Commit graph

98 commits

Author SHA1 Message Date
Agustin Moyano
a902efb83b
Bug 19618: Add api endpoint for club holds
This patch adds an endpoint in thi api in /api/v1/clubs/{club_id}/holds whith the verb POST that maps to Koha::REST::V1::Clubs::Holds#add controller.
Classes for club_holds and club_holds_to_patron_holds new tables where also added.

To test:
1) Reach SUCCESS.3 test point of previous patch with club that has no enrollments
2) Click on "Place Hold"
SUCCESS => an alert should appear that you cannot place hold on a club without patrons
3) Reach SUCCESS.3 test point of previous patch with club that has enrollments
4) Click on "Place Hold"
SUCCESS => holds priority list should appear with holds for every patron in club
5) Repeat steps 3 and 4.
SUCCESS => new holds should appear in different order
6) Sign off

Sponsored-by: Southeast Kansas Library - SEKLS
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-01 08:05:58 +01:00
8171c9d05d
Bug 23607: Make /patrons/:patron_id/account staff only
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-27 14:00:48 +01:00
c9e3060f31
Bug 23517: Add a spec for PUT /holds/{hold_id}/priority
This patch adds the OpenAPI spec for the endpoint, and tests for the
desired behaviour.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-23 11:51:58 +01:00
c415476a37
Bug 23584: Add spec for PUT /public/patron/:patron_id/guarantors
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-23 10:52:39 +01:00
410e9bc0e8
Bug 23597: Add missing reserved query parameters to GET /holds
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-17 12:40:22 +01:00
Lari Taskula
e9e6537fae
Bug 16825: Add API route for getting an item
GET /api/v1/items/{item_id} Gets one Item

This patch adds route to get one item from koha.items table.

To test:
1. Apply patch
2. Open a browser tab on Koha staff and log in (to create CGISESSID
   cookie).
3. Send GET request to http://yourlibrary/api/v1/items/YYY
   where YYY is an existing itemnumber.
4. Make sure the returned data is correct.
5. Run unit tests in t/db_dependent/api/v1/items.t

Sponsored-by: Koha-Suomi Oy
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-12 16:41:09 +01:00
81b2e7f4cb
Bug 20691: (QA follow-up) API-related fixes
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-11 08:54:03 +01:00
Kyle M Hall
1ad03f5509
Bug 20691: Add ability to turn feature on and off
This patch adds two preferences
1. AllowPatronToSetFinesVisibilityForGuarantor: Allow/Don't allow patrons to choose their own privacy settings for showing the patron's fines to the patron's guarantor
2. AllowStaffToSetFinesVisibilityForGuarantor: Allow/Don't allow staff to set the ability for a patron's fines to be viewed by linked patrons in the OPAC

Also adds a tinyint, non nullable, default to 0 column in borrower and deletedborrower named privacy_guarantor_fines.
1. privacy_guarantor_fines = 0 => don't allow guarantor to see guarantee's fines
2. privacy_guarantor_fines = 1 => allow guarantor to see guarantee's fines

To test:
1) git reset --hard master
2) apply patches (including dependencies)
3) perl installer/data/mysql/updatedatabase.pl
4) dbic
5) restart_all
6) in intranet search for AllowPatronToSetFinesVisibilityForGuarantor and AllowStaffToSetFinesVisibilityForGuarantor preferences
SUCCESS => both preferences should be present
7) search for a patron with guarantor
SUCCESS => in details tab, in "Library use" section you should see a row labeled "Show fines to guarantor"
8) edit
CHECK => in Guarantor information there is no "Show fines to guarantor" select
9) set AllowStaffToSetFinesVisibilityForGuarantor preference to "Allow"
10) return to patron with guarantor and edit
SUCCESS => in Guarantor information section there is a "Show fines to guarantor" select
11) change "Show fines to guarantor" select to "Yes" and save
SUCCESS => Value is saved
12) go to details tab
SUCCESS => in "Library use" section you see a row labeled "Show fines to guarantor" with value "Yes"
13) set OPACPrivacy preference to "Allow"
14) open 2 opacs, one with a patron that has a guarantor and another that hasn't and go to "your privacy" tab.
CHECK => in both opacs you should not see a "Allow your guarantor to view your current fines?" select
15) in intranet set AllowPatronToSetFinesVisibilityForGuarantor to "Allow"
16) refresh both opacs
SUCCESS => in Patron that has guarantor you see a "Allow your guarantor to view your current fines?" select
	=> in Patron without guarantor you don't see a "Allow your guarantor to view your current fines?" select
17) in Patron with guarantor change value of select and save
SUCCESS => Value is saved
18) in intranet set OPACPrivacy preference to "Don't allow" and AllowPatronToSetFinesVisibilityForGuarantor to "Don't allow"
19) got to "your personal details" in both opacs
CHECK => in both opacs you should not see no Privacy section with a "Allow your guarantor to view your current fines?" select
20) in intranet set AllowPatronToSetFinesVisibilityForGuarantor to "Allow"
21) refresh both opacs
SUCCESS => in Patron that has guarantor you see a "Allow your guarantor to view your current fines?" select in a Privacy section
        => in Patron without guarantor there is no Privacy section
22) in Patron with guarantor change value of select and update
SUCCESS => Value is saved
23) Sign off

Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-11 08:53:46 +01:00
109334102f
Bug 14570: Make it possible to add multiple guarantors to a record
This patch adds the ability to set an unlimited number of guarantors
for a given patron. As before, each guarantor may be linked to another
Koha patron, and all the behavior that applies to a given guarantor
remains the same.

Test Plan:
 1) Apply this patch
 2) Run updatedatabase.pl
 3) Find some patrons with guarantors, verify the still have their guarantor
 4) Test adding and removing guarantors on a patron record, both Koha users and not
 5) Verify the "Add child" button works
 6) Verify NoIssuesChargeGuarantees still works
 7) Verify tools/cleanborrowers.pl will not delete a guarantor
 8) Verify the guarantors are displayed on moremember.pl
 9) Verify the guarantor is removed by members/update-child.pl
10) Verify the guarantor is removed by misc/cronjobs/j2a.pl
11) Verify import patrons converts guarantor_id, relationship, contactfirstname,
  and contactsurname into a guarantor
12) prove t/Patron.t
13) prove t/db_dependent/Circulation.t
14) prove t/db_dependent/Circulation/NoIssuesChargeGuarantees.t
15) prove t/db_dependent/Items.t
16) prove t/db_dependent/Koha/Patrons.t
17) prove t/db_dependent/Members.t
18) prove t/db_dependent/Patron/Relationships.t

Signed-off-by: Kim Peine <kmpeine@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-08-20 16:04:48 +01:00
0619aab997
Bug 17003: (follow-up) Update definitions according to voted RFC
Test plan:
1) Have some patrons with checkouts, some renewable and some not
renewable
2) Use your favorite API tester and access GET
http://koha.url/api/v1/checkouts/{checkout_id}/allows_renewal
3) Check the response is OK according to voted RFC:
https://wiki.koha-community.org/wiki/Checkouts_endpoint_RFC#Checkout_renewability_2
4) prove t/db_dependent/api/v1/checkouts.t

Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-07-01 16:10:15 +01:00
0404ecec4b
Bug 17003: Adapt to OpenAPI
Test plan:
prove t/db_dependent/api/v1/checkouts.t

Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-07-01 16:10:01 +01:00
Lari Taskula
563458f20e
Bug 17003: Add API route to get checkout's renewability
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-07-01 16:09:46 +01:00
Julian Maurice
088522032f
Bug 23154: Add pagination to /api/v1/checkouts
Allow to use _page and _per_page query parameters for
/api/v1/checkouts
Also fix a timezone problem in t/db_dependent/api/v1/checkouts.t

Test plan:
1. With your favorite REST tester tool, or directly in the browser,
   fetch http://koha/api/v1/checkouts and check that you have results
2. Fetch /api/v1/checkouts?_per_page=1&_page=1 and check that only the
   first result is returned. Check that response contains headers
   X-Total-Count and Link
3. Fetch /api/v1/checkouts?_per_page=1&_page=2 and check that only the
   second result is returned. Check that response contains headers
   X-Total-Count and Link
4. prove t/db_dependent/api/v1/checkouts.t

