Commit graph

261 commits

Author SHA1 Message Date
3ba74940ee Bug 29620: (follow-up) Rename remaining old-style parameters
The first routes we added named parameters in camelCase. We moved to
snake_case really fast, but there are two that were kept by mistake.

This patch fixes them.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2021-12-07 12:33:35 -10:00
d6c67eddd3 Bug 29620: Move the OpenAPI spec to YAML format
This patch moves all the REST API spec pieces into YAML.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/*
=> SUCCESS: Tests pass
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests still pass!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2021-12-07 12:33:35 -10:00
a5885949b5 Bug 29593: Fix wrong tag in GET /public/libraries spec
This makes the documentation look untidy.

To test:
1. Open the api/v1/swagger/paths/libraries.json file with your favourite
   editor.
=> FAIL: All routes, but this one, have tags: ['library']
2. Apply this patch
=> SUCCESS: All routes have tags: ['libraries']
3. swagger.yaml too!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2021-12-07 12:16:28 -10:00
f0ca6749c5 Bug 29405: Fix date_renewed attribute format in patron spec
This patch just adds the 'date' format string to ensure we are
validating the input/output of the date_renewed field correctly.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-11-15 12:38:39 +01:00
a4c44ac212 Bug 29183: (follow-up) Add x-koha-query option
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-11-15 12:38:39 +01:00
c4d1b30276 Bug 29183: Add some documentation around query filtering
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-11-15 12:38:39 +01:00
e6e4d74b0f Bug 27360: Use 'public' to filter libraries for opac display
This patch adds the ability to set a library as 'public' or not; this
allows librarians to hide back office library branches from the opac.

Test plan
1/ Set a library as public from `admin > libraries`.
2/ Navigate to the `Libraries` page in the OPAC
3/ Note that only `public` libraries are displayed.

Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-11-03 15:40:52 +01:00
6ff32002da Bug 29290: Add spec changes
This patch adds the new route. It also tweaks the checkout object
definition to allow embedding the required related objects (for bug 29275).

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
1f3b63261e Bug 29108: Add q parameters to items routes
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
f5ee8ced57 Bug 29107: Rename item_type => item_type_id
This simple change renames the attribute in the item object API
representation.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass
2. Run:
   $ git grep 'api/v1/items'
=> SUCCESS: The items routes are not (yet) used in Koha
3. Run:
   $ cd koha-tmpl
   $ git grep --name-only '"embed"'
=> SUCCESS: Only two templates are using embed.
4. Check:
   - register.tt uses it to embed the manager, good
   - parcel.tt uses it to embed items. Alert.
=> SUCCESS: parcel.tt only uses a count on items. No item_type involved.
5. Sign off

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
9ef23bb642 Bug 27358: Add GET /public/biblios/:biblio_id/items
This patch introduces a route to fetch items belonging to a biblio. It
is expected to return the 'public' representation of the Koha::Item
objects.

It is also enforcing the visibility rules, by using
Koha::Items->filter_by_visible_in_opac.

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/biblios.t
=> SUCCESS: Test pass and they cover all the cases!
3. Try your favourite REST tool against the new route.
4. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
4a1d841e44 Bug 28948: Don't require catalogue permission for public route, don't allow smtp server embed
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
bc22185625 Bug 28948: Remove query params, 'q' param covers everything needed
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
c56b2db564 Bug 28948: Add GET /public/libraries routes
This patch introduces a route to fetch a list of libraries or a single
library as expected on the /public namespace. It is expected to return
the 'public' representation of the Koha::Library objects.

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/libraries.t
=> SUCCESS: Test pass and they cover all the cases!
3. Try your favourite REST tool against the new route.
4. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
8cc404b651 Bug 17314: OpenAPI spec
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
3e5046a029 Bug 28613: Add missing parameters to objects.search-based routes
The objects.search helper provides convenient ways to paginate and a 'q' filter parameter to build complex queries on this Koha::Objects-based routes.

Some routes were created prior to this feature getting introduced. We need to adjust the parameters for all existing objects.search-based routes.

This patch adds that.

