Remove trailing whitespace and replace tabs with 4 spaces.
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch makes the OPAC display "Not renewable (on hold)" when
a hold is placed.
Test plan:
1) Do not apply patch.
2) Issue an item with automatic renewal.
3) Issue an item with manual renewal.
4) Place a hold on both items.
5) Log in as patron and note that the column "Renew" says "Automatic
renewal (x of y renewals remaining)" for the auto renewed item
and "(On hold) for the other item.
6) Apply patch.
7) Refresh OPAC and note that now "Not renewable (on hold)" is displayed
for both items.
8) Cancel the holds, then log in as patron again and confirm that the
correct renewal conditions are displayed.
Sponsored-by: Hochschule für Gesundheit (hsg), Germany
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To test:
- change your homebranch in the OPAC, submit
- change patron modification request in the staff client
- Verify that it shows the old and new branch name instead of the
code
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
$borrowernumber is used in build_issue_data but not correctly defined
(Variable "$borrowernumber" is not available)
That may cause wrong charge displayed in the summary slip.
Test plan:
- Set rental charge for an item type
- Define a rental discount for that item type in the circ rules
- check in an item matching this rule
Without this patch the charge displayed in the summary slip won't be
calculated with the discount
With this patch applied, the warning in the logs will no longer appear
and the values will be correctly calculated.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Some vars are accessed from subroutine, but defined with my.
It causes at least the 2 followings errors:
Variable "$filetype" is not available at
/home/koha/src/tools/picture-upload.pl line 240.
Variable "$uploadfilename" is not available at
/home/koha/src/tools/picture-upload.pl line 241.
To avoid that, they are now declared with our.
Test plan:
Upload image for a patron and confirm that you get a "Result" table and
the errors do not longer appear in the logs.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
When adding a biblio, the default value of a MARC subfield defined in
the frameworks can be used as placeholders to set the current date or
the surname of the logged in user (use cases?).
The different placeholders are 'YYYY', 'MM', 'DD', 'user'.
When adding an item, same behavior except that 'user' is not replaced.
This patch makes behaviors consistent between the 2 editors and
surrounds placeholders with << >>
We will now have: <<YYYY>>, <<MM>>, <<DD>> and <<USER>>
Test plan:
Define default values for biblio and item subfields.
Create a bibliographic record and attach it an item.
The default values should be used and replaced if you used placeholders.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Even if library groups/search domains are not defined in the system,
(empty) select for "Groups of libraries" under "Location and
availability" section in OPAC advanced search is still visible; it
shouldn't. Side effect of Bug 15295 - 'searchdomainloop' variable
in the template is now an object, it needs a different kind of statement
(.count) for checking if it's empty or not.
To test:
1) apply patch
2) when there are no groups of libraries defined in Administration ->
Libraries and Groups, "Groups of libraries" selection should be
no longer visible in OPAC adavanced search page
3) add library group or two: "Groups of libraries" selection should
reappear.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds a space between first name and surname on the
bibliographic detail page when there is "hold for" information in the
status column of the holdings table.
To test, apply the patch locate a title in the staff client catalog
which has one or more confirmed holds on it. Verify that the patron's
name in the "status" column of the holdings table looks correct, with a
space between first and last name.
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch modifies the form for adding an authorized value so that
the category is a required fields.
Previously a new authorized value category could be saved with no data.
To test, apply the patch and go to Administration -> Authorized values.
- Click the "New category" button.
- Click the save button without filling in the category.
You should be prevented from submitting the form.
- Verify that filling in the required field allows the form to be
submitted.
- Perform the same test when editing an existing authorized value.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Follow-up for QA: Allow a blank authorised value to be created.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Amended test plan.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds some missing literary formats to the staff client and
OPAC's search results XSLT display.
To test you must have DisplayOPACiconsXSLT and DisplayIconsXSLT system
preferences enabled. XSLTResultsDisplay and OPACXSLTResultsDisplay
should be set to 'default.'
