Commit graph

244 commits

Author SHA1 Message Date
9c4a1b19aa Bug 27947: (QA follow-up) Clarify permissions
Privileged routes need permissions defined. This patch adds the minimum
required permission until there are article request-specific permissions
in Koha: circulate: circulate_remaining_permissions

It is also clarified that interacting with an article request  from
another patron, but having your own patron_id in the path would return
404 instead of 403, as technically the resource (an article request from
the patron, identified.by the supplied id) doesn't exist.

Tests are tweaked.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 10:09:25 +02:00
b3bc8c21b2 Bug 27947: (QA follow-up) Remove incorrect permission check
The API was checking for 'reserverforothers' permission, but that
doesn't make sense to apply here.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 10:09:25 +02:00
dc79aa0f40 Bug 27947: (QA follow-up) Refactor routes
This patch refactors the route specs a bit, and also reorganizes code
for easier tracking.

Unused exceptions that were added earlier are removed for now.

A follow-up patch will add tests to this routes.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 10:09:25 +02:00
Agustin Moyano
a10af06203 Bug 27947: Add cancellation reason to article request
This bug adds a cancellation reason authorised values to article requests

To test:
1. apply this patch
2. updatedatabase
3. in staff interface go to /cgi-bin/koha/admin/authorised_values.pl
CHECK => AR_CANCELLATION category should appears
4. place several article requests
5. in staff interface go to /cgi-bin/koha/circ/article-requests.pl
6. select multiple requests, or just one and cancel them
SUCCESS => a modal pops up offering to select a cancellation reason
CHECK => message_queue table has messages with cancellation reason included
7. repeat steps 4 to 6 but for /cgi-bin/koha/circ/request-article.pl
8. cancelling article requests from opac interface should work just as before

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 10:09:25 +02:00
870e3e8e16 Bug 28412: Add information about supported authentication methods
This patch adds an initial text explaining the valid authentication
mechanisms Koha has for the API.

My first approach included information about the controlling sysprefs,
but I decided to remove it, as it is not usual for API consumers to be
presented such detailed internal information which is probably
confusing. We could add a link to the manual, but that's not the point I
think.

I've added an entry about error messages and how we thougth about them.
It is copied from Docker Engine's API docs.

This is my 2 cents.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-09-21 20:22:57 +02:00
4d3d400d7f Bug 29072: Move reference route /cities spec to YAML
This patch moves the /cities routes spec and related files into YAML so
devs can use it as a reference for future routes.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/cities.t
=> SUCCESS: Tests pass
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests still pass!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-09-21 20:22:57 +02:00
fad3af0005 Bug 28842: A summary to the /items/:item_id/pickup_locations route
This patch simply adds a summary to the route. This will be picked by
the API docs.

It also removes the 'pickup_locations' tag, as we did in bug 28461.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-08-16 09:56:35 +02:00
ae43d0cfe0 Bug 28848: Make sure the 'swagger' attribute is a string
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-08-16 09:56:31 +02:00
9d6d641d1f Bug 17600: Standardize our EXPORT_OK
On bug 17591 we discovered that there was something weird going on with
the way we export and use subroutines/modules.
This patch tries to standardize our EXPORT to use EXPORT_OK only.

That way we will need to explicitely define the subroutine we want to
use from a module.

This patch is a squashed version of:
Bug 17600: After export.pl
Bug 17600: After perlimport
Bug 17600: Manual changes
Bug 17600: Other manual changes after second perlimports run
Bug 17600: Fix tests

And a lot of other manual changes.

export.pl is a dirty script that can be found on bug 17600.

"perlimport" is:
git clone https://github.com/oalders/App-perlimports.git
cd App-perlimports/
cpanm --installdeps .
export PERL5LIB="$PERL5LIB:/kohadevbox/koha/App-perlimports/lib"
find . \( -name "*.pl" -o -name "*.pm" \) -exec perl App-perlimports/script/perlimports --inplace-edit --no-preserve-unused --filename {} \;

The ideas of this patch are to:
* use EXPORT_OK instead of EXPORT
* perltidy the EXPORT_OK list
* remove '&' before the subroutine names
* remove some uneeded use statements
* explicitely import the subroutines we need within the controllers or
modules

Note that the private subroutines (starting with _) should not be
exported (and not used from outside of the module except from tests).