The only GET (as in list) routes that would still be missing the
parameters are those about ILL, that are not objects.search based, and
probably need to be rewritten.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:28:30 +02:00
9c4a1b19aa Bug 27947: (QA follow-up) Clarify permissions
Privileged routes need permissions defined. This patch adds the minimum
required permission until there are article request-specific permissions
in Koha: circulate: circulate_remaining_permissions

It is also clarified that interacting with an article request  from
another patron, but having your own patron_id in the path would return
404 instead of 403, as technically the resource (an article request from
the patron, identified.by the supplied id) doesn't exist.

Tests are tweaked.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 10:09:25 +02:00
b3bc8c21b2 Bug 27947: (QA follow-up) Remove incorrect permission check
The API was checking for 'reserverforothers' permission, but that
doesn't make sense to apply here.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 10:09:25 +02:00
dc79aa0f40 Bug 27947: (QA follow-up) Refactor routes
This patch refactors the route specs a bit, and also reorganizes code
for easier tracking.

Unused exceptions that were added earlier are removed for now.

A follow-up patch will add tests to this routes.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 10:09:25 +02:00
Agustin Moyano
a10af06203 Bug 27947: Add cancellation reason to article request
This bug adds a cancellation reason authorised values to article requests

To test:
1. apply this patch
2. updatedatabase
3. in staff interface go to /cgi-bin/koha/admin/authorised_values.pl
CHECK => AR_CANCELLATION category should appears
4. place several article requests
5. in staff interface go to /cgi-bin/koha/circ/article-requests.pl
6. select multiple requests, or just one and cancel them
SUCCESS => a modal pops up offering to select a cancellation reason
CHECK => message_queue table has messages with cancellation reason included
7. repeat steps 4 to 6 but for /cgi-bin/koha/circ/request-article.pl
8. cancelling article requests from opac interface should work just as before

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 10:09:25 +02:00
870e3e8e16 Bug 28412: Add information about supported authentication methods
This patch adds an initial text explaining the valid authentication
mechanisms Koha has for the API.

My first approach included information about the controlling sysprefs,
but I decided to remove it, as it is not usual for API consumers to be
presented such detailed internal information which is probably
confusing. We could add a link to the manual, but that's not the point I
think.

I've added an entry about error messages and how we thougth about them.
It is copied from Docker Engine's API docs.

This is my 2 cents.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-09-21 20:22:57 +02:00
4d3d400d7f Bug 29072: Move reference route /cities spec to YAML
This patch moves the /cities routes spec and related files into YAML so
devs can use it as a reference for future routes.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/cities.t
=> SUCCESS: Tests pass
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests still pass!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-09-21 20:22:57 +02:00
fad3af0005 Bug 28842: A summary to the /items/:item_id/pickup_locations route
This patch simply adds a summary to the route. This will be picked by
the API docs.

It also removes the 'pickup_locations' tag, as we did in bug 28461.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-08-16 09:56:35 +02:00
ae43d0cfe0 Bug 28848: Make sure the 'swagger' attribute is a string
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-08-16 09:56:31 +02:00
9d6d641d1f Bug 17600: Standardize our EXPORT_OK
On bug 17591 we discovered that there was something weird going on with
the way we export and use subroutines/modules.
This patch tries to standardize our EXPORT to use EXPORT_OK only.

That way we will need to explicitely define the subroutine we want to
use from a module.

This patch is a squashed version of:
Bug 17600: After export.pl
Bug 17600: After perlimport
Bug 17600: Manual changes
Bug 17600: Other manual changes after second perlimports run
Bug 17600: Fix tests

And a lot of other manual changes.

export.pl is a dirty script that can be found on bug 17600.

"perlimport" is:
git clone https://github.com/oalders/App-perlimports.git
cd App-perlimports/
cpanm --installdeps .
export PERL5LIB="$PERL5LIB:/kohadevbox/koha/App-perlimports/lib"
find . \( -name "*.pl" -o -name "*.pm" \) -exec perl App-perlimports/script/perlimports --inplace-edit --no-preserve-unused --filename {} \;

The ideas of this patch are to:
* use EXPORT_OK instead of EXPORT
* perltidy the EXPORT_OK list
* remove '&' before the subroutine names
* remove some uneeded use statements
* explicitely import the subroutines we need within the controllers or
modules

Note that the private subroutines (starting with _) should not be
exported (and not used from outside of the module except from tests).

