If checked_in flag is passed we return the "old checkouts". But if the
item has been deleted we explode with
"message":"Expected integer - got null.","path":"\/0\/item_id"
The specs should reflect that an item can have been deleted.
Test plan:
Hit the endpoint and confirm the above.
Can be done easily using curl:
curl -u koha:koha --request GET 'http://localhost:8081/api/v1/checkouts?patron_id=5&checked_in=1' --header "Content-Type: application/json" | jq
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch should resolve the issues highlighted at signoff time by
Victor.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This could be extended later in bug 32968 to pass the permission of the
logged in user.
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
At some point in the patch series we lost the availability api schema.
This patch restores a basic version, but we should work towards a
clearer enum based schema for each of the available blockers, confirms
and warnings.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch introduces a public endpoint for cancelling holds.
Cancellation requests are generated when the hold is waiting and
configuration allows requesting cancellation, as the OPAC does right
now.
Tests cover all the use cases.
To test:
1. Apply this patches
2. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/patrons_holds.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch removes support for the `x-koha-query` header entirely from
the codebase. For the purpose:
- $c->objects->search is adjusted
- Relevant tests are cleared/adapted
- The OpenAPI spec gets the header removed
To test:
1. Apply this patch and run:
$ ktd --shell
k$ prove t/db_dependent/Koha/REST/Plugin/Objects.t \
t/Koha/REST/Plugin/Query.t \
t/db_dependent/api/v1/*.t
=> SUCCESS: Tests pass!
2. Sign off :-D
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds API's to allow for a checkout flow using the RESTful
API.
We add an availability endpoint to check an items current availability
status. The endpoint can be found at `/checkouts/availability` and is
a GET request that requires item_id and patron_id passed as parameters.
We return an availability object that includes blockers, confirms,
warnings and a confirmation token to be used for checkout.
We also add a corresponding checkout method to the `/checkouts` endpoint.
The method accepts a POST request with checkout details including item_id
, patron_id and the confirmation token in the body.
Future work: We should properly migrate CanBookBeIssued into Koha::* and
use that here instead of refering to C4::Circulation.
Signed-off-by: Silvia Meakins <smeakins@eso.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch allows the requested_date for an ILL request to be NULL to accomodate
older data
To test:
1 - Install the Koha 2 Koha ILL plugin:
https://gitlab.com/koha-community/plugins/koha-plugin-ill-koha
2 - Enable the ILL system preference
3 - Force an ILL request with minimal data from backend:
INSERT INTO illrequests (borrowernumber,biblio_id,branchcode,backend,status) VALUES (5,3,'CPL','Koha','placed');
4 - View the ILL table
5 - Error:
{"message":"Expected string - got null.","path":"\/body\/0\/requested_date"}
6 - Apply patch
7 - Table loads successfully
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This adds order_receive to the list of permissions that allow the
endpoint to return orders.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Sharon Dugdale <Sharon.Dugdale@cumberland.gov.uk>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates instances in the code and templates where the term
"Authentication providers" is used, replacing it with the preferred
"Identity provider."
Most of the instances of this change are in module or API documentation,
but you can see a couple of the changes in the interface:
- Administration -> Identity providers:
- The sidebar menu should show "Identity providers" instead of
"Authentication providers."
- Patrons -> Patron details -> More -> Set permissions
- Under " Manage Koha system settings (Administration panel)" you
should see "Manage identity providers (manage_identity_providers)"
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This change fixes the definition for the non-public endpoint for the OAuth/OIDC
implementation.
It also uses the non-public endpoint for the staff interface UI.
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch implements the code to allow a patron to receive multiple
orders at the same time in /cgi-bin/koha/acqui/orderreceive.pl page
To test:
1. apply all patches
2. updatedatabase
3. Go to system preferences and allow AcqReceiveMultipleOrderLines
4. In acquisitions module, create a vendor if you don't have one and add
3 baskets.. one with create items on ordering, one with create items
on receiving and finally one with create items when cataloguing
5. Fill baskets with orders (There should be at least 15 orders in total). There should be a mix of orders created by suggestions, others by subscriptions and others by neither of those methods.
6. Close all baskets and receive shipment.
CHECK => in /cgi-bin/koha/acqui/parcel.pl page, in top table there is a column with checkboxes, and a button that says "Receive selected"
7. If all orders from all baskets are shown in the table, set the rows per page to 10, so table has more than one page
8. Check some of the checkboxes
CHECK => "Receive selected" button shows how many rows are selected
9. Go to the next page and select some more rows
CHECK => Changing page does not modify how many rows where selected
10. Go back to previous page
CHECK => Previously selected rows are still selected
11. Reload the page to deselect all rows
12. Select only one row and click on "Receive selected" button
CHECK => the page /cgi-bin/koha/acqui/orderreceive.pl behaves just the same as if the "receive" link in the selected row would have been clicked.
13. Click on cancel to go back to parcel.pl page
14. Select all rows (even the ones from the next page of the table) and
click on "Receive selected"
CHECH => In orderreceive.pl page there is a table with all selected rows
15. Ensure table has more than one page, as in step 7
16. Click on the "edit" link in the last row of the current page
CHECK => A modal window is displayed with 4 tabs within: Info,
Accounting, Receipt history and Items
CHECK => Modal has 4 buttons at the bottom, 'Previous' to go to previos
order, 'Cancel' to close the modal without keeping modifications, 'Save'
to close modal keeping modifications and 'Next' to go to the next order
CHECK => Even that we are at the end of the current page, 'Next' button
is still available
17. Click on 'Next' button
CHECK => The table behind the modal now displays the next page, and the modal was not closed
18. Click on 'Previous'
CHECK => The table behind the modal went back to the first page, and the modal was not closed
19. Click on 'Previous' button till you reach the first row of the first
page
CHECK => Only when you reach the first row of the first page 'Previous'
button gets disabled
20. Click on 'Next' button till you reach the last row of the last page
CHECK => Only when you reach the last button of the last page 'Next'
button gets disabled
21. Check that behaviour for the different types of order are still the
same
a. For orders that where created through suggestion, check that the
suggestion info is present in Info tab. If when suggestion was accepted
you set a reason, a dropdown to change the reason shoul display also.
b. For orders that where created through subscriptions, check that
the Items tab is disabled, and the Receipt history is enabled. On
accounting tab you should be able to change quantity ordered. If there
were less items received than ordered, the next time you receive this
order the child order generated from this one shoul appear in receipt
history.
c. For orders that don't come from subscription and creates there items on ordering, Receipt history
should be disabled, and a table with prefilled items shold appear in the
Items tab. You can edit them and the changes should appear in the item's
row.
d. For orders that don't come from subscription and creates there
items on receiving, Receipt history should be disabled, and a form to
create the items should appear in Items tab. When you add an item a
table should appear.
e. For orders that don't come from subscription and creates there
ites on cataloguing, Receipt history and Items tabs should be disabled.
f. Any changes made in quantity (received or ordered) or funds in the modal should be
reflected in the table if you click save from the modal.