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-06-24 16:14:42 +01:00
5aaae31a78
Bug 9834: (QA follow-up) API Corrections
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-06-20 17:12:12 +01:00
5743bb2945 Bug 15496: (QA follow-up) Change success status on api
DELETE response code must be 204, not 200 according to our API coding
guidelines

Test plan:

prove t/db_dependent/api/v1/biblios.t

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-26 12:06:58 +00:00
2b45630e42 Bug 15496: Add API endoint for deleting a bib
Signed-off-by: Liz Rea <wizzyrea@gmail.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-26 10:54:49 +00:00
7021af6879 Bug 22729: Adapt /patrons controller code to the change
This patch makes the controller code aware of the flgAnonymized =>
anonymized change.

To test:
- Run
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-25 10:06:44 +00:00
da8ca6c865 Bug 21336: Fix the API
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-18 09:49:57 +00:00
eabcec1d6c Bug 13895: (QA follow-up) Make the class plural
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
a142369b30 Bug 13895: Adapt naming according to voted RFC
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
47ad7afcca Bug 13895: (follow-up) Fix POST response
Test plan:
prove t/db_dependent/api/v1/chcekouts.t

Signed-off-by: Michal Denar <black23@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
95d23bc3c3 Bug 13895: Change renewal endpoint
Instead of PUT on /checkout/{checkout_id} endpoint, you should now call
POST on /checkouts/{checkout_id}/renewal

Test plan:
prove t/db_dependent/api/v1/checkouts.t

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
1dfb57164f Bug 13895: (follow-up) Adapt checkout endpoint to openapi, update terminology
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
b63fd774c1 Bug 13895: (QA follow-up) Adjust OpenAPI definitions for checkouts
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
Julian Maurice
e3f2e346f8 Bug 13895: Add API routes for checkouts retrieval and renewal
GET /checkouts?borrowernumber={borrowernumber}
GET /checkouts/{checkout_id}
PUT /checkouts/{checkout_id}

+ unit tests in t/db_dependent/api/v1/checkouts.t

Test plan:
1. Open a browser tab on Koha staff and log in (to create CGISESSID
   cookie). You should have permission circulate_remaining_permissions.
2. Go to http://yourlibrary/api/v1/checkouts?borrowernumber=XXX (replace
   XXX with a borrowernumber that has checkouts) and check you receive
   correct data
3. Go to http://yourlibrary/api/v1/checkouts/YYY (replace YYY with an
   existing checkout id) and check you receive correct data
4. Send PUT requests to http://yourlibrary/api/v1/checkouts/YYY until
   the maximum number of renewals is reached (you should have a 403
   error)
5. Run unit tests in t/db_dependent/api/v1/checkouts.t

Depends on bugs 16699 and 14868

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>

Signed-off-by: Lari Taskula <larit@student.uef.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 19:38:41 +00:00
Matthias Meusburger
6e98cc4503 Bug 19661: Add and change properties and parameters to conform to the funds RFC.
Also, perform an exact search when searching on the fund owner id.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-22 19:40:37 +00:00
Matthias Meusburger
717975abeb Bug 19661: REST API - Funds Endpoint
This patch adds a new route to the REST api:

/api/v1/acquisitions/funds/

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-22 19:40:36 +00:00
6ebcc255d3 Bug 22206: (follow-up) Voted RFC changes
This patch changes expiration_date for end_date as voted when the RFC
was approved.

It also adds a test for the Location header being added correctly when
suspending a hold (SWAGGER3.4.1)

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:35:30 +00:00
51a887a81d Bug 22206: OpenAPI spec
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:35:30 +00:00
41f394f4ee Bug 20006: (follow-up) Plural class name
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:35:26 +00:00
62f1b2df68 Bug 20006: Spec changes
This patch makes the spec match the voted RFC.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:35:26 +00:00
Andrew Isherwood
0c7d9e4cc8 Bug 20563: Allow display of requested partners
This patch adds the display of requested partner email addresses when an
ILL backend provides the ability to send requests to partners. Partner
email addresses are displayed in the illlist and illview displays, they
are also included in the 'illrequests' API response.