EXPORT vs EXPORT_OK (from
https://www.thegeekstuff.com/2010/06/perl-exporter-examples/)
"""
Export allows to export the functions and variables of modules to user’s namespace using the standard import method. This way, we don’t need to create the objects for the modules to access it’s members.

@EXPORT and @EXPORT_OK are the two main variables used during export operation.

@EXPORT contains list of symbols (subroutines and variables) of the module to be exported into the caller namespace.

@EXPORT_OK does export of symbols on demand basis.
"""

If this patch caused a conflict with a patch you wrote prior to its
push:
* Make sure you are not reintroducing a "use" statement that has been
removed
* "$subroutine" is not exported by the C4::$MODULE module
means that you need to add the subroutine to the @EXPORT_OK list
* Bareword "$subroutine" not allowed while "strict subs"
means that you didn't imported the subroutine from the module:
  - use $MODULE qw( $subroutine list );
You can also use the fully qualified namespace: C4::$MODULE::$subroutine

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-07-16 08:58:47 +02:00
0efdb1bb7a Bug 28480: Add q parameters for GET /patrons
This patch adds the q query parameters to the route.

To test:
1. Try the route with the following query parameter:
   q={"patron_id":2}
   i.e. GET /api/v1/patrons?q={"patron_id":2}
=> FAIL: You get a bad request respose
2. Apply this patch
3. Restart all
4. Repeat 1
=> SUCCESS: You get the patron
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-06-23 15:09:55 +02:00
cb9d3839c9 Bug 15788: Make the API require the new permission
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-06-21 13:50:27 +02:00
e775c1b668 Bug 28271: Adjust API spec
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-06-21 10:50:09 +02:00
bbe424dcfb Bug 27931: Add GET /items/:item_id/pickup_locations
This patch adds the mentioned route. It does so by:
- Adding the new path in paths.json
- Adding the full route spec in items.json
- Adds a controller method that takes care of the task

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass!
3. Play with your favourite REST tool. Pay special care to
   the AllowHoldPolicyOverride syspref and the expected behaviors.
=> SUCCESS: All works as expected
4. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-06-14 17:35:19 +02:00
748b2e91a3 Bug 28463: Add summary to all routes
This patch adds a 'summary' entry to all routes and verbs. This way,
ReDoc will display a human-friendly description of the route, instead of
the operationId.

To test, repeat the testing steps in the previous patch, and notice that
we now have good descriptions.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-27 17:17:19 +02:00
2b4cde96d5 Bug 28463: Add missing tags
This patch adds entries for:

- Rotas
- Circulation rules
- Macros

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-27 17:17:19 +02:00
f1dca080d4 Bug 28463: Add tags definitions in swagger.yaml
This patch starts the work of curating the spec documentation-related
aspects. It doesn't involve any functional change on the API, just
labels (used to render docs) and some descriptions basis is added.

- A top level 'tags' entry is added to swagger.yaml.
- The 'name' attribute is left with double quotes. This is on purpose,
  to differentiate from 'x-displayName' which is the actual text to be
  displayer and should be handled by documentation folks, not us, devs
  :-D
- I add a very limited 'description' attribute there. It is the top
  level description of the section. For example the description for the
  'Biblios' section is 'Manage bibliographic records'. As it expects
  Markdown, anything we want can be added there.
- Some labels have been tweaked in paths, to rollback the decision of
  making the labels in paths more end-user friendly. We don't want them
  to be typed much, and I picked what we use the most: snake_case.
- The order in which things are displayed, is the one we specified on
  the swagger.yaml file. The 'batch import profiles' one is left at the
  bottom on purpose. But this is subject to discussion. As a general
  rule, I put them all in alphabetical order (on the x-displayName label
  I mean).

I submit early before family duties so others can pick where I left in
the morning. So:

TODO:
- I'm not sure what's best for Advanced editor macros. My bet is we
  should define a 'Macros' label, and use a summary on the routes
  themselves to specify this are not just 'macros', but advanced editor
  macros. Look at the return claims paths to understand how I propose to
  use the 'summary' attribtue.
- I understand how we use 'rotas', but someone more familiar with the
  terminology,... please... step in.
- Related to the first item here, we need to add summary to all routes,
  so ReDoc doesn't display the operationId anymore. Again, I put an
  example in Return claims that we can follow.