22. Once you've done all you checking and verifications click save
23. While saving a progress bar should appear
24. If no error was detected, you should be redirected back to parcel.pl
page
25. If an error or warning was detected (like there is an order with 0
items to receive) the save button should be disabled and warnings
are dispayed.
26. prove t/db_dependent/Koha/Acquisition/Fund.t t/db_dependent/Koha/Acquisitoin/Order.t t/db_dependent/Koha/Item.t
Sponsored-by: Virginia Polytechnic Institute and State University
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Get a biblio with an item
4. Make a PUT request to /api/v1/biblios/:biblio_id/items/:item_id with a json body that represents an item to replace
5. Check that the item was modified
6. Sign off
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Get a biblio
4. Make a POST request to /api/v1/biblios/:biblio_id/items with a json body that represents the new item
5. Check that the item is created
6. Sign off
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
We were cheating a bit here and expecting a 'debit' to be sent in but a
'line' to be returned.
We should really be sending a debit and returning a debit.. so I've
update the paths schema as such and we're now coercing the
Koha::Account::Line object that's returned by Koha::Account->add_debit
into a Koha::Account::Debit object. Longer term it would be nice to
convert returns from the various Koha::Account methods to their correct
Koha::Account:: objects as apposed to them all being the base ::Line
I've also added some code to catch exceptions that can be thrown by
Koha::Account->add_debit and added the appropriate 400 errors into the
path specs again.
Finally.. I added more unit tests to prove the above
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds an endpoint to create a debit for a patron.
Testplan
1. Create a new account debit type (Administration > Debit types)
2. Add a fee with this debit type to a patron’s account via API
3. Make sure that this fee is shown in the accounting overview in the patron’s account in the staff interface
4. Make sure that it is possible to make a payment for this fee
Sponsored-by: The Research University in the Helmholtz Association (KIT)
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds two new API endpoints for fetching a patrons credits and
a patrons debits.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds an endpoint to list authorities
To test:
1. apply patch
2. enable basic auth
3. call to GET /api/v1/authorities with the following Accept headers:
* application/json
* application/marcxml+xml
* application/marc-in-json
* application/marc
* text/plain
4. notice how data changes with each Accept header
5. prove t/db_dependent/api/v1/authorities.t
6. sign off
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Pick an authority to modify, and modify it's marc record
4. Make a PUT request to /api/v1/authorities/:authid with one of the following content type header
- application/json
- application/marcxml+xml
- application/marc-in-json
- application/marc
5. If content type is other than 'application/json' place the following header in the request 'x-authority-type: <auth type>'
5. Check that the authority was modified
6. Sign off
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Despite its title, this patch does a couple more things.
1. The tests are rewritten to cover more things, and also to avoid
deleting all authorities inside the transaction. It is really not
required.
2. It makes the endpoint rely on the already generically implemented
x-koha-override header, which is intended for the same use case as
x-confirm-not-duplicate is for.
3. It changes the return codes to match the coding guidelines [1]
4. Only checks for duplicates if no override passed.
To test:
1. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/authorities.t
=> SUCCESS: Tests pass!
2. Apply this follow-up
3. Repeat 1
=> SUCCESS: Tests pass!
4. Sign off :-D
[1] https://wiki.koha-community.org/wiki/Coding_Guidelines_-_API#SWAGGER3.2.1_POST
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Make a POST request to /api/v1/authorities with one of the following content type header
- application/json
- application/marcxml+xml
- application/marc-in-json
- application/marc
4. If content type is other than application/json, then add the following header to the request: "x-authority-type: <auth type code>"
5. Check that the authority is created
6. Sign off
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Without this patch the API driven list of pending orders
on the order receive page was broken.
With the patch, all should be well now.
prove -v t/db_dependent/api/v1/acquisitions_orders.t
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
* Add GET /illbackends/{id}/statuses
* Change API route to ill/requests
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Use kohaTable requesting the REST api instead of the old KohaTable
Co-authored-by: Tomás Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Co-authored-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch renames the header on the biblio API so it is not entirely
tied to MARC, trying to follow the biblio_metadata table generic
approach.
To test:
1. Apply this patch
2. Run:
$ prove t/db_dependent/api/v1/biblios.t
=> SUCCESS: Tests pass
3. You agree with the change?
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Change sounds reasonable. Tests pass before and after patch.
"grep -r "x-marc-schema" *" confirms no occurrences after patch.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 33066: (follow-up) Use KohaTable for LicensesList
There was a mismatch, we can embed the whole vendor object info.
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Agustín Moyano <agustinmoyano@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 33066: (follow-up) Embed vendor and retrieve vendor name from the request
It needs "Bug 32923: Allow to embed user_roles for agreements"
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Agustín Moyano <agustinmoyano@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a /public equivilent to the item listing endpoint.
This allows us to search for an item by it's external_id (barcode).
Test plan
1. Apply patch
2. Perform a GET on /api/v1/public/items?external_id=some_barcode
3. Confirm that the above endpoint correctly returns items that should
be visible in the OPAC
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 33146: (QA follow-up) Do not delete all items in test
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 33146: Allow embedding expanded coded values
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 33146: (QA follow-up) Consistency with /biblios/:biblio_id/items
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 33146: (QA follow-up) Make sure public API enabled for tests
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
1. Create an item bundle (see bug 28854 comment 458)
2. Create a biblio with one item and place a hold for this item.
3. Try to add the reserved item to the bundle
You should see a message saying that the item is reserved. Next to
this message should be a button "Ignore holds and add to bundle".
4. Click on the button. There should be a message saying that the item
was added to the bundle.
5. Close the modal window and verify that the item was correctly
added to the bundle
Signed-off-by: Lucas Gass <lucas@bywatersolutiosn.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
When trying to add a checked out item to an item bundle, an alert
message will show up, giving the user a chance to return the item
immediately before adding it to the bundle
Test plan:
1. Create an item bundle (see bug 28854 comment 458)
2. Create a biblio with one item and check out this item.
3. Try to add the checked out item to the bundle
You should see a message saying that the item is checked out. Next to
this message should be a button "Check in and add to bundle".
4. Click on the button. There should be a message saying that the item
was added to the bundle.
5. Close the modal window and verify that the item was correctly
returned and added to the bundle
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 32713 is now validating embed and brought this flaw to light.
Before this patch, listing licenses on ERM would result in a 400 bad request
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The spec contains a non-standard definition for the body param. Removing
it from the spec makes us need to handle the 'body' manually in the case
of JSON data.
This patch basically does that. It also changes the uses of
$c->validation, which are discouraged by the
Mojolicious::Plugin::OpenAPI dev/maintainer. I do it to highlight what
we must do in other places and the fact that there's no behavior change.