* api/v1/swagger/paths/illrequests.json:
  - Add 'requested_partners' as an 'embed' enum
* Koha/Illrequest.pm:
  - Add 'requested_partners' accessor calling optional backend 'get_requested_partners' method.
  - Store requested partners upon email send, calling optional backend 'set_requested_partners' method.
  - Add 'requested_parners' embed to overloaded TO_JSON method.
* koha-tmpl/intranet-tmpl/prog/en/modules/ill/ill-requests.tt:
  - Add 'requested_partners' embed to illrequests API call
  - Add render function for "Additional status" datatables column
  - Add display of requested partner email addresses to illlist table
  - Add display of requested partner email addresses to illview display

To test:
1) Enable Interlibrary loans
2) Add a backend that supports sending requests to partners, e.g.
FreeForm
3) Set up at least one partner
4) Create an ILL request
5) Send request to partner(s)
6) Observe partner(s) email address(es) are displayed in "View ILL
requests" view
7) Observe partner(s) email address(es) are displayed in "Manage ILL
request" view

Signed-off-by: mmg@interleaf.ie

https://bugs.koha-community.org/show_bug.cgi?id=20653

Bug 20563: (follow-up) Fix requested partners

As per:
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20563#c10

Thanks for the suggestion on merging the "Status" and "Additional status" columns, looks much better!

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:33:37 +00:00
Andrew Isherwood
7413de82f2 Bug 21063: Add "Columns settings" for ILL
This patch adds the "Columns settings" values for the illrequests table

Signed-off-by: Niamh.Walker-Headon@it-tallaght.ie

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: Add ability to show / hide columns

This patch adds the "Column visibility" functionality to the main ILL
request list table.

To test:
- Ensure ILL is enabled and you have some requests
- Apply patch
- From the "Koha administration screen, select "Configure columns"
- In the "Columns settings" page:
  => TEST: Ensure an "Interlibrary loans" category exists
  - Upon expanding the category:
  => TEST: Ensure a table is displayed showing columns
  => TEST: Ensure the "action" column has "Cannot be toggled"
  pre-selected
  => TEST: Change values for columns and ensure they're saved
- From the main staff menu, select "ILL requests"
- In the table:
  => TEST: Click the "Column visibility" button and ensure a modal
  containing all columns (except "Action")  is displayed
  => TEST: Select various columns and ensure they are shown and hidden

Signed-off-by: Niamh.Walker-Headon@it-tallaght.ie

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: (follow-up) Add user ID to column list

As originally specified in bug 20883, there is a requirement for some
users to be able to display the user ID (borrowernumber) in the UI.

This patch adds that ability to this bug, 20883 will be marked as a
duplicate of this one.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: (follow-up) Amendments for rebase

Modify to add the additional changes required now we're rebasing on top
of the dependency tree. Includes adding additional columns (and changing
indexes for search/filter where appropriate)

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: (follow-up) Add comments to column list

Since this bug is now dependent on Bug 18591 (Allow an arbitrary number
of comments on ILLs) we need to add the comments column to this table
and the list of selectable columns. This patch does this.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Bug 21063: (follow-up) Sanitize datatable data

This mitigates bug 22268 by sanitizing data prior to display using the
built in $.fn.dataTable.render.text() helper provided by Datatables.

The patch was added here, rather that in 22268 since this is the bug
that introduced the problem by increasing the number of fields that are
displayed in the table, some of which could contain user provided
malicious data

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:33:36 +00:00
8083bc2ff0 Bug 22216: Make GET /patrons/{patron_id} staff only
This patch removes the possibility to access the patron object
identified by patron_id by the patron itself, or a guarantor.

It does so by removing the permissions from the spec. The tests are
adjusted to remove that use case.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-22 13:15:11 +00:00
Andrew Isherwood
4e4d77d702 Bug 20600: (follow-up) Fix API spec
We now return placed_formatted and updated_formatted, the API spec
should reflect this

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 16:36:43 +00:00
562eaa154b Bug 16497: (follow-up) GET operations require staff access
With the introduction of the /public namespace all other endpoints, the
rest of the endpoints are restricted to privileged users.

