Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds tests for the change. It also simplifies the delete()
method structure a bit. It fixes the error 500 the tests were raising.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> FAIL: Tests fail!
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass! The new behaviour (code 403) is tested!
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
.pm must not have -x
.t must have -x
.pl must have -x
Test plan:
Apply only the first patch, run the tests and confirm that the failures
make sense
Apply this patch and confirm that the test now returns green
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The API was only catching the primary email change case, but we need to
catch email, emailpro and B_email.
We were also not accounting for any of the emails (on PUT or from the
DB) being undefined.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds regression tests for the response bodies and statuses on
DELETE actions against existing API routes. This is just enforcing the
existing (voted) Coding guidelines for the API (tm).
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/*.t
=> FAIL: Several routes have problems
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Now the message is looking like
DBIx::Class::Storage::DBI::_dbh_execute(): DBI Exception: DBD::mysql::st execute failed: Duplicate entry
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Fixes among others the invalid use of json_has() which caused broken tests to pass with older Mojolicious versions.
Signed-off-by: Mason James <mason@kohaaloha.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 9978 should have fixed them all, but some were missing.
We want all the license statements part of Koha to be identical, and
using the GPLv3 statement.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes a trivial change to the tests so they catch the way
MySQL 8 reports the duplicate key message. The difference on the API
error message is irrelevant and so it is ok to just make the tests try
both MySQL 8 output and the rest of the supported engines.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/acquisitions_orders.t \
t/db_dependent/api/v1/libraries.t \
t/db_dependent/api/v1/patrons.t
=> FAIL: Tests fail due to warning and conflict message differences
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass!
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patchset adds endpoints for the patrons to change their privacy
settings regarding their guarantors.
The following endpoints are added:
PUT /public/patrons/:patron_id/guarantors/can_see_charges
PUT /public/patrons/:patron_id/guarantors/can_see_checkouts
They can only be used by the patron themselves with valid sessions. And
enforce the AllowPatronToSetCheckoutsVisibilityForGuarantor and
AllowPatronToSetFinesVisibilityForGuarantor system preferences when
required.
All this is covered by unit tests.
To test:
1) Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch removes the possibility to access the patron object
identified by patron_id by the patron itself, or a guarantor.
It does so by removing the permissions from the spec. The tests are
adjusted to remove that use case.
To test:
- Apply this patch
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
The new Koha::Patron-based implementation encapsulates some error
conditions that raised warnings and the tests expected that warning.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch adapts the existing endpoint's tests so they expect:
- 'patron_id' for 'borrowernumber'
- 'library_id' for 'branchcode'
- 'category_id' for 'categorycode'
In the process, I tried to make the tests more robust, by creating random
data that gets deleted to make sure our tests cases can't have false
positives.
Independent subtests are wrapped inside transactions to avoid
eventual interference.
To test:
- Apply the patch
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> FAIL: The api doesn't implement the expected behaviour and attributes
for endpoint responses
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch removes previously added validation code from Koha::Patron
as we will rely on the DB structure and relationships to catch the same
problems. This is implemented on bug 19828.
This patch also adapts the API controller class to expect this behaviour
change from Koha::Patron. The expected exceptions are adjusted, and some
minor changes take place. The API tests are adjusted as well.
To test:
- Run:
$ kshell
k$ prove t/db_dependent/Koha/Patrons.t
k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests should still pass
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Works perfectly. Well done everyone!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch refactors the original work so it implements the controllers
and the spec using Mojolicious::Plugin::OpenAPI, and OpenAPI for the specification.
It removes the ability for patrons without permissions to edit their own data or their
guarantee's. This will be moved to a patron modification requests endpoint for simplicity.
It makes use of bugs 19410 and 19686 and their dependencies to deal with parameters handling,
query building and pagination.
Tests are adapted.
To test:
- Apply this patches and the dependencies
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D
Sponsored-by: ByWater Solutions
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds support for add, edit and delete patrons via REST API.
GET /api/v1/patrons Get patron list from params
GET /api/v1/patrons/<borrowernumber> Get single patron
POST /api/v1/patrons Create a new patron
PUT /api/v1/patrons/<borrowernumber> Update data about patron
DEL /api/v1/patrons/<borrowernumber> Delete a patron
Revised Test plan:
1) Apply this patch
2) Run tests perl t/db_dependent/api/v1/patrons.t
3) Add a user with proper rights to use the REST API
4) play with your favourite REST client (curl/httpie, etc.):
Authenticate with the user created above and get a CGISESSION id.
Use the CGISESSION to add, edit and delete patrons via the API.
5) Use PUT /patrons/<borrowernumber> for a patron without borrowers
flag. This should go into pending patron modification status and
needs to be accepted by a librarian.
Please note there is no validation of body input in PUT/POST other
than branchcode,category,userid,cardnumber.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
I do not exactly why but there is a conflict in the name of the method
prove t/db_dependent/api/v1/patrons.t failed with
[Mon Feb 12 17:13:16 2018] [error] Can't use string ("TO_JSON") as a
HASH ref while "strict refs" in use at
/home/vagrant/kohaclone/C4/Auth.pm line 2053.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Also:
- adding some missing and new response definitions into Swagger spec.
- fixing failing test due to Bug 17932's change of boolean values
To test:
1. prove t/db_dependent/api/v1/patrons.t
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The holds.t tests for the REST api do no rollback properly and modify
the DB (no cleanup).
This comes from a bug caused by SessionStorage = mysql (default)
The error is:
"rollback ineffective with AutoCommit enabled"
Test plan:
select count(*) from borrowers;
prove t/db_dependent/api/v1/holds.t
select count(*) from borrowers;
=> The number of entry must be the same before and after the tests have
been executed
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 17927 introduced data type fixes on the /patrons endpoint (integer
and boolean types got fixed). This led to the /patrons endpoint not to
work because the underlying code didn't provide the right data.
With the introduction of TO_JSON on Koha::Object(s) we now have a way to
output the proper data types.
This patch does so by:
- Adding is_boolean => 1 to the relevant columns on the Borrower.pm
schema file.
- Tweaking the controller class for the /patrons endpoint so it doesn't
use the $object(s)->unblessed call but just let the Mojo::JSON library
pick out TO_JSON implementation instead on rendering the output.
- It adds a new test for booleans.
To test:
- Have 17927 applied
- Run:
$ prove t/db_dependent/api/v1/patrons.t
=> FAIL: Tests fail [1]
- Apply this patches
- Run:
$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off! :-D
[1] It is self explanatory to just try the API using any of the
available tools (I use HttpRequester on Firefox)
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
When user does not have required permissions to use API operation, it would be
useful to let them know which permissions he is missing. Since they are now
defined in Swagger, we can easily render them into the response.
To test:
1. Use a patron without any permissions
2. Make GET request to http://yourlib/api/v1/patrons
3. Observe permission error and see that required_permissions are displayed.
4. Run t/db_dependent/api/v1/patrons.t
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To test:
1. Run t/db_dependent/api/v1/holds.t
2. Run t/db_dependent/api/v1/patrons.t
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The 'borrower' should not be used anymore, especially for new code.
This patch move files and rename variables newly pushed (i.e. in the Koha
namespace).
Test plan:
1/
git grep Koha::Borrower
should not return code in use.
2/
Prove the different modified test files
3/ Do some clicks in the member^Wpatron module to be sure there is not
an obvious error.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as described. Tested with Circulation, Members/Patrons, Discharge,
Restrictions modules and the must common functionalities
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