To test:
1. Apply this patch
2. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/biblios.t \
xt/api.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds an endpoint to list biblios
To test:
1. apply patch
2. enable basic auth
3. call to GET /api/v1/biblios with the following Accept headers:
* application/json
* application/marcxml+xml
* application/marc-in-json
* application/marc
* text/plain
4. notice how data changes with each Accept header
5. prove t/db_dependent/Koha/Biblios.t t/db_dependent/api/v1/biblios.t
6. sign off
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Hammat Wele <hammat.wele@inlibro.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Pick a biblio to modify, and modify it's marc record
4. Make a PUT request to /api/v1/biblios/:biblionumber with one of the following content type header
- application/marcxml+xml
- application/marc-in-json
- application/marc
5. Add the following header in the request 'x-framework-id: <framework id>'
5. Check that the biblio was modified
6. Sign off
Signed-off-by: Hammat Wele <hammat.wele@inlibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Make a POST request to /api/v1/biblios with one of the following content type header
- application/marcxml+xml
- application/marc-in-json
- application/marc
4. Add the following header to the request: "x-framework-id: <framework id>"
5. Check that the biblio is created
6. Sign off
Signed-off-by: Jan Kissig <jkissig@th-wildau.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes the route require the right permissions. Tests are
adjusted to reflect this new situation.
To test:
1. Apply this patch
2. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/authorities.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Get the id of an authority
4. Make a DELETE request to /api/v1/authorities/{authid}
5. Check that the authority was deleted
6. Sign off
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch introduces the `api_strings_mapping` method to the
*Koha::Item* class, and makes the API spec for the following routes:
* GET /items
* GET /items/:item_id
* GET /acquisitions/orders
accept the new `+strings` parameter that can be passed through the
`x-koha-embed` header and was introduced by bug 26635. In the case of
/acquisitions/orders, you will need to use
x-koha-embed: items+strings
I introduce it here to highlight the flebility we introduced with bug
26635.
The `api_strings_mapping` method has its roots on the cool
`columns_to_str` method already present. The main differences:
* It is aware of the `public_read_list` for attributes so no hidden
information is exposed.
* Attribute names get mapped for consistency with the API (e.g.
`homebranch` is converted into `home_library_id`, etc).
* The data structure it returns includes information about the source
for the descriptions (e.g. it it is an authorised value, then `type`
will be `av`, and the related category information is returned so
dropdowns and such can be built. The same goes for other types as
`library`, `item_type` and `call_number_source`.
To test:
1. Apply this patch
2. Reload everything
3. Play with your favourite REST tool (e.g. Postman)
4. Try:
GET http://localhost:8081/api/v1/items
x-koha-embed: +strings
=> SUCCESS: You get a list of items, they include the new _strings
structure, and the contents make sense!
5. Repeat with a specific item:
GET http://localhost:8081/api/v1/items/14
x-koha-embed: +strings
=> SUCCESS: It all makes sense!
6. Sign off :-D
Sponsored-by: Virginia Polytechnic Institute and State University
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Apply patch
2. Set RESTBasicAuth preference to true
3. Get the id of an authority
4. Make a GET request to /api/v1/authorities/{authid} with one of the following content type header
- application/json
- application/marcxml+xml
- application/marc-in-json
- application/marc
- text/plain
5. Check that you get the authority in the corresponding format
6. Sign off
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Sponsored-by: The Research University in the Helmholtz Association (KIT)
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a catalog concern management page to the staff client
accessible via the cataloging home page and a new 'Pending catalog
concerns' link on the front page.
This includes added the requisit ticket_updates api endpoints and notice
triggers and templates for notifying patrons of changes to their
reported concerns.
Test plan
1) Enable the `OpacCatalogConcerns` system preference
2) Catalog concern management is tied to your users ability to edit the
catalog, `editcatalogue`.
3) Confirm that you can see 'Catalog concerns' listed on the cataloging
home page if you have the `editcatalogue` permission and not if you
do not.
4) Add a new concern as an opac user.
5) Confirm that once a concern is present in the system you see a count
of 'catalog concerns pending' on the intranet main page if you have
the `editcatalogue` permission.
6) Click through either the cataloging home page or pending concerns
link on the main page to view the new concerns management page.
7) Confirm the table displays as one would expect.
8) Confirm clicking on details or the concern title exposes a 'details'
modal with the option to add an update or resolve the concern.
9) Verify that if selecting 'notify' when updateing or resolving a
concern triggers a notice to be sent to the opac user who first
reported the issue.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Helen Oliver <HOliver@tavi-port.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds basic CRUD API's for the ticket endpoints.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Helen Oliver <HOliver@tavi-port.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the missing 'Provider name' parameter definition to the
various ERM paths that were missing it.
Test plan
1) Run:
docker run --rm -v $PWD/api/v1/swagger:/swagger \
jeanberu/swagger-cli \
swagger-cli validate swagger/swagger.yaml
=> FAIL: The spec is not valid!
2) Apply this patch
3) Repeat 1
=> SUCCESS: Tests pass!
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Edit: tcohen edited the test plan because of the failure to install
swagger-cli cleanly
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch renames that for consistency, and also makes use of the
->authorised_values accessor on the category.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds /api/v1/authorised_value_categories endpoint that
retrieves authorised value categories for the given names and their
authorised values if x-koha-embed: authorised_values is also given.
To test:
Apply patch
curl -u koha:koha --request GET \"http://localhost:8081/api/v1/authorised_value_categories?q=%7B%22me.category_name%22%3A%5B%22LOC%22%2C%22YES_NO%22%5D%7D\" --header \"x-koha-embed:authorised_values\"
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
For, at least, the ERM module we would like to retrieve the authorised
values for a given category to build a dropdown list with the different options.
It has been decided on bug 17390 to use
GET /authorised_value_categories/:authorised_value_category_id/values
Test plan:
curl -v -s -u koha:koha --request GET http://kohadev-intra.mydnsname.org:8081/api/v1/authorised_value_categories/LOC/values
Should display the list of LOC
curl -v -s -u koha:koha --request GET http://kohadev-intra.mydnsname.org:8081/api/v1/authorised_value_categories/xLOCx/values
Should return a 404
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes the renewal_type an enum, to match the change on the
DB. A test is added to account the fact the API is always setting
'Manual' request type.
Bonus: small portion of code gets a tidy, should've been asked by QA.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
A requirement has been requested to record whether a renewal was done manually or automatically. A column has been added to the checkout_renewals table in the database to record this and a check is now in place to determine whether the renewal was manual or automatic. The API has also been updated to reflect this new column and return the data when requested. The renewals modal view has also been updated to show what type the renewal was.
Test plan:
1) In the database shell run "show columns from checkout_renewals;" and observe that there is currently no column for recording the type of renewal
2) Apply patch
3) In the shell run "dbic" and "perl installer/data/mysql/updatedatabase.pl" to update the database schema with the new column.
4) Create some checkouts
5) Renew some checkouts manually and observe in the database that there is now a column called "renewal_type" that will have recorded these as "Manual"
6) Create some checkouts that can be automatically renewed
7) Run the cron script in automatic_renewals.pl and observe that there are now also entries with a renewal_type of "Automatic"
8) Send a GET request to http://localhost:8081/api/v1/checkouts/1/renewals and observe that the renewal_type is now returned in the response
9) In the Item Details tab for a record, there is the "Current renewals" option which has a button to view renewals. Click on this and observe that the modal now displays the new information.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds an endpoint for /auth/password/validation
This allows a third-party, using an authenticated and authorized Koha
API user, to check if the username and password given by a user is
correct in Koha.
