduced by this
patchset.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds middle_name to the accaeptable fields in API requests
and responses.
Test plan
1) Search for a user using the API
2) Confirm the API responds with a 200
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch enables librarians with only "place_holds" permissions to cancel, suspend and resume holds via REST API.
Test plan:
1) Try to cancel or suspend a hold with only "place_holds" permissions
2) See that it is forbidden.
3) Apply the patch
4) Cancel a hold again
5) The cancellation succeeds
6) prove t/db_dependent/api/v1/holds.t
Sponsored-by: Koha-Suomi Oy
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch renames the route to make it consistent for future additions.
To test:
1. Run
$ git grep 'matches/chosen'
=> FAIL: all occurences use /api/v1/import/
2. Apply this patch
3. Run:
$ git grep 'matches/chosen'
=> SUCCESS: All occurences have '/api/v1/import_batches/'
4. Run:
$ kshell
k$ prove t/db_dependent/api/v1/import_record_matches.t
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch fixes minor spec QA issues:
* Missing summary for routes
* Missing error_code description for 500
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
On fixing the spec to have `format: date` I noticed the tests were
expecting explosions because of date handling not being done. The
OpenAPI plugin does this correctly when you set the format right.
So, I adapted the tests so they expect 400 and return the type error.
We don't usually add such tests (i.e. test the plugin does its job
correctly) but it doesn't hurt to keep them just in case something
really changes badly there (plugin bug?).
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes the following changes to the spec:
* Password being the resource and expiration_date an attribute for it,
so reorganizing things and also renaming the route.
* Be it undefined or defined, expiration date is only one and thus
should use the PUT verb (as in overwrite).
* Minor bug 30194-related fixes.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1 - prove -v t/db_dependent/api/v1/patrons_password_expiration.t
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes this header parameter rely on the OpenAPI spec to
validate and document the available options.
Right now the only place is in POST and PUT /holds.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/holds.t \
t/db_dependent/api/v1/auth_authenticate_api_request.t
=> SUCCESS: Tests pass
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests still pass!
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds the x-koha-override header parameter to the route that
is used to create suggestions, POST /suggestions.
The idea is that adding suggestions will be rejected under certain
conditions unless x-koha-override is passed with appropriate values. The
added overrides are:
* any
* max_total
* max_pending
Tests are added for the expected behavior.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Well spotted, this patch fixes the specs to be consistent and adds a
little detail to the POD as requested.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch removes superflous x-koha-embed defintions at the top level
of the endpoint specifications. It also replaces a few x-koha-embeds at
the top level with parameter lists where this had been missed in
preceeding patches.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We don't need these any more.. I think they crept back in during
rebases
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patchset adds the display of all matches found during import to the import management screen
A staff member with the permission to manage batches will be able to select for any individual record which match, or none, should be used during import
To test:
1 - Import a batch of records or export existing records from your catalog
2 - Import the file (again) and select a matching rule that will find matches
3 - Note that you now have radio buttons allowing you to select a record, or none
4 - Test scenarios:
I - When 'Action if matching record found' is 'Ignore'
a - Imported record ignored if match is selected
b - 'Action if no match found' followed if no match is selected (Ignore matches)
II - When 'Action if matching record found' is 'Replace'
a - The chosen record is the one overlayed (you can edit the chosen record before importing to confirm)
b - 'Action if no match found' followed if no match is selected (Ignore matches)
III - When 'Action if matching record found' is 'Add incoming record'
a - Record is added regardless of matches
5 - Confirm 'Diff' 'View' links work as expected
6 - Confirm that after records are imported the radio buttons to choose are disabled
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Bug 22785: API files
Signed-off-by: Ben Daeuber <bdaeuber@cityoffargo.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch removes an attribute that was actually removed 3 years ago
and causes an exception when trying to search for it. The API responses
don't include it anyways.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Due to a race and a bad rebase, the patrons embeds added on bug 30063
didn't get copied to the parameters secition, thus breaking embedding.
To test:
1. In master, open the patron search page and the inspector
2. Perform a search
=> FAIL: No results
=> FAIL: There's an error 500 in the API response, mentioning embedding
is not allowed
3. Apply this patch
4. Restart all
6. Repeat 2
=> SUCCESS: Results are back!
=> SUCCESS: No more API errors
7. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds the x-koha-request-id to all GET routes that rely on
objects.search, for immediate support for the header.
The patch itself is trivial:
- It adds the header parameter definition to the top level swagger.yaml
- It adds a reference on each route that already implements q params,
etc
To test:
1. Apply the patch
2. Reload plack
3. Notice the API still works
4. Run:
$ kshell
k$ prove t/db_dependent/api/v1/query.t
=> SUCCESS: It now passes! The /cities route implements the
x-koha-request-id header pass through.
5. Run the rest of the API tests
=> SUCCESS: All good
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
edit_borrowers should be enough, we don't need the whole borrowers
module flag
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