To test:
1. Have KTD running
2. Open your browser at:
   http://localhost:/8080/api/v1/
3. Save the page as spec.json in some known dir
4. Go to that dir and run:
   $ docker run -it --rm -p 8083:80 \
       -v $(pwd)/spec.json:/usr/share/nginx/html/swagger.json \
       -e SPEC_URL=swagger.json redocly/redoc
5. Open your browser at
   http://localhost:8083
=> SUCCESS: You see the docs
6. Look at the list of 'categories' on the left
=> FAIL: They look a bit weird
7. Apply this patch
8. Ctrl+c on the terminal running docker
9. Reload plack
10. Repeat 2 through 6
=> SUCCESS: Wow, things look better!
11. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-27 17:17:19 +02:00
4a15c972a8 Bug 28461: Fix orders, biblios, holds
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-26 15:05:58 +02:00
09e47b434c Bug 28461: Fix SMTP servers and extended attributes
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-26 14:59:26 +02:00
9de4594cf7 Bug 28461: Specify only one tag per route
Or the route will be misplaced when generated by redoc

git grep tags api|grep '",'

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-26 14:59:26 +02:00
07e760bff8 Bug 28414: Fix labels for return claims
The way labels are used with RedDoc, we need to tidy them better. We
should do it with all the routes, but this one is specially noisy on the
UI.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:45:22 +02:00
223541bba4 Bug 28369: (QA follow-up) Restore PUT with deprecation message
This patch restores the PUT route, but adding a deprecation message. The
controller method is the same, and relevant patch tests are duplicated
but calling PUT, so it still gets tested.

To test:
1. Apply this patch
2. Reload plack
3. Open https://<>/api/v1/.html and find the PUT /holds/{hold_id} route
=> SUCCESS: There's a deprecation wargning!
4. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:18 +02:00
a554b5a545 Bug 28369: Set additionalProperties: false and fix things
This patch performs a cleanup on the holds routes:
- It adds additionalProperties: false to all missing routes
- It syncs the spec with the guidelines
- additionalProperties: false highlighted some attributes read in the
  controlled weren't declared on the spec, adding them
- PUT /holds/:hold_id is moved to PATCH, as it makes more sense and
  gathered opinions lean towards that

To test:
1. Apply the tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Lots of things are wrong with the API
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:18 +02:00
f6308ae4f1 Bug 28370: Fix invalid responses in /patrons
This response codes are not actually used.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:18 +02:00
18a332e608 Bug 28370: (follow-up) More cases
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:18 +02:00
051a06e69b Bug 28370: Add missing additionalProperties in spec
This patch adds missing attribute to the object definitions in the spec.
We wrongly supposed it was the default, but it proved not.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1
=> SUCCESS: Tests pass, nothing breaks!
3. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:17 +02:00
d934d66f00 Bug 28424: (28370 follow-up) Fix response definition
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:17 +02:00
cfcc34fde7 Bug 28424: Fix patron credits route (POST)
This patch makes the route follow the coding guidelines and thus:
- Return the generated object
- Use the status code 201 for the response

To test:
1. Apply the tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/patrons_accounts.t
=> FAIL: Tests fail. The reponse body and status is incorrect
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:17 +02:00
300210e8c3 Bug 28272: (QA follow-up) Add 'manager' to cashups definition
The embeddable 'manager' relation field was missing from the
specification file and as such calls using this embed would result in a
500 error since we introduced 'additionalProperties: false'.

Test plan
1/ Enable 'UseCashRegisters'
2/ Navigate to the register details page
3/ Inspect the network traffic and note a 500 error on the cashups api
call
4/ Apply the patch
5/ The 500 should have gone away and been replaced with an empty
resultset 200 page.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-20 08:41:48 +02:00
d5c155203e Bug 28189: Fix PluginRoutes.t
So, this one was hidden.