Perform searches in the staff client and the OPAC and confirm that the
following literary forms (defined in 008 position 33) display correctly:
Not fiction; Fiction; Dramas; Essays; Novels; Humor, satires, etc.;
Letters; Short stories; Mixed forms; Poetry; Speeches.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Here I decided to redirect to the mainpage.
Works as dexcribed.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
If you save an item and right click on "Search" or "More" you will get
a software error:
Can't call method "fields" on an undefined value at
/usr/share/koha/intranet/cgi-bin/cataloguing/additem.pl line 742
You will now be redirected to the adv search form.
Wors as described.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
cat-search.inc contains an element with two class attributes, which is
invalid. This patch corrects it.
To test, apply the patch and view any page which uses the cat-search
include file to display the header search boxes. For instance, the
bibliographic detail page.
In the header, the "Search the catalog" box should be selected, and any
text you type in the box should be carried over when you switch to
different search tabs.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Changes made on bug 15381 assumed that the authid was always set.
But if the user wants to clear the field of the authority, the script is
called with authid=0 (FIXME...)
To fix this issue, it's better to move the new calls to
Koha::Authorities->find($authid)->authtypecode
and
Koha::Authority::Types->find($authtypecode);
at the correct place
Test plan:
1. Edit a record which has a field linked to an
authority record (100a for instance).
2. Click the link which triggers the tag editor.
A pop-up window should be displayed.
3. In the pop-up window, click the "Clear field"
button.
=> Without this patch A second pop-up window opens and displays an error:
Can't call method "authtypecode" on an undefined value at /authorities/blinddetail-biblio-search.pl line 61.
=> With this patch applied the field is correctly cleared.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
I really don't know how these tests passed before 16431, the mapping was not complete.
Test plan:
prove t/db_dependent/Search.t
should return green
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
I am not sure this code is called so I don't know how to test it.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Test plan:
Check about page, perl modules.
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Because of bug 14828, the unimarc_field_4XX now raises a warning:
"No method selected!"
There are no need to select an item type on this page, the default (all)
is always selected.
Test plan:
Link the unimarc_field_4XX value builder with on of the subfield
Edit a record, click on the value builder icon
Note the warning without the patch and that it's gone with the patch
applied
NOTE: Code fix that I derived was identical. Ran
prove t/db_dependent/FrameworkPlugin.t
to confirm it works.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
POC, tests needed.
Alternative patch works for me.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Marc <veron@veron.ch>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To test
1/ Go to the about page, notice error
2/ Apply patch
3/ Notice error gone
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested the A;B;C variant here. If A fails, B will run. Since we can safely
assume that A (or B) will not fail on a daily basis, this seems to be better
than running them in the wrong order every day.
As the comments on Bugzilla show, several people support this improved
(reordered) scheme and look forward to improved error handling on another
report (obviously not that simple).
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The patch changes the sequence of cronjobs in the crontab example
file and in the cron.daily file of the packages.
This is why:
1) Renew automatically
... only when we can't renew, we want to
2) Calculate fines
... once the fine are calculated and charged
we can print the amount into the
3) Overdue notices
Before the change it could happen that you'd charge for an item,
that would then be renewed. Or that you'd try to print fine
amounts into the overdue notices, when they would only be
charged moments later.
To test:
- configure your system so you have items that should
- be charged with fines
- renew automatically
- configure your crontabs according to the example file
or switch the cron.daily in your package installation with
the new one
- configure your overdue notices so that one should be generated
<<items.fine>>
- Wait for the cronjobs or schedule them to run earlier
- Verify all is well and as it should be
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
At the intranet, the pagination has been broken by bug 12478 (Elastic
Search). There was a confusion between the offset and the page number.
At the OPAC, it is broken since bug 2735 which has mimicked the intranet
script.
Test plan:
Search for a term which will return more than 1 page of results.