EXPORT vs EXPORT_OK (from
https://www.thegeekstuff.com/2010/06/perl-exporter-examples/)
"""
Export allows to export the functions and variables of modules to user’s namespace using the standard import method. This way, we don’t need to create the objects for the modules to access it’s members.

@EXPORT and @EXPORT_OK are the two main variables used during export operation.

@EXPORT contains list of symbols (subroutines and variables) of the module to be exported into the caller namespace.

@EXPORT_OK does export of symbols on demand basis.
"""

If this patch caused a conflict with a patch you wrote prior to its
push:
* Make sure you are not reintroducing a "use" statement that has been
removed
* "$subroutine" is not exported by the C4::$MODULE module
means that you need to add the subroutine to the @EXPORT_OK list
* Bareword "$subroutine" not allowed while "strict subs"
means that you didn't imported the subroutine from the module:
  - use $MODULE qw( $subroutine list );
You can also use the fully qualified namespace: C4::$MODULE::$subroutine

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-07-16 08:58:47 +02:00
0efdb1bb7a Bug 28480: Add q parameters for GET /patrons
This patch adds the q query parameters to the route.

To test:
1. Try the route with the following query parameter:
   q={"patron_id":2}
   i.e. GET /api/v1/patrons?q={"patron_id":2}
=> FAIL: You get a bad request respose
2. Apply this patch
3. Restart all
4. Repeat 1
=> SUCCESS: You get the patron
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-06-23 15:09:55 +02:00
cb9d3839c9 Bug 15788: Make the API require the new permission
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-06-21 13:50:27 +02:00
e775c1b668 Bug 28271: Adjust API spec
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-06-21 10:50:09 +02:00
bbe424dcfb Bug 27931: Add GET /items/:item_id/pickup_locations
This patch adds the mentioned route. It does so by:
- Adding the new path in paths.json
- Adding the full route spec in items.json
- Adds a controller method that takes care of the task

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass!
3. Play with your favourite REST tool. Pay special care to
   the AllowHoldPolicyOverride syspref and the expected behaviors.
=> SUCCESS: All works as expected
4. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-06-14 17:35:19 +02:00
748b2e91a3 Bug 28463: Add summary to all routes
This patch adds a 'summary' entry to all routes and verbs. This way,
ReDoc will display a human-friendly description of the route, instead of
the operationId.

To test, repeat the testing steps in the previous patch, and notice that
we now have good descriptions.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-27 17:17:19 +02:00
2b4cde96d5 Bug 28463: Add missing tags
This patch adds entries for:

- Rotas
- Circulation rules
- Macros

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-27 17:17:19 +02:00
f1dca080d4 Bug 28463: Add tags definitions in swagger.yaml
This patch starts the work of curating the spec documentation-related
aspects. It doesn't involve any functional change on the API, just
labels (used to render docs) and some descriptions basis is added.

- A top level 'tags' entry is added to swagger.yaml.
- The 'name' attribute is left with double quotes. This is on purpose,
  to differentiate from 'x-displayName' which is the actual text to be
  displayer and should be handled by documentation folks, not us, devs
  :-D
- I add a very limited 'description' attribute there. It is the top
  level description of the section. For example the description for the
  'Biblios' section is 'Manage bibliographic records'. As it expects
  Markdown, anything we want can be added there.
- Some labels have been tweaked in paths, to rollback the decision of
  making the labels in paths more end-user friendly. We don't want them
  to be typed much, and I picked what we use the most: snake_case.
- The order in which things are displayed, is the one we specified on
  the swagger.yaml file. The 'batch import profiles' one is left at the
  bottom on purpose. But this is subject to discussion. As a general
  rule, I put them all in alphabetical order (on the x-displayName label
  I mean).

