This patch adds a missing transaction wrapping one of the subtests. This
is probably an oversight when refactoring this file.
To test:
1. Open the patron categories page
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/oauth.t
=> SUCCESS: Tests pass
3. Reload the patron categories page
=> FAIL: There's random data in there
4. Apply this patch and repeat 2
5. Reload the patron categories page
=> SUCCESS: The random data from the previous tests is still there, but
no new random data
=> SUCCESS: Tests still pass
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds regression tests for the different authentication
mechanisms Koha supports. It highlights the fact that Koha expects
userenv to be set on authentication.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The API related tests still don't pass with the previous modifications.
They pass on D10 but fail on U18 and I did not manage to find where the
problems come from.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
I'm not sure what we need to test here, besides we get results. I'm
pretty sure we shouldn't allow a plain GET return all objects because it
could cause a DOS very easily. But it certainly belongs to a separate
bug/discussion.
In this case, I put a constraint on the items domain (by using
_per_page=10 in the query params) so it won't happen that under certain
conditions the user agent used by Test::Mojo time outs.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The original development started before the changes we introduced in the guidelines in late 2019, and the major code changes that took place in January 2020.
- Attribute mapping logic is now on the Koha::Object-level (the patches implement that, but are not using it)
- Related to the above, some helper methods like to_api and to_model are kept, the same for the mappings in the controller, they should all go away
- Related to the above, set_from_api and new_from_api should be used instead of using helper to_api and to_model methods in the controller
- $c->objects->search doesn't use the to_model and to_api params
- Response status codes need to be changed, at least for DELETE operations
Those are fixed by this patch.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/advanced_editor_macros.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds regression tests for the response bodies and statuses on
DELETE actions against existing API routes. This is just enforcing the
existing (voted) Coding guidelines for the API (tm).
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/*.t
=> FAIL: Several routes have problems
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Now the message is looking like
DBIx::Class::Storage::DBI::_dbh_execute(): DBI Exception: DBD::mysql::st execute failed: Duplicate entry
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch introduces tests for the expected behaviour on API routes
that expect a logged in user, but the request is made with an anonymous
session cookie.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail because the situation is not handled correctly in
the code
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Hold cannot be suspended if found=W:
Koha::Hold->suspend_hold
90 if ( $self->is_found ) { # We can't suspend found holds
So when TestBuilder generate a hold with found=W the test fail.
A question however:
Why did not we have the correct exception displayed somewhere? That
would be much more helpful to find the problem!
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds CORS support for API requests. It uses the
AccessControlAllowOrigin syspref. To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth.t
=> SUCCESS: Tests pass!
3. Set the AccessControlAllowOrigin to any string (for example, *)
4. Use any API testing tool (Postman?) to place a request on the API
=> SUCCESS: The response headers include Access-Control-Allow-Origin,
containing what you set on the syspref
5. Sign off :-D
Signed-off-by: Andrew Isherwood <andrew.isherwood@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Before this patch the response would return current date as the suspension end date for a hold that is suspended with no end date.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Before this fix the endpoint would accept the request but fail to actually update the hold if the request does not contain a priority parameter.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Fixes among others the invalid use of json_has() which caused broken tests to pass with older Mojolicious versions.
Signed-off-by: Mason James <mason@kohaaloha.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 9978 should have fixed them all, but some were missing.
We want all the license statements part of Koha to be identical, and
using the GPLv3 statement.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The number of parameters of AddReserve makes it hard to read and
maintain.
This patch replace it with a hashref, which will make the calls more
readable.
Moreover the bibitems has been removed as it was not used by the
subroutine.
Test plan:
- Make sure the tests pass
- Read the diff and search for typos
- Place a hold on few items
Note for QA: reservation_date and expiration_date do not match the DB column's names,
should we?
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
- Fixes a bug caused by the refactoring in
Koha/REST/V1/Checkouts.pm (run the tests without this patch and you
will see the tests fails because 'rule_name' parameter was
forgotten).
- Changes the tests to use the new Koha::CirculationRule objects
instead of directly using issuingrules DB table
Signed-off-by: Minna Kivinen <minna.kivinen@hamk.fi>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This necessitates moving the circ rules from using '*' to using
undef/NULL.
Signed-off-by: Minna Kivinen <minna.kivinen@hamk.fi>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
In t/db_dependent/api/v1/checkouts.t we define a circulation rule with renewalperiod=7.
But then the expected due date is today+14 days.
However, at the beginning of the script, the due_date of the issue is today+14 days.
That highlight that the renewal period is not taken into account.
The circulation rule is created with renewalperiod and renewalsallowed,
however GetLoanLength check the existence of issuelength to return the rule.
GetLoanLength finally return the default rule, with renewalperiod=0
Note that this has been found working on bug 18936, code will be cleaned on that patchset.
Test plan:
% prove t/db_dependent/api/v1/checkouts.t
must return green before and after this patch
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes a trivial change to the tests so they catch the way
MySQL 8 reports the duplicate key message. The difference on the API
error message is irrelevant and so it is ok to just make the tests try
both MySQL 8 output and the rest of the supported engines.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/acquisitions_orders.t \
t/db_dependent/api/v1/libraries.t \
t/db_dependent/api/v1/patrons.t
=> FAIL: Tests fail due to warning and conflict message differences
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass!
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch implements unit tests for the orders endpoint.
Sponsored-by: Camden County
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch enhances the tests for the DELETE /biblios/:biblio_id
endpoint so more fine grained permissions are tested.
It highlights the fact that the required permissions defined on the spec
are not correcttly defined.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/biblios.t
=> FAIL: Tests fail because the user (that now has subpermissions only)
does not have enough permissions for a non-existent subpermission
Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The /cities endpoint is refered in several places as the reference
implementation of a route for devs to pick it for copy and pasting. Yet,
it is outdated in terms of how the tests are written.
This patch rewrites some bits so it uses BASIC auth and the built-ins
Test::Mojo provides.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch organizes the tests better, and adds some more.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adjusts the return values and HTTP status codes, as well as
removing the use of C4::Context->userenv. It also makes the date
calculation happen on the DB engine in the case of resolving the claim.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch avoids querying the DB for an already existing
Koha::Checkouts::ReturnClaim with the same issue_id, now that there's a
UNIQUE constraint on it.
Also, 409 should be returned instead. Tests added for this changes.
To test:
- Apply this patch
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/return_claims.t
=> SUCCESS: tests pass!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds the /return_claims route to add new return claims, and
then routes to updates notes and the resolution code.
To test:
1. Apply this patches
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/return_claims.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patchset introduces a route to fetch items. It relies on the
already implemented code/mappings to get a single item.
To test:
- Apply this patches
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass!
- Try the endpoint with your favourite API tool (Postman?)
- Sign off :-D
Note: to do exact searching on barcode, you need to build the query like
this:
GET /api/v1/items?external_id=<your_barcode>&_match=exact
Signed-off-by: Jesse Maseto <jesse@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