For example, a Keycloak extension can be created using its
User Storage SPI to use Koha as the user database for Keycloak. This
API allows us to authenticate the user as a particular Koha user - without
creating a Koha user session for them.
Test plan:
0. Apply patch and koha-plack --restart kohadev
1. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=RESTBasicAuth
2. Enable "RESTBasicAuth"
3. Run the following commands while substituting correct values for <koha_user> and <koha_password>
3. curl -XPOST -H "Content-Type: application/json" -u <koha_user>:<koha_password> http://localhost:8081/api/v1/auth/password/validation -d '{ "username": "<koha_username">, "password": "<koha_password>" }' -v
4. Note "204 No Content" response
5. curl -XPOST -H "Content-Type: application/json" -u <koha_user>:<koha_password> http://localhost:8081/api/v1/auth/password/validation -d '{ "username": "<koha_username">, "password": "this is definitely not the password" }' -v
6. Note "400 Bad Request" response and error message {"error":"Validation failed"}
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 22343 adds the ability to defined SMTP servers via the UI; But to then utilise them you have to go to each individual library via the libraries admin area and select the SMTP server.
We should have a way to override the fallback/default SMTP server right from the SMTP servers administration page.. setting one of our defined SMTP Servers as the system default rather than using the hard coded fallback options.
Test Plan:
1) Apply this patch set
2) Restart all the things!
3) Browser to the SMTP servers editor,
verify only one server can be set as the default server
4) Set a default server, verify that server was used to send email from
a cronjob, AND/OR prove t/db_dependent/Koha/SMTP/Server.t
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the mentioned endpoint. The controller relies on
Koha::Item->safe_to_delete for checks and uses `safe_delete` as
additem.pl does.
The required permissions are edit_catalogue.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass!
3. Play with item deletion using a REST tool like Postman
=> SUCCESS: All works as expected
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The Patron API PUT request required the fields "surname","address","city","library_id","category_id". Meanwhile the CSV import page for patrons only requires "surname","library_id","category_id". The fields for "address" and "city" have been removed from the "required" section of the api>v1>swagger>definitions>patron.yaml file to match the CSV import page.
Test Plan:
1) Send a PUT request to http://localhost:8081/api/v1/patrons/19 with an empty body
2) Error message should ask for 5 missing fields as listed above
3) Apply patch
4) Restart Apache server using "restart_all" in your ktd shell
5) Resubmit your request
6) Error message should now only request "surname","library_id","category_id"
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch ensures Koha doesn't throw an error if the IdP hands back a
session_state parameter.
To test:
1) Set up an identity provider
2) On the IdP's configuration, make it hand back a session_state
3) Confirm authentication using OIDC works with and without the
session_state
Sponsored-by: Plant & Food Research
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch allows null values to be returned in patron attributes
to prevent a crash when searching patrons
To test:
1 - Add a NULL attribute to a borrower, in sample data, Edna Acosta
sudo koha-mysql kohadev
INSERT INTO borrower_attributes (borrowernumber,code,attribute) VALUES (5,'SHOW_BCODE',NULL);
2 - Browse to 'Home->Patrons'
http://localhost:8081/cgi-bin/koha/members/members-home.pl
3 - Click 'Browse by last name: A'
4 - Datatables error:
Expected string - got null
5 - Apply patch
6 - Restart all
7 - Browse by last name: A
8 - Success!
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The aforementioned TestBuilder should display "Koha::ERM::UserRole", not be empty.
This patch adds a primary key to the erm_user_roles table and fixes that.
Also includes atomicupdate file to update database schema as well as updates to
kohastructure.sql provided by Jonathan Druart.
Looked into the vue files but didn't find anywhere or a need to include the new
primary key in any of the requests as there is no request of users by role_user_id
being made.
Erm users are being created/updated as a relationship through licenceses/agreements.
Furthermore, when editing a role of an existing user, this new primary key is already
being supplied embeded in the license/agreement.
Test plan:
Add users to license and agreement
Run the cypress tests
Confirm that the change fix the test that was failing in TestBuilder.t
(another one may still fail however)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lukasz Koszyk <lukasz.koszyk@kit.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds routes for handling authentication providers to the REST
API.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_providers.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lukasz Koszyk <lukasz.koszyk@kit.edu>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lukasz Koszyk <lukasz.koszyk@kit.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
- Added API specs for new field 'notes' for erm_holdings_package;
- Added new field 'notes' in DB schema for erm;
- Added new field 'notes' in Vue.js frontend
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Same as packages, but for titles here.
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Add an "Add to holdings" and "Remove from holdings" buttons on the
resource page.
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a checkbox and flatpickr input to filter agreements by
expiration date.
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Add the ability to create new titles and attach them to a package.
The MARC to KBART2 mapping is the following (based on
https://github.com/adambuttrick/marc_to_kbart/blob/master/convert.py):
publication_title = biblio.title
print_identifier = 020$a||020$z||022$a||022$y
online_identifier = 020$a||020$z||022$a||022$y
date_first_issue_online = 866$a (before '-')
date_last_issue_online = 866$a (after '-')
num_first_vol_online = 863$a (before '-')
num_last_vol_online = 863$a (after '-')
num_first_issue_online = ?
num_last_issue_online = ?
title_url = 856$u
first_author = biblio.first_author
embargo_info = ?
coverage_depth = title_url ? 'fulltext' : 'print'
notes = $852$z
publisher_name = 260$b
publication_type = ?
date_monograph_published_print = ?
date_monograph_published_online = ?
monograph_volume = ?
monograph_edition = ?
first_editor = ?
parent_publication_title_id = ?
preceeding_publication_title_id = ?
access_type = ?
Note that title is not created (and so the resource) if a title from
this package already has a link to this bibliographic record.
Is that correct, or should we create another resource?
Should the import screen also have "start date" and "end date" to set for the
resource?
QA note: Ideally we would like to fetch the list from the REST API but the routes
are not there yet.
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
ALTER TABLE erm_agreement_licenses DROP FOREIGN KEY erm_licenses_ibfk_1;
ALTER TABLE erm_agreement_licenses DROP FOREIGN KEY erm_licenses_ibfk_2;
ALTER TABLE erm_agreement_licenses ADD CONSTRAINT `erm_agreement_licenses_ibfk_1` FOREIGN KEY (`agreement_id`) REFERENCES `erm_agreements` (`agreement_id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE erm_agreement_licenses ADD CONSTRAINT `erm_agreement_licenses_ibfk_2` FOREIGN KEY (`license_id`) REFERENCES `erm_licenses` (`license_id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE erm_licenses ADD COLUMN vendor_id INT(11) DEFAULT NULL AFTER license_id;
ALTER TABLE erm_licenses ADD CONSTRAINT `erm_licenses_ibfk_1` FOREIGN KEY (`vendor_id`) REFERENCES `aqbooksellers` (`id`) ON DELETE SET NULL ON UPDATE CASCADE;
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Document - don't send file_content when fetching a document
apt install libmojolicious-plugin-renderfile-perl
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
When a new resource is created we create a new bibliographic record in
Koha that is linked at the title level
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
At this point we renamed eHoldings to Titles and eHoldings-package to
Resource.