The failures were:
    #   Failed test 'Bad plugins raise warning'
    #   at t/db_dependent/Koha/REST/Plugin/PluginRoutes.t line 75.
    # found warning: Warning: Could not load REST API spec bundle: Invalid JSON specification HASH(0x556972b22da0):
    # found warning: Warning: Could not load REST API spec bundle: Invalid JSON specification HASH(0x5569735b8368):
    # expected to find warning: (?^u:Could not load REST API spec bundle: Invalid JSON specification)
    # expected to find warning: (?^u:The resulting spec is invalid. Skipping Bad API Route Plugin)

And the correct error was (after a debug warn in JSON::Validator):
Warning: Could not load REST API spec bundle: Invalid JSON specification HASH(0x55fd0c3d3160):
- /info/version: Expected string - got number. at /usr/share/perl5/JSON/Validator.pm line 165.

So this patch fixes it, but I don't understand why it's only failing for
plugin routes however.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-17 16:07:17 +02:00
3c16e0110e Bug 28189: Move swagger file to YAML format
This patch changes the base OpenAPI file (swagger.json) into YAML. The
motivation for this, is adding more documentation, in Markdown.

JSON doesn't accept multiline strings, so this seems like a good move
for readability.

To test:
1. Verify your API is functional
2. Apply this patch
3. Repeat 1
=> SUCCESS: No changes, really
4. Point your browser to /api/v1/.html
=> SUCCESS: Some nicely formatted description of the API can be seen. It
includes information about x-koha-library.
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-12 17:39:36 +02:00
c3f1ebec61 Bug 28272: Add unseen_renewals for checkouts
t/db_dependent/api/v1/checkouts.t ...................... 7/93
 #   Failed test '200 OK'
 #   at t/db_dependent/api/v1/checkouts.t line 198.
 #          got: '500'
 #     expected: '200'

 #   Failed test 'exact match for JSON Pointer ""'
 #   at t/db_dependent/api/v1/checkouts.t line 198.
 #     Structures begin differing at:
 #          $got->{unseen_renewals} = Does not exist
 #     $expected->{unseen_renewals} = '0'
 t/db_dependent/api/v1/checkouts.t ...................... 88/93
 #   Failed test '200 OK'
 #   at t/db_dependent/api/v1/checkouts.t line 218.
 #          got: '500'
 #     expected: '200'

 #   Failed test 'exact match for JSON Pointer ""'
 #   at t/db_dependent/api/v1/checkouts.t line 218.
 #     Structures begin differing at:
 #          $got->{max_renewals} = Does not exist
 #     $expected->{max_renewals} = '1'
 # Looks like you failed 4 tests of 93.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-11 09:26:47 +02:00
741d8a0e53 Bug 28272: Fix many things...
This patch could've been splitted into several. But, overall, adding
additionalAttributes: false made the API fail on requests that send
extra info (i.e. cases in which a dev added an attribute to the
underlaying class/table and forgot to deal with it on the API (either
adding it on the spec, or removing it from the response using
Koha::Class::to_api_mapping).

- Koha::Account::Line was missing: credit_type, interface, status,
  register_id and credit_number. I decided to call cash_register_id, and
  to remove credit_number from the response.
  FIXME: We need consensus on a name for the credit_number attribute, and
  add it to the response on the API. It deserves a separate bug. Too
  opinionated for a last-minute fix.
- Koha::Club::Hold::add was returning bad auto-calculated values on
  field that (also) wasn't specified on the spec. Needs a test.
- import_batch_profile had a typo: id_profile vs. profile_id.
- error.json: In this case I reverted the change. This is because some
  routes are adding more 'info' with the error message, and I consider
  this should be done in a more generic approach. Time is required for
  us to think about this. So don't break the API in the meantime.
  FIXME: Implement a generic way to add a payload to error messages on
  the API. Maybe something to work on while on bug 28020.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/
=> FAIL: Lots of tests fail
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-11 09:04:13 +02:00
68bb349593 Bug 28272: Fix note_seen, desk_id, cancellation_reason
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-10 17:55:30 +02:00
14ab5abf44 Bug 28272: Prevent api spec to accept extra parameters
Some of our definition files are missing { additionalProperties: false }
We must have it to make sure all properties are defined and prevent the
spec to accept extra parameters (being more strict but also allowing to
catch errors more easily)

grep -rL additionalProperties api/v1/swagger/definitions/*.json

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-10 10:28:02 +02:00