I submit early before family duties so others can pick where I left in
the morning. So:

TODO:
- I'm not sure what's best for Advanced editor macros. My bet is we
  should define a 'Macros' label, and use a summary on the routes
  themselves to specify this are not just 'macros', but advanced editor
  macros. Look at the return claims paths to understand how I propose to
  use the 'summary' attribtue.
- I understand how we use 'rotas', but someone more familiar with the
  terminology,... please... step in.
- Related to the first item here, we need to add summary to all routes,
  so ReDoc doesn't display the operationId anymore. Again, I put an
  example in Return claims that we can follow.

To test:
1. Have KTD running
2. Open your browser at:
   http://localhost:/8080/api/v1/
3. Save the page as spec.json in some known dir
4. Go to that dir and run:
   $ docker run -it --rm -p 8083:80 \
       -v $(pwd)/spec.json:/usr/share/nginx/html/swagger.json \
       -e SPEC_URL=swagger.json redocly/redoc
5. Open your browser at
   http://localhost:8083
=> SUCCESS: You see the docs
6. Look at the list of 'categories' on the left
=> FAIL: They look a bit weird
7. Apply this patch
8. Ctrl+c on the terminal running docker
9. Reload plack
10. Repeat 2 through 6
=> SUCCESS: Wow, things look better!
11. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-27 17:17:19 +02:00
4a15c972a8 Bug 28461: Fix orders, biblios, holds
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-26 15:05:58 +02:00
09e47b434c Bug 28461: Fix SMTP servers and extended attributes
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-26 14:59:26 +02:00
9de4594cf7 Bug 28461: Specify only one tag per route
Or the route will be misplaced when generated by redoc

git grep tags api|grep '",'

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-26 14:59:26 +02:00
07e760bff8 Bug 28414: Fix labels for return claims
The way labels are used with RedDoc, we need to tidy them better. We
should do it with all the routes, but this one is specially noisy on the
UI.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:45:22 +02:00
223541bba4 Bug 28369: (QA follow-up) Restore PUT with deprecation message
This patch restores the PUT route, but adding a deprecation message. The
controller method is the same, and relevant patch tests are duplicated
but calling PUT, so it still gets tested.

To test:
1. Apply this patch
2. Reload plack
3. Open https://<>/api/v1/.html and find the PUT /holds/{hold_id} route
=> SUCCESS: There's a deprecation wargning!
4. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:18 +02:00
a554b5a545 Bug 28369: Set additionalProperties: false and fix things
This patch performs a cleanup on the holds routes:
- It adds additionalProperties: false to all missing routes
- It syncs the spec with the guidelines
- additionalProperties: false highlighted some attributes read in the
  controlled weren't declared on the spec, adding them
- PUT /holds/:hold_id is moved to PATCH, as it makes more sense and
  gathered opinions lean towards that

To test:
1. Apply the tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Lots of things are wrong with the API
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:18 +02:00
f6308ae4f1 Bug 28370: Fix invalid responses in /patrons
This response codes are not actually used.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:18 +02:00
18a332e608 Bug 28370: (follow-up) More cases
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:18 +02:00
051a06e69b Bug 28370: Add missing additionalProperties in spec
This patch adds missing attribute to the object definitions in the spec.
We wrongly supposed it was the default, but it proved not.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1
=> SUCCESS: Tests pass, nothing breaks!
3. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:17 +02:00
d934d66f00 Bug 28424: (28370 follow-up) Fix response definition
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:17 +02:00
cfcc34fde7 Bug 28424: Fix patron credits route (POST)
This patch makes the route follow the coding guidelines and thus:
- Return the generated object
- Use the status code 201 for the response

To test:
1. Apply the tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/patrons_accounts.t
=> FAIL: Tests fail. The reponse body and status is incorrect
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-25 09:28:17 +02:00
300210e8c3 Bug 28272: (QA follow-up) Add 'manager' to cashups definition
The embeddable 'manager' relation field was missing from the
specification file and as such calls using this embed would result in a
500 error since we introduced 'additionalProperties: false'.