This patch makes the GET /libraries and GET /libraries/:library_id
endpoints require 'catalogue' permissions.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
0718416ff1 Bug 16497: (follow-up) Adapt to existing guidelines and RFC
This patch makes the original implementation match what is specified on
the RFC [1].

The controller is updated, and so the tests.

To test:
- Apply this patches:
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/libraries.t
=> SUCCESS: Tests pass!

[1] https://wiki.koha-community.org/wiki/Libraries_endpoint_RFC

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
145f578d26 Bug 16497: (follow-up) New column marcorgcode added
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
99ad829f99 Bug 16497: Add missing field in definitions due to bug 18066
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
Jiří Kozlovský
96456cadc2 Bug 16497: Add /api/v1/libraries
CRUD for libraries via REST API.

GET    /api/v1/libraries              - List all libraries
GET    /api/v1/libraries/{branchcode} - Get one Library
POST   /api/v1/libraries              - Add new Library
DELETE /api/v1/libraries/{branchcode} - Delete Library

Test plan:
  - apply patch
  - run tests: t/db_dependent/api/v1/libraries.t
  - test API with some API tool or simple curl

e.g.:
curl http://host:port/api/v1/libraries
curl http://host:port/api/v1/libraries/cpl

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 13:52:14 +00:00
6aadbcc4be Bug 22227: Make GET /cities staff only
This patch removes the possibility to access the city objects without
privileged access (minimum permissions == catalogue).

It does so by adding the required permissions to the spec. The tests are
adjusted.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/cities.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-15 18:42:46 +00:00
15ca95ca1d Bug 22061: (QA follow-up) Rename password_2 => password_repeated
As voted when the RFC was discussed, the attribute gets renamed. The
tests are adjusted accordingly.

To test:
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons_password.t
=> SUCCESS: Tests pass!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-28 15:45:56 +00:00
b65e4bee0e Bug 22061: OpenAPI spec
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-28 15:45:55 +00:00
d4570947b0 Bug 17006: OpenAPI spec
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-28 15:25:39 +00:00
986a52d718 Bug 21786: (QA follow-up) library_id can be null
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-08 15:50:51 +00:00
55f0427629 Bug 21786: Add library_id to the spec definitions
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-08 15:50:47 +00:00
Katrin Fischer
252f4674a5 Bug 14391: Add granular permissions to the administration module
So far the administration module only allowed for 2 permissions:
- circulation conditions (manage_circ_rules)
- everything else (parameters_remaining_permissions)

With this patch almost every section of the administration page
will have its own granular permission.

To test:
- Create different staff users:
  1) One with parameters_remaining_permissions
  2) One with parameters
  3) One with catalogue and no parameters
  4) One superlibrarian
- Apply the patch
- Run the database update
- Check the staff users:
  1) All subpermissions, but manage_circ_rules
     should be checked
  2) Nothing should have changed
  3) manage_item_serach_fields shoudl be checked
     (page had catalogue permission before)
  4) Nothing should have changed
- Try different settings of the permissions and
  verify that
  - Administration page behaves correctly
  - Administration menu behaves correctly
  ! You shoudl only see what you have permission for

https://bugs.koha-community.org/show_bug.cgi?id=14391

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-07 12:29:32 +00:00
Andrew Isherwood
00178268ca Bug 20772: Return cost & price_paid in API
Signed-off-by: Barry Cannon <bc@interleaf.ie>

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2018-10-13 08:34:32 -03:00
a9248f237d Bug 11897: Use 'stockrotation' permission for the endpoint
This patch makes the tests for 'authorized' session use the
'stockrotation' permission instead of 'superlibrarian'.

The path x-koha-permission is fixed accordingly.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-09 15:46:06 +00:00
85be5a8188 Bug 11897: Stockrotation
The stock rotation feature adds a batch process to automate rotation of
catalgue items with a staff client page under tools to manage rotas/schedules.

Once a rota is configured, and your staff user has the right permissions
to allocate items, then an additional tab will appear on biblio records
allowing the management of of which rota, if any, individual items belong to.

It also includes a cron script to process the items on a daily basis.

Signed-off-by: Kathleen Milne <kathleen.milne@cne-siar.gov.uk>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Edit: I removed a temporary file

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-09 15:46:05 +00:00