Packages, resources and titles are now under the eholdings namespace.
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
* Fixes a single to a double underscore for translation in holds.js
* Fixes item_group to item group in API description
* Fixes volume hold to item group hold in syspref db descrpitions
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Rebecca Coert <rcoert@arlingtonva.us>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 28786 added the ability to turn on a two-factor authentication,
using a One Time Password (OTP).
Once enabled on the system, librarian had the choice to enable or
disable it for themselves.
For security reason an administrator could decide to force the
librarians to use this second authentication step.
This patch adds a third option to the existing syspref, 'Enforced', for
that purpose.
QA notes: the code we had in the members/two_factor_auth.pl controller
has been moved to REST API controller methods (with their tests and
swagger specs), for reusability reason. Code from template has been
moved to an include file for the same reason.
Test plan:
A. Regression tests
As we modified the code we need first to confirm the existing features
are still working as expected.
1. Turn off TwoFactorAuthentication (disabled) and confirm that you are not able to
enable and access the second authentication step
2. Turn it on (enabled) and confirm that you are able to enable it in your account
3. Logout and confirm then that you are able to login into Koha
B. The new option
1. Set the pref to "enforced"
2. You are not logged out, logged in users stay logged in
3. Pick a user that does not have 2FA setup, login
4. Notice the new screen (UI is a bit ugly, suggestions welcomed)
5. Try to access Koha without enabling 2FA, you shouldn't be able to
access any pages
6. Setup 2FA and confirm that you are redirected to the login screen
7. Login, send the correct pin code
=> You are fully logged in!
Note that at 6 we could redirect to the mainpage, without the need to
login again, but I think it's preferable to reduce the change to
C4::Auth. If it's considered mandatory by QA I could have a look on
another bug report.
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch removes not required (for now) query parameters as we can
query using q= on those. They can be added back eventually, if needed.
Attributes now match the database as well.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
We reintroduced the definitions api spec file with this patch.. it's not
required.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This adds the API routes and tests
Sponsored-by: Sponsored by: Round Rock Public Library [https://www.roundrocktexas.gov/departments/library/]
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch changes holds' GET REST API endpoint permission
to place_holds to match with request.pl
Test plan:
1) prove t/db_dependent/api/v1/holds.t
Sponsored-by: Koha-Suomi Oy
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
1. Apply patch, restart_all, and updatedatabase
2. In the staff client go to a patron record or create a new patron.
3. Notice the pronouns field, make sure you add a value to it.
4. Now notice that the value should display in parentheses in places where the patron name is displayed.
5. Go to the details page and you should see the value display in quotes. ( next to othernames )
6. Check to make sure you can hide the pronouns field via BorrowerUnwantedField.
7. Check to make sure you can make the field required with BorrowerMandatoryField
8. Go to the OPAC to self register. The pronouns field should appear in the form.
9. Make sure you can make it required ( PatronSelfRegistrationBorrowerMandatoryField ) and that you can hide it ( PatronSelfRegistrationBorrowerUnwantedField ).
10. Once registered check 'your personal details'. Check that the field can be required (PatronSelfModificationMandatoryField) or hidden ( PatronSelfModificationBorrowerUnwantedField ).
11. Try some notices like ISSUESLIP. You should be able to add either <<borrowers.pronouns>> or [% borrower.pronoun %] to the notice and have it display when you generate the notice.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
[1] Correct: BackgrounJob
[2] If should filter out not current jobs
=> Had a hard time reading that one until I replaced if by it.
=> Decided to rephrase it in a more positive way.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes the following changes to the 'background_jobs' API:
* We now call them 'jobs'
* Removed deprecated query parameter definitions
* Added only_current query parameter
* Controller gets adapted to use $rs->filter_by_current when
only_current is passed
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
context has been added by bug 30889
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
Run dbrev.
Check api URL: /api/v1/public/libraries (with/without suffix /[branch_code].
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch replaces opac-ratings-ajax.pl with a new REST API route
POST /public/biblios/42/ratings
Note that we could go further and refactor the 'start_rating' select
code.
Test plan:
Test the "star ratings" feature at the OPAC, on the different page
where it's displayed.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 28786 let librarians enable a Two-factor authentication but force them to use
an application to generate the TOTP token.
This new enhancement add the ability to send an email containing the token to the
patron once it's authenticaed
The new notice template has the code '2FA_OTP_TOKEN'
Test plan:
- Setup the two-factor authentication (you need the config entry and the
syspref ON)
- Enable it for your logged in patron
- Logout
- Login and notice the new link "Send the code by email"
- Click on it and confirm that you received an email with the code
- Use the code to be fully logged in
QA question: Is 400 the correct error code to tell the email has not
been sent?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds effective_item_type_id to the items api.
We overload the to_api method to append the effective_item_type_id field
with that of the effective itemtype code.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch removes the circ/ysearch.pl script used by the jQuery autocomplete widget.
We can now use the /api/v1/patrons endpoint to retrieve the patrons and
generate the patron result list.
Prior to this patch the different occurrences were defining the style
and the list of patron's attributes to display for each option (name,
date of birth, age, address, etc.). Now they are all displaying the same
information.
To acchieve this we had to:
* Make js-date-format.inc and js-patron-get-age.inc available from js_includes.inc
and so available from everywhere, which is certainly a good move. We
could discuss why this code is in include file instead of JS files
however.
* Remove the .ajaxSetup call in tags-review.js to reduce its scope: an
underscore parameter was added to the REST API query (?)
A better solution would have been to extend the existing widget
(https://learn.jquery.com/jquery-ui/widget-factory/extending-widgets/)
but I didn't manage to do it, and I feel like there is a bug in jQuery
autocomplete. The "source" was not taken into account.
We could think about replacing the jQuery autocomplete with something
else, but that's outside the scope of this bug.
Test plan:
Search for patrons and confirm the autocomplete works and that the
"select" action works as before (either a redirect or select the
patrons) on the different views:
* Place a hold
* Search for tags (form on the left)
* In the header, "Check out" and "Search patrons"
* Add instructors to course reserves
* View logs (the "librarian" input)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the return claim details to the bundle item status
display on the catalogue details page.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds methods the the Koha::Item object for managing item
bundling operations and then exposes those methods via the REST API.
We include the new `BundleNotLoanValue` preference for setting not
for loan values when an item is added to a bundle.
Finally, we expose bundle management via the catalogue details page.
Test plan:
0) Apply patches up to this point and run the database update
1) Configuration: `BundleNotLoanValue` should have been set by the
database update and point to a newly added AV value.