Click on the second page
=> Without this patch, the first result of the second page is the second
result of the first page
=> With this patch applied, the offset will be corrected
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
If an attacker can get an authenticated Koha user to visit their page
with the url below, they can change patrons' information
The exploit can be simulated triggering
/tools/import_borrowers.pl?uploadborrowers=42
In that case it won't do anything wrong, but it you POST a valid file,
it could.
Test plan:
Trigger the url above
=> Without this patch, you will the result page
=> With this patch, you will get the "Wrong CSRF token" error.
Regression test:
Import a valid file from the import patron form, everything should go
fine.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To make the QA scripts happy, the POD needed a fix, and also
keys applied to a hashref needs to be avoided.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch changes the permission check order because haspermission
is the smaller check, and going through the patron/user and its guaranteed
before checking if it is (say) a staff member or even a superlibrarian doesn't
seem right.
Bonus: Remove unneeded C4::Auth import in Patron.pm
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
When user does not have required permissions to use API operation, it would be
useful to let them know which permissions he is missing. Since they are now
defined in Swagger, we can easily render them into the response.
To test:
1. Use a patron without any permissions
2. Make GET request to http://yourlib/api/v1/patrons
3. Observe permission error and see that required_permissions are displayed.
4. Run t/db_dependent/api/v1/patrons.t
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To test:
1. Run t/db_dependent/api/v1/holds.t
2. Run t/db_dependent/api/v1/patrons.t
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Allow access to user's own objects even if they do not have required permissions.
This will be very useful in many cases where an user wants to request their own
object, for example renewing their checkouts or placing a hold for themselves.
First, this patch renames "x-koha-permission" to "x-koha-authorization" in order
to describe the new functionality better.
Second, we can now add two extra parameters under "x-koha-authorization":
- "allow-owner"; Allows the owner of object to access it (without permission)
- "allow-guarantor"; Allows guarantor of the owner of object to access it
(without permission)
Third, since permission checking is outside of actual controller, we need a way
to find out ownership from different types of parameters, e.g. checkout_id from
/checkouts/{checkout_id}, borrowernumber from /patrons/{borrowernumber} etc.
A solution is to match the parameter with a subroutine that is designed to verify
the ownership for that object. See the new subroutines in Koha::REST::V1.
To use this functionality you will simply define it in Swagger:
"/patrons/{borrowernumber}": {
"get": {
...,
"x-koha-authorization": {
"allow-owner": true,
"permissions": {
"borrowers": "1"
}
}
}
}
If a parameter that is not yet defined in Koha::REST::V1::check_object_ownership,
you also need to define it and implement a subroutine that determines ownership.
Tests are provided in a following patch that adds this functionality for current
API operations.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Define 'x-koha-permission' for the Swagger2 Operation Object, to automatically
authorize against the required permissions.
This way we immediately tell the API consumer in the Swagger2-definition, which
permissions are needed to access defined resources.
Also we don't need to maintain permissions in multiple locations and we can build
a smart testing framework to help a lot in creating tests for the new REST API.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jesse Maseto <jesse@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Confirming a hold to set it to waiting will result in an DBIC error in
master.
Test Plan:
1) Attempt to check in an item on hold and confirm the hold
2) Note the error
3) Apply this patch
4) Repeat step 1
5) Note there is no error!
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
https://bugs.koha-community.org/show_bug.cgi?id=14942
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jesse Maseto <jesse@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
borrowernumberQueryParam shouldn't be required as also changed in Bug 16271.
To test:
1. Don't apply the patch yet, but first minify Swagger and run
t/db_dependent/api/v1/holds.t
2. Observe that some tests fail with response code 400 when expecting 200.
3. Apply patch and minify Swagger
4. Run t/db_dependent/api/v1/holds.t
5. Observe that tests pass.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch separates Swagger-specifications and the minifySwagger.pl from other
api-files by moving specifications & minifier into api/v1/swagger.
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Since we have defined some basic x-primitives in x-primitives.json, we can now
start to reuse them in our currently defined objects.