Test plan
1/ Enable 'UseCashRegisters'
2/ Navigate to the register details page
3/ Inspect the network traffic and note a 500 error on the cashups api
call
4/ Apply the patch
5/ The 500 should have gone away and been replaced with an empty
resultset 200 page.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-20 08:41:48 +02:00
d5c155203e Bug 28189: Fix PluginRoutes.t
So, this one was hidden.

The failures were:
    #   Failed test 'Bad plugins raise warning'
    #   at t/db_dependent/Koha/REST/Plugin/PluginRoutes.t line 75.
    # found warning: Warning: Could not load REST API spec bundle: Invalid JSON specification HASH(0x556972b22da0):
    # found warning: Warning: Could not load REST API spec bundle: Invalid JSON specification HASH(0x5569735b8368):
    # expected to find warning: (?^u:Could not load REST API spec bundle: Invalid JSON specification)
    # expected to find warning: (?^u:The resulting spec is invalid. Skipping Bad API Route Plugin)

And the correct error was (after a debug warn in JSON::Validator):
Warning: Could not load REST API spec bundle: Invalid JSON specification HASH(0x55fd0c3d3160):
- /info/version: Expected string - got number. at /usr/share/perl5/JSON/Validator.pm line 165.

So this patch fixes it, but I don't understand why it's only failing for
plugin routes however.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-17 16:07:17 +02:00
3c16e0110e Bug 28189: Move swagger file to YAML format
This patch changes the base OpenAPI file (swagger.json) into YAML. The
motivation for this, is adding more documentation, in Markdown.

JSON doesn't accept multiline strings, so this seems like a good move
for readability.

To test:
1. Verify your API is functional
2. Apply this patch
3. Repeat 1
=> SUCCESS: No changes, really
4. Point your browser to /api/v1/.html
=> SUCCESS: Some nicely formatted description of the API can be seen. It
includes information about x-koha-library.
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-12 17:39:36 +02:00
c3f1ebec61 Bug 28272: Add unseen_renewals for checkouts
t/db_dependent/api/v1/checkouts.t ...................... 7/93
 #   Failed test '200 OK'
 #   at t/db_dependent/api/v1/checkouts.t line 198.
 #          got: '500'
 #     expected: '200'

 #   Failed test 'exact match for JSON Pointer ""'
 #   at t/db_dependent/api/v1/checkouts.t line 198.
 #     Structures begin differing at:
 #          $got->{unseen_renewals} = Does not exist
 #     $expected->{unseen_renewals} = '0'
 t/db_dependent/api/v1/checkouts.t ...................... 88/93
 #   Failed test '200 OK'
 #   at t/db_dependent/api/v1/checkouts.t line 218.
 #          got: '500'
 #     expected: '200'

 #   Failed test 'exact match for JSON Pointer ""'
 #   at t/db_dependent/api/v1/checkouts.t line 218.
 #     Structures begin differing at:
 #          $got->{max_renewals} = Does not exist
 #     $expected->{max_renewals} = '1'
 # Looks like you failed 4 tests of 93.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-11 09:26:47 +02:00
741d8a0e53 Bug 28272: Fix many things...
This patch could've been splitted into several. But, overall, adding
additionalAttributes: false made the API fail on requests that send
extra info (i.e. cases in which a dev added an attribute to the
underlaying class/table and forgot to deal with it on the API (either
adding it on the spec, or removing it from the response using
Koha::Class::to_api_mapping).