2) Creating a new bundle
* Add a new bib record
* Mark the bib record as a 'collection' type by setting leader
position 7 to 'c'
* Add a new item to this bib record
* You should see a new 'Manage bundle' button available in the
'Actions' column of the Holdings table.
* Clicking 'Manage bundle' should expand the table to include a new
row directly beneath this one.
* Use the new 'Add to bundle' button that appears in this row to
trigger a modal that allows entering the barcode of items you wish
to add to the bundle
* Upon closing the modal, the bundle content table should reload and
contain your newly associated items.
* You can subsequently remove an item from a bundle using the new
'Remove' button.
3) Not for loan
* Items that have been added into a bundle should now appear as 'Not
for loan' from their original biblio record and note which bundle
they belong to.
4) Error cases
* Try adding an item that already belongs to a bundle to another
bundle: Note an error is displayed in the modal form.
5) The bundles feature can be disabled by unsetting the
`BundleNotLoanValue` system preference.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
quote_id should not be required
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Rename the issues.renewals field to renewals_count to prevent a method
name collision with the new relation accessor introduced by this
patchset.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds middle_name to the accaeptable fields in API requests
and responses.
Test plan
1) Search for a user using the API
2) Confirm the API responds with a 200
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch enables librarians with only "place_holds" permissions to cancel, suspend and resume holds via REST API.
Test plan:
1) Try to cancel or suspend a hold with only "place_holds" permissions
2) See that it is forbidden.
3) Apply the patch
4) Cancel a hold again
5) The cancellation succeeds
6) prove t/db_dependent/api/v1/holds.t
Sponsored-by: Koha-Suomi Oy
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch renames the route to make it consistent for future additions.
To test:
1. Run
$ git grep 'matches/chosen'
=> FAIL: all occurences use /api/v1/import/
2. Apply this patch
3. Run:
$ git grep 'matches/chosen'
=> SUCCESS: All occurences have '/api/v1/import_batches/'
4. Run:
$ kshell
k$ prove t/db_dependent/api/v1/import_record_matches.t
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch fixes minor spec QA issues:
* Missing summary for routes
* Missing error_code description for 500
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
On fixing the spec to have `format: date` I noticed the tests were
expecting explosions because of date handling not being done. The
OpenAPI plugin does this correctly when you set the format right.
So, I adapted the tests so they expect 400 and return the type error.
We don't usually add such tests (i.e. test the plugin does its job
correctly) but it doesn't hurt to keep them just in case something
really changes badly there (plugin bug?).
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes the following changes to the spec:
* Password being the resource and expiration_date an attribute for it,
so reorganizing things and also renaming the route.
* Be it undefined or defined, expiration date is only one and thus
should use the PUT verb (as in overwrite).
* Minor bug 30194-related fixes.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1 - prove -v t/db_dependent/api/v1/patrons_password_expiration.t
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes this header parameter rely on the OpenAPI spec to
validate and document the available options.
Right now the only place is in POST and PUT /holds.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/holds.t \
t/db_dependent/api/v1/auth_authenticate_api_request.t
=> SUCCESS: Tests pass
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests still pass!
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds the x-koha-override header parameter to the route that
is used to create suggestions, POST /suggestions.
The idea is that adding suggestions will be rejected under certain
conditions unless x-koha-override is passed with appropriate values. The
added overrides are:
* any
* max_total
* max_pending
Tests are added for the expected behavior.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Well spotted, this patch fixes the specs to be consistent and adds a
little detail to the POD as requested.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch removes superflous x-koha-embed defintions at the top level
of the endpoint specifications. It also replaces a few x-koha-embeds at
the top level with parameter lists where this had been missed in
preceeding patches.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We don't need these any more.. I think they crept back in during
rebases
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patchset adds the display of all matches found during import to the import management screen
A staff member with the permission to manage batches will be able to select for any individual record which match, or none, should be used during import
To test:
1 - Import a batch of records or export existing records from your catalog
2 - Import the file (again) and select a matching rule that will find matches
3 - Note that you now have radio buttons allowing you to select a record, or none
4 - Test scenarios:
I - When 'Action if matching record found' is 'Ignore'
a - Imported record ignored if match is selected
b - 'Action if no match found' followed if no match is selected (Ignore matches)
II - When 'Action if matching record found' is 'Replace'
a - The chosen record is the one overlayed (you can edit the chosen record before importing to confirm)
b - 'Action if no match found' followed if no match is selected (Ignore matches)
III - When 'Action if matching record found' is 'Add incoming record'
a - Record is added regardless of matches
5 - Confirm 'Diff' 'View' links work as expected
6 - Confirm that after records are imported the radio buttons to choose are disabled
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Bug 22785: API files
Signed-off-by: Ben Daeuber <bdaeuber@cityoffargo.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch removes an attribute that was actually removed 3 years ago
and causes an exception when trying to search for it. The API responses
don't include it anyways.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Due to a race and a bad rebase, the patrons embeds added on bug 30063
didn't get copied to the parameters secition, thus breaking embedding.
To test:
1. In master, open the patron search page and the inspector
2. Perform a search
=> FAIL: No results
=> FAIL: There's an error 500 in the API response, mentioning embedding
is not allowed
3. Apply this patch
4. Restart all
6. Repeat 2
=> SUCCESS: Results are back!
=> SUCCESS: No more API errors
7. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds the x-koha-request-id to all GET routes that rely on
objects.search, for immediate support for the header.
The patch itself is trivial:
- It adds the header parameter definition to the top level swagger.yaml
- It adds a reference on each route that already implements q params,
etc
To test:
1. Apply the patch
2. Reload plack
3. Notice the API still works
4. Run:
$ kshell
k$ prove t/db_dependent/api/v1/query.t
=> SUCCESS: It now passes! The /cities route implements the
x-koha-request-id header pass through.
5. Run the rest of the API tests
=> SUCCESS: All good
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
edit_borrowers should be enough, we don't need the whole borrowers
module flag
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Two new routes that do the same thing
/api/v1/acquisitions/funds/owners
/api/v1/acquisitions/funds/users
To list the possible owners and users for a fund
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Add a manager to a basket
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Create or edit an order, add users to notify on receiving
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Add new users to a serial routing list
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Create a new card batch and add new borrowernumber using the "Add
patron(s)" button.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Select a manager for a suggestion
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch simplifies the specification directory further by doing the
following:
* Inlines paths.yml into swagger.yaml
* Inlines definitions.yaml into swagger.yaml
* Inlines parameters.yaml into swagger.yaml
* Drops x-primitives.yaml
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
It was not sorted correct and had inconsistencies.
use YAML;
use File::Slurp qw( write_file );
my $hash = YAML::LoadFile('api/v1/swagger/swagger.yaml');
YAML::Bless($hash)->keys([qw(swagger basePath definitions parameters paths info tags)]);
my $info = $hash->{info};
YAML::Bless($info)->keys([qw(title version license contact description)]);
my $yaml= YAML::Dump($hash);
$yaml =~ s|'|"|xmsg;
write_file('api/v1/swagger/swagger.yaml', $yaml);
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch fixes a problem with the spec.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch changes the q_param definition so the defined query parameter
is repeatable. This way JSON::Validator will always generate an arrayref
for it and won't skip occurences.