To test:
1. Apply patch
2. Run minifySwagger.pl
3. Validate your Swagger specifications
4. Observe that validation passes
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Currently it is not possible to define multiple types for primitive definitions
in /definitions/*. If you try to use the following
"firstname": {
"type": ["string", "null"],
"description": "patron's first name"
}
in definitions.json, online.swagger.io validator will not validate it:
{"messages":["attribute definitions.firstname.type is not of type `string`"]}
One way to get around this issue is to extend definitions with custom
"x-primitives" object, where we will define all reusable primitive definitions.
To test:
1. Add the "firstname" example above to definitions.json
2. Run minifySwagger.pl
3. Validate your specification
4. Observe that error with description mentioned above is given
5. Apply patch
6. Repeat step 2 and 3
7. Observe that validation passes
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
These definitions had indentation of 4 spaces, while rest of the specification
uses 2 spaces. This patch simply maintains the consistency in indentations and
provides no other modifications to code.
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The borrowernumber as a query parameter should be defined in parameters.json
in order to allow its reusability.
To test:
1. Apply patch
2. Run minifySwagger.pl
3. Validate swagger.min.json in online.swagger.io/validator/debug?url=url_to+
_your_swagger_min_json or your local swagger-api/validator-badge validator
4. Observe that validation passes
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Parameters and paths should be split in our Swagger specification, because
otherwise swagger.json would become messy with all the paths and their
further specification in the same file. Also parameters should be split
for the same reason.
Instead of using index.json for definitions, parameters and paths, we define
new files "definitions.json", "parameters.json" and "paths.json" in order to
simplify the references. If we kept using index.json and try to reference
"/definitions/error.json" from "/paths/holds.json", reference would be
"../definitions/index.json#/error" instead of now simplified version,
"../definitions.json#/error".
Here is the proposed structure:
.
├── swagger.json
├── definitions.json
├── paths.json
├── parameters.json
├── definitions
│ └── error.json
│ └── patron.json
├── parameters
│ └── patron.json
├── paths
│ └── patrons.json
├── minifySwagger.pl
└── swagger.min.js
The swagger.json paths, definitions and parameters will look as follows:
...
"paths": {
"$ref": "paths.json"
},
"definitions": {
"$ref": "definitions.json"
},
"parameters": {
"$ref": "parameters.json"
}
...
A problem with splitting specification into multiple files directly from
swagger.json (e.g. "paths": { "$ref": "paths.json" }) is that it is not
following the Swagger specification and an error will be thrown by the
Swagger-UI default validator (online.swagger.io/validator).
To overcome this problem, we use the minifySwagger.pl script from Buug 16212.
This allows the developers to work with the structure introduced in this patch
thus allowing developers to split the specification nicely, and still have a
valid Swagger specification in the minified swagger.min.json.
To test:
-2: Apply the minifier-patch in Buug 16212.
-1: Make sure you can validate your specification with Swagger2 validator at
online.swagger.io/validator/debug?url=url_to_swaggerjson, or install it
locally from https://github.com/swagger-api/validator-badge.
1. Don't apply this patch yet, but first validate swagger.json
with swagger.io-validator (or your local version, if you installed it)
2. Observe that validation errors are given
3. Run minifySwagger.pl
4. Validate swagger.min.json with the validator you used in step 1
5. Observe that validation passes and we overcame the invalid specification
problem in swagger.min.json
6. Apply this patch
7. Run minifySwagger.pl
8. Repeat step 4
9. Observe that validation passes with new structure
10. Run REST tests at t/db_dependents/api/v1
(11. Study the new structure of our Swagger specifications :))
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
My name is Olli-Antti Kivilahti and I approve this commit.
We have been using the Swagger2.0-driven REST API on Mojolicious for 1 year now
in production and I am certain we have a pretty good idea on how to work with
the limitations of Swagger2.0
We participated in the development of the Mojolicious::Plugin::Swagger and know
it well. We have made an extension to the plugin to provide full CORS support
and have been building all our in-house features on the new REST API.
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
My name is Johanna Räisä and I approve this commit.
We have been using Swagger2.0-driven REST API in production successfully.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