- Koha::Account::Line was missing: credit_type, interface, status,
  register_id and credit_number. I decided to call cash_register_id, and
  to remove credit_number from the response.
  FIXME: We need consensus on a name for the credit_number attribute, and
  add it to the response on the API. It deserves a separate bug. Too
  opinionated for a last-minute fix.
- Koha::Club::Hold::add was returning bad auto-calculated values on
  field that (also) wasn't specified on the spec. Needs a test.
- import_batch_profile had a typo: id_profile vs. profile_id.
- error.json: In this case I reverted the change. This is because some
  routes are adding more 'info' with the error message, and I consider
  this should be done in a more generic approach. Time is required for
  us to think about this. So don't break the API in the meantime.
  FIXME: Implement a generic way to add a payload to error messages on
  the API. Maybe something to work on while on bug 28020.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/
=> FAIL: Lots of tests fail
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-11 09:04:13 +02:00
68bb349593 Bug 28272: Fix note_seen, desk_id, cancellation_reason
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-10 17:55:30 +02:00
14ab5abf44 Bug 28272: Prevent api spec to accept extra parameters
Some of our definition files are missing { additionalProperties: false }
We must have it to make sure all properties are defined and prevent the
spec to accept extra parameters (being more strict but also allowing to
catch errors more easily)

grep -rL additionalProperties api/v1/swagger/definitions/*.json

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-10 10:28:02 +02:00
01b9367625 Bug 28254: Make PUT /holds/:hold_id/pickup_location honour x-koha-override
This patch adds a new parameter (x-koha-override header) to the route,
and makes the controller pass this information (override requested) when
the AllowHoldPolicyOverride syspref is set, to
Koha::Hold->set_pickup_location.

This way, under certain conditions, we can be sure the update wont'
fail.

To test:
1. Apply this patchset
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-04 14:22:08 +02:00
e5c8f741f9 Bug 27797: (follow-up): Remove stray x-koha-override definition
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-04 14:22:04 +02:00
098e93e7cc Bug 27797: Make POST /holds use the stashed koha.overrides
Bug 26181 introduced a way to override behavior through a new header,
x-koha-override. And bug 27760 introduced a generic approach to handle
x-koha-override.

This patchset makes the POST /api/v1/holds route rely on this new way of
handling x-koha-override instead of doing it manually.

The header is added to the spec as a parameter.

Note: the header should be defined as:

    "type": "array",
    "collectionFormat": "csv",
    "items": {
        "type": "string",
        "enum": [
            "any"
        ]
    }

but the versions of JSON::Validator we use have lots of bugs related to
header type coercion, so it just doesn't work. The changelog for
JSON::Validator is fairly elocuent about it.

The override now takes a list of valid keywords (right now only 'any'
but it would be fairly straight-forward to add a fairly granular set of
options based on each possible AddReserve failure.

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> SUCCESS: Tests pass!
4. Sign off!

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-05-04 14:22:03 +02:00
2db98432d8 Bug 27932: Add GET /biblios/:biblio_id/pickup_locations route
This patch adds the mentioned route. It does so by:
- Adding the new path in paths.json
- Adding the full route spec in biblios.json
- Adds a controller method that takes care of the task

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/biblios.t
=> SUCCESS: Tests pass!
3. Play with your favourite REST tool. Pay special care to
   the AllowHoldPolicyOverride syspref and the expected behaviors.
=> SUCCESS: All works as expected
4. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-04-30 17:19:01 +02:00
4d011bd998 Bug 23666: Add PATCH /patron/:patron_id/extended_attributes/:extended_attribute_id
This patch adds the described route. It is designed to use the
underlying libraries' methods to update an existing attribute.

The tests cover the use cases.

Note: I added handling for two exceptions that can only occur on bad
data (i.e. not by using our codebase). This are:
- Koha::Exceptions::Patron::Attribute::InvalidType
- Koha::Exceptions::Patron::Attribute::NonRepeatable

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/patrons_extended_attributes.t
=> SUCCESS: Tests pass!
3. PLay with the route
=> SUCCESS: Expected behavior!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-04-22 14:50:11 +02:00
12b6d1f792 Bug 23666: (QA follow-up) Fix wrong required permissions
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-04-22 14:50:11 +02:00
13bebbaa26 Bug 23666: Add spec
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-04-22 14:50:11 +02:00
60a253c983 Bug 18729: (follow-up) Adjust API to new spec
The previous patch introduces some behavioural changes to the API, as
well as the data types that need to be passed; all happens in the tests.