The objects.search helper is updated to always consider the 'q'
parameter as an array, as expected.
To test:
1. Apply the regression tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/query.t
=> FAIL: Tests fail!
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch intends to be a guide for inserting Markdown documentation
for error codes. The idea is that it can be copied and pasted as-is in
new routes. And adapted to new error codes.
To test:
1. Apply this patch
2. Run:
$ npx redoc-cli@0.10.4 bundle --cdn --output index.html \
api/v1/swagger/swagger.yaml
=> SUCCESS: It builds correctly
3. Open index.tml on your browser
4. Pick a route, and see the 500 status description includes information
about the possible `error_code` values.
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds the *error_code* attribute to the error response
definition. This way it can be added when returning an error.
I also made a sample usage of it on the generic unhandled_exception
helper, which the unit tests on this patchset expect.
To test:
1. Apply the unit tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/unhandled_exceptions.t
=> FAIL: The unhandled_exception() helper doesn't return an error_code
in the response payload.
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When the route was implemented, the checks were overlooked. This patch
adds checks for:
- Guarantees
- Debts
- Current checkouts
Any of those will block deletion, as it should.
To test:
1. Apply the regression tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> FAIL: Tests fail, the route misses checks
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! The three conditions prevent deletion!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The first routes we added named parameters in camelCase. We moved to
snake_case really fast, but there are two that were kept by mistake.
This patch fixes them.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch moves all the REST API spec pieces into YAML.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/*
=> SUCCESS: Tests pass
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests still pass!
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This makes the documentation look untidy.
To test:
1. Open the api/v1/swagger/paths/libraries.json file with your favourite
editor.
=> FAIL: All routes, but this one, have tags: ['library']
2. Apply this patch
=> SUCCESS: All routes have tags: ['libraries']
3. swagger.yaml too!
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch just adds the 'date' format string to ensure we are
validating the input/output of the date_renewed field correctly.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the ability to set a library as 'public' or not; this
allows librarians to hide back office library branches from the opac.
Test plan
1/ Set a library as public from `admin > libraries`.
2/ Navigate to the `Libraries` page in the OPAC
3/ Note that only `public` libraries are displayed.
Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the new route. It also tweaks the checkout object
definition to allow embedding the required related objects (for bug 29275).
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This simple change renames the attribute in the item object API
representation.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass
2. Run:
$ git grep 'api/v1/items'
=> SUCCESS: The items routes are not (yet) used in Koha
3. Run:
$ cd koha-tmpl
$ git grep --name-only '"embed"'
=> SUCCESS: Only two templates are using embed.
4. Check:
- register.tt uses it to embed the manager, good
- parcel.tt uses it to embed items. Alert.
=> SUCCESS: parcel.tt only uses a count on items. No item_type involved.
5. Sign off
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch introduces a route to fetch items belonging to a biblio. It
is expected to return the 'public' representation of the Koha::Item
objects.
It is also enforcing the visibility rules, by using
Koha::Items->filter_by_visible_in_opac.
To test:
1. Apply this patches
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/biblios.t
=> SUCCESS: Test pass and they cover all the cases!
3. Try your favourite REST tool against the new route.
4. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch introduces a route to fetch a list of libraries or a single
library as expected on the /public namespace. It is expected to return
the 'public' representation of the Koha::Library objects.
To test:
1. Apply this patches
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/libraries.t
=> SUCCESS: Test pass and they cover all the cases!
3. Try your favourite REST tool against the new route.
4. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The objects.search helper provides convenient ways to paginate and a 'q' filter parameter to build complex queries on this Koha::Objects-based routes.
Some routes were created prior to this feature getting introduced. We need to adjust the parameters for all existing objects.search-based routes.
This patch adds that.
The only GET (as in list) routes that would still be missing the
parameters are those about ILL, that are not objects.search based, and
probably need to be rewritten.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Privileged routes need permissions defined. This patch adds the minimum
required permission until there are article request-specific permissions
in Koha: circulate: circulate_remaining_permissions
It is also clarified that interacting with an article request from
another patron, but having your own patron_id in the path would return
404 instead of 403, as technically the resource (an article request from
the patron, identified.by the supplied id) doesn't exist.
Tests are tweaked.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The API was checking for 'reserverforothers' permission, but that
doesn't make sense to apply here.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch refactors the route specs a bit, and also reorganizes code
for easier tracking.
Unused exceptions that were added earlier are removed for now.
A follow-up patch will add tests to this routes.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This bug adds a cancellation reason authorised values to article requests
To test:
1. apply this patch
2. updatedatabase
3. in staff interface go to /cgi-bin/koha/admin/authorised_values.pl
CHECK => AR_CANCELLATION category should appears
4. place several article requests
5. in staff interface go to /cgi-bin/koha/circ/article-requests.pl
6. select multiple requests, or just one and cancel them
SUCCESS => a modal pops up offering to select a cancellation reason
CHECK => message_queue table has messages with cancellation reason included
7. repeat steps 4 to 6 but for /cgi-bin/koha/circ/request-article.pl
8. cancelling article requests from opac interface should work just as before
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds an initial text explaining the valid authentication
mechanisms Koha has for the API.
My first approach included information about the controlling sysprefs,
but I decided to remove it, as it is not usual for API consumers to be
presented such detailed internal information which is probably
confusing. We could add a link to the manual, but that's not the point I
think.
I've added an entry about error messages and how we thougth about them.
It is copied from Docker Engine's API docs.
This is my 2 cents.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch moves the /cities routes spec and related files into YAML so
devs can use it as a reference for future routes.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/cities.t
=> SUCCESS: Tests pass
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests still pass!
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch simply adds a summary to the route. This will be picked by
the API docs.
It also removes the 'pickup_locations' tag, as we did in bug 28461.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
On bug 17591 we discovered that there was something weird going on with
the way we export and use subroutines/modules.
This patch tries to standardize our EXPORT to use EXPORT_OK only.
That way we will need to explicitely define the subroutine we want to
use from a module.
This patch is a squashed version of:
Bug 17600: After export.pl
Bug 17600: After perlimport
Bug 17600: Manual changes
Bug 17600: Other manual changes after second perlimports run
Bug 17600: Fix tests
And a lot of other manual changes.
export.pl is a dirty script that can be found on bug 17600.
"perlimport" is:
git clone https://github.com/oalders/App-perlimports.git
cd App-perlimports/
cpanm --installdeps .
export PERL5LIB="$PERL5LIB:/kohadevbox/koha/App-perlimports/lib"
find . \( -name "*.pl" -o -name "*.pm" \) -exec perl App-perlimports/script/perlimports --inplace-edit --no-preserve-unused --filename {} \;
The ideas of this patch are to:
* use EXPORT_OK instead of EXPORT
* perltidy the EXPORT_OK list
* remove '&' before the subroutine names
* remove some uneeded use statements
* explicitely import the subroutines we need within the controllers or
modules
Note that the private subroutines (starting with _) should not be
exported (and not used from outside of the module except from tests).
EXPORT vs EXPORT_OK (from
https://www.thegeekstuff.com/2010/06/perl-exporter-examples/)
"""
Export allows to export the functions and variables of modules to user’s namespace using the standard import method. This way, we don’t need to create the objects for the modules to access it’s members.
@EXPORT and @EXPORT_OK are the two main variables used during export operation.
@EXPORT contains list of symbols (subroutines and variables) of the module to be exported into the caller namespace.
@EXPORT_OK does export of symbols on demand basis.
"""
If this patch caused a conflict with a patch you wrote prior to its
push:
* Make sure you are not reintroducing a "use" statement that has been
removed
* "$subroutine" is not exported by the C4::$MODULE module
means that you need to add the subroutine to the @EXPORT_OK list
* Bareword "$subroutine" not allowed while "strict subs"
means that you didn't imported the subroutine from the module:
- use $MODULE qw( $subroutine list );
You can also use the fully qualified namespace: C4::$MODULE::$subroutine
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the q query parameters to the route.
To test:
1. Try the route with the following query parameter:
q={"patron_id":2}
i.e. GET /api/v1/patrons?q={"patron_id":2}
=> FAIL: You get a bad request respose
2. Apply this patch
3. Restart all
4. Repeat 1
=> SUCCESS: You get the patron
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the mentioned route. It does so by:
- Adding the new path in paths.json
- Adding the full route spec in items.json
- Adds a controller method that takes care of the task
To test:
1. Apply this patches
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass!
3. Play with your favourite REST tool. Pay special care to
the AllowHoldPolicyOverride syspref and the expected behaviors.
=> SUCCESS: All works as expected
4. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a 'summary' entry to all routes and verbs. This way,
ReDoc will display a human-friendly description of the route, instead of
the operationId.
To test, repeat the testing steps in the previous patch, and notice that
we now have good descriptions.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds entries for:
- Rotas
- Circulation rules
- Macros
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch starts the work of curating the spec documentation-related
aspects. It doesn't involve any functional change on the API, just
labels (used to render docs) and some descriptions basis is added.
- A top level 'tags' entry is added to swagger.yaml.
- The 'name' attribute is left with double quotes. This is on purpose,
to differentiate from 'x-displayName' which is the actual text to be
displayer and should be handled by documentation folks, not us, devs
:-D
- I add a very limited 'description' attribute there. It is the top
level description of the section. For example the description for the
'Biblios' section is 'Manage bibliographic records'. As it expects
Markdown, anything we want can be added there.
- Some labels have been tweaked in paths, to rollback the decision of
making the labels in paths more end-user friendly. We don't want them
to be typed much, and I picked what we use the most: snake_case.
- The order in which things are displayed, is the one we specified on
the swagger.yaml file. The 'batch import profiles' one is left at the
bottom on purpose. But this is subject to discussion. As a general
rule, I put them all in alphabetical order (on the x-displayName label
I mean).
I submit early before family duties so others can pick where I left in
the morning. So:
TODO:
- I'm not sure what's best for Advanced editor macros. My bet is we
should define a 'Macros' label, and use a summary on the routes
themselves to specify this are not just 'macros', but advanced editor
macros. Look at the return claims paths to understand how I propose to
use the 'summary' attribtue.
- I understand how we use 'rotas', but someone more familiar with the
terminology,... please... step in.
- Related to the first item here, we need to add summary to all routes,
so ReDoc doesn't display the operationId anymore. Again, I put an
example in Return claims that we can follow.
To test:
1. Have KTD running
2. Open your browser at:
http://localhost:/8080/api/v1/
3. Save the page as spec.json in some known dir
4. Go to that dir and run:
$ docker run -it --rm -p 8083:80 \
-v $(pwd)/spec.json:/usr/share/nginx/html/swagger.json \
-e SPEC_URL=swagger.json redocly/redoc
5. Open your browser at
http://localhost:8083
=> SUCCESS: You see the docs
6. Look at the list of 'categories' on the left
=> FAIL: They look a bit weird
7. Apply this patch
8. Ctrl+c on the terminal running docker
9. Reload plack
10. Repeat 2 through 6
=> SUCCESS: Wow, things look better!
11. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Or the route will be misplaced when generated by redoc
git grep tags api|grep '",'
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The way labels are used with RedDoc, we need to tidy them better. We
should do it with all the routes, but this one is specially noisy on the
UI.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch restores the PUT route, but adding a deprecation message. The
controller method is the same, and relevant patch tests are duplicated
but calling PUT, so it still gets tested.
To test:
1. Apply this patch
2. Reload plack
3. Open https://<>/api/v1/.html and find the PUT /holds/{hold_id} route
=> SUCCESS: There's a deprecation wargning!
4. Run:
$ kshell
k$ prove t/db_dependent/api/v1/holds.t
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch performs a cleanup on the holds routes:
- It adds additionalProperties: false to all missing routes
- It syncs the spec with the guidelines
- additionalProperties: false highlighted some attributes read in the
controlled weren't declared on the spec, adding them
- PUT /holds/:hold_id is moved to PATCH, as it makes more sense and
gathered opinions lean towards that
To test:
1. Apply the tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Lots of things are wrong with the API
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This response codes are not actually used.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds missing attribute to the object definitions in the spec.
We wrongly supposed it was the default, but it proved not.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1
=> SUCCESS: Tests pass, nothing breaks!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the route follow the coding guidelines and thus:
- Return the generated object
- Use the status code 201 for the response
To test:
1. Apply the tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons_accounts.t
=> FAIL: Tests fail. The reponse body and status is incorrect
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The embeddable 'manager' relation field was missing from the
specification file and as such calls using this embed would result in a
500 error since we introduced 'additionalProperties: false'.
Test plan
1/ Enable 'UseCashRegisters'
2/ Navigate to the register details page
3/ Inspect the network traffic and note a 500 error on the cashups api
call
4/ Apply the patch
5/ The 500 should have gone away and been replaced with an empty
resultset 200 page.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
So, this one was hidden.
The failures were:
# Failed test 'Bad plugins raise warning'
# at t/db_dependent/Koha/REST/Plugin/PluginRoutes.t line 75.
# found warning: Warning: Could not load REST API spec bundle: Invalid JSON specification HASH(0x556972b22da0):
# found warning: Warning: Could not load REST API spec bundle: Invalid JSON specification HASH(0x5569735b8368):
# expected to find warning: (?^u:Could not load REST API spec bundle: Invalid JSON specification)
# expected to find warning: (?^u:The resulting spec is invalid. Skipping Bad API Route Plugin)
And the correct error was (after a debug warn in JSON::Validator):
Warning: Could not load REST API spec bundle: Invalid JSON specification HASH(0x55fd0c3d3160):
- /info/version: Expected string - got number. at /usr/share/perl5/JSON/Validator.pm line 165.
So this patch fixes it, but I don't understand why it's only failing for
plugin routes however.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>