This patch adapts the route so it complies with those changes:
- JSON object containing pickup_library_id attribute is now passed back
  and forth.
- The controller should take care of checking the pickup location is
  valid, using the available tools.

To test:
1. Apply the patches, up to the tests
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> ERROR: Tests fail because the controller doesn't implement the
desired behavior
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-04-16 16:27:29 +02:00
bf2c59a182 Bug 18729: Add PUT /holds/{hold_id}/pickup_location
This patch adds a route to overwrite the current pickup location.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-04-16 16:27:29 +02:00
d8be3d5084 Bug 27894: Adapt /holds/:hold_id/pickup_locations
This patch makes the controller for the route, return all valid pickup
locations (i.e. pickup_location => 1) when AllowHoldPolicyOverride is
set to 'Allow', but also adds a calculated attribute: 'needs_override'
so the consumer knows the specific pickup location needs an override
(and thus be able to provide visual feedback on a single run).

To test:
1. Apply the regression tests
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> FAILURE: Tests fail, the change is not implemented
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-04-07 16:08:04 +02:00
e32b2a9449 Bug 27366: Spec changes
Add /api/v1/patrons/{patron_id}/holds route and holds object description
to the OpenAPI specification.

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-03-16 16:08:31 +01:00
22cd0ee395 Bug 26633: Add API documentation
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-03-16 16:08:30 +01:00
8aec8a8021 Bug 26633: Add REST API for managing transfer limits
Test Plan:
1) prove t/db_dependent/api/v1/transfer_limits.t

Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org>

Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org>

Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org>

Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Bug 26633: Convert transfer_limit.json to YAML

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-03-16 16:08:30 +01:00
1ff61e7206 Bug 26273: (follow-up) Add 'Cashier' to the cashups table
This patch adds the 'Cashier' field as discussed on the bug report.

Test plan
1/ Apply patch and reload the register page to refresh the table
2/ Note that a 'Cashier' field now appears in the table
3/ Sorting and searching on 'Cashier' should work as expected
4/ Default sorting should remain as 'Date' order.
5/ Signoff

Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Bug 26273: (QA follow-up) Check for null firstname

This patch adds a test for firstname being defined before constructing
fullname from it.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-03-11 16:33:25 +01:00
cef2ecdfeb Bug 27855: (QA follow-up) Rename extended_attribute to patron_extended_attribute
This path renames the extended_attribute definition to
patron_extended_attribute to clarify that these attributes are always
attached to a patron and not a more generic class of attributes.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-03-09 10:31:47 +01:00
18ee07409a Bug 27855: Add 'extended_attributes' embedding to the spec
This patch just adds:
- The optional 'extended_attribute' attribute to the patron object
  OpenAPI definition. It consists of an array of extended_attribute
  objects.
- Add the x-koha-embed: [ 'extended_attributes' ] definition on the GET
  routes for patrons, allowing immedite availability of the
  'extended_attributes' embedding feature.

To test:
1. Apply this patchset
2. Restart Plack
3. Have some known patron_id/borrowernumber that has some extended
   attributes ('Patron attributes' on the UI).
4. Enable Basic authentication
5. Assuming the known patron_id is 1, point your favourite REST tool to http://kohadev-intra.myDNSname.org:8081/api/v1/patrons/1
   e.g.: if your user/pass is koha/koha
   curl --location --request GET 'http://kohadev-intra.myDNSname.org:8081/api/v1/patrons/1' \
        --header 'Content-Type: application/json' \
        --header 'Authorization: Basic a29oYTprb2hh'
=> SUCCESS: You get the patron object correctly, no extended_attributes
6. Repeat 5, adding the x-koha-embed header like this:
   curl --location --request GET 'http://kohadev-intra.myDNSname.org:8081/api/v1/patrons/1' \
        --header 'Content-Type: application/json' \
        --header 'x-koha-embed: extended_attributes' \
        --header 'Authorization: Basic a29oYTprb2hh'
=> SUCCESS: You get the patron, with the extended attributes inside!
7. Sign off :-D

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-03-09 10:31:47 +01:00