Koha/api/v1/swagger/paths/public_patrons.yaml
Martin Renvoize 959794e1cb
Bug 30979: Add public endpoints
This patch expands the checkouts endpoints to allow for a public workflow.

We add the availability endpoint under `/public/checkouts/availability`
and restrict the information we send back to only those fields a public
user should be allowed to see.

We also add a new checkout endpoint at `/patrons/{patron_id}/checkouts`
that allows for users to checkout to themselves and accepts the same POST
request with checkout details including item_id and a confirmation token
in the body that the staff client endpoints accept.

Signed-off-by: Silvia Meakins <smeakins@eso.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-07-14 12:14:39 -03:00

279 lines
8.2 KiB
YAML

---
"/public/patrons/{patron_id}/password":
post:
x-mojo-to: Patrons::Password#set_public
operationId: setPatronPasswordPublic
tags:
- patrons
summary: Set password for a patron (public)
parameters:
- $ref: "../swagger.yaml#/parameters/patron_id_pp"
- name: body
in: body
description: A JSON object containing password information
schema:
type: object
properties:
password:
description: New password (plain text)
type: string
password_repeated:
description: Repeated new password (plain text)
type: string
old_password:
description: Patron's original password
type: string
required:
- password
- password_repeated
- old_password
additionalProperties: false
produces:
- application/json
responses:
"200":
description: Password changed
"400":
description: Bad request
schema:
$ref: "../swagger.yaml#/definitions/error"
"401":
description: Authentication required
schema:
$ref: "../swagger.yaml#/definitions/error"
"403":
description: Access forbidden
schema:
$ref: "../swagger.yaml#/definitions/error"
"404":
description: Patron not found
schema:
$ref: "../swagger.yaml#/definitions/error"
"500":
description: |
Internal server error. Possible `error_code` attribute values:
* `internal_server_error`
schema:
$ref: "../swagger.yaml#/definitions/error"
"503":
description: Under maintenance
schema:
$ref: "../swagger.yaml#/definitions/error"
x-koha-authorization:
allow-owner: true
"/public/patrons/{patron_id}/checkouts":
post:
x-mojo-to: Checkouts#add
operationId: addCheckoutPublic
tags:
- checkouts
- patrons
summary: Add a new checkout
parameters:
- $ref: "../swagger.yaml#/parameters/patron_id_pp"
- name: body
in: body
description: A JSON object containing information about the new checkout
required: true
schema:
$ref: "../swagger.yaml#/definitions/checkout"
- name: confirmation
in: query
description: A JWT confirmation token
required: false
type: string
produces:
- application/json
responses:
"201":
description: Created checkout
schema:
$ref: "../swagger.yaml#/definitions/checkout"
"400":
description: Missing or wrong parameters
schema:
$ref: "../swagger.yaml#/definitions/error"
"401":
description: Authentication required
schema:
$ref: "../swagger.yaml#/definitions/error"
"403":
description: Cannot create checkout
schema:
$ref: "../swagger.yaml#/definitions/error"
"409":
description: Conflict in creating checkout
schema:
$ref: "../swagger.yaml#/definitions/error"
"412":
description: Precondition failed
schema:
$ref: "../swagger.yaml#/definitions/error"
"500":
description: |
Internal server error. Possible `error_code` attribute values:
* `internal_server_error`
schema:
$ref: "../swagger.yaml#/definitions/error"
"503":
description: Under maintenance
schema:
$ref: "../swagger.yaml#/definitions/error"
x-koha-authorization:
allow-owner: true
"/public/patrons/{patron_id}/guarantors/can_see_charges":
put:
x-mojo-to: Patrons#guarantors_can_see_charges
operationId: setPatronGuarantorsCanSeeCharges
tags:
- patrons
summary: Set if guarantors can see charges (public)
parameters:
- $ref: "../swagger.yaml#/parameters/patron_id_pp"
- name: body
in: body
description: A boolean representing if guarantors should be able to see the
patron's charges
required: true
schema:
type: object
properties:
allowed:
type: boolean
additionalProperties: false
produces:
- application/json
responses:
"200":
description: Charges view policy for guarantors changed
"400":
description: Bad request
schema:
$ref: "../swagger.yaml#/definitions/error"
"401":
description: Authentication required
schema:
$ref: "../swagger.yaml#/definitions/error"
"403":
description: Access forbidden
schema:
$ref: "../swagger.yaml#/definitions/error"
"404":
description: Patron not found
schema:
$ref: "../swagger.yaml#/definitions/error"
"500":
description: |
Internal server error. Possible `error_code` attribute values:
* `internal_server_error`
schema:
$ref: "../swagger.yaml#/definitions/error"
"503":
description: Under maintenance
schema:
$ref: "../swagger.yaml#/definitions/error"
x-koha-authorization:
allow-owner: true
"/public/patrons/{patron_id}/guarantors/can_see_checkouts":
put:
x-mojo-to: Patrons#guarantors_can_see_checkouts
operationId: setPatronGuarantorsCanSeeCheckouts
tags:
- patrons
summary: Set if guarantors can see checkouts
parameters:
- $ref: "../swagger.yaml#/parameters/patron_id_pp"
- name: body
in: body
description: A boolean representing if guarantors should be able to see the
patron's checkouts
required: true
schema:
type: object
properties:
allowed:
type: boolean
additionalProperties: false
produces:
- application/json
responses:
"200":
description: Check-out view policy for guarantors changed
"400":
description: Bad request
schema:
$ref: "../swagger.yaml#/definitions/error"
"401":
description: Authentication required
schema:
$ref: "../swagger.yaml#/definitions/error"
"403":
description: Access forbidden
schema:
$ref: "../swagger.yaml#/definitions/error"
"404":
description: Patron not found
schema:
$ref: "../swagger.yaml#/definitions/error"
"500":
description: |
Internal server error. Possible `error_code` attribute values:
* `internal_server_error`
schema:
$ref: "../swagger.yaml#/definitions/error"
"503":
description: Under maintenance
schema:
$ref: "../swagger.yaml#/definitions/error"
x-koha-authorization:
allow-owner: true
"/public/patrons/{patron_id}/holds/{hold_id}":
delete:
x-mojo-to: Patrons::Holds#delete_public
operationId: cancelPatronHoldPublic
tags:
- patrons
summary: Cancel a patron's hold (public)
parameters:
- $ref: "../swagger.yaml#/parameters/patron_id_pp"
- $ref: "../swagger.yaml#/parameters/hold_id_pp"
produces:
- application/json
responses:
"202":
description: Hold cancellation request accepted
"204":
description: Hold cancelled
"400":
description: Bad request
schema:
$ref: "../swagger.yaml#/definitions/error"
"401":
description: Authentication required
schema:
$ref: "../swagger.yaml#/definitions/error"
"403":
description: Access forbidden
schema:
$ref: "../swagger.yaml#/definitions/error"
"404":
description: Hold not found
schema:
$ref: "../swagger.yaml#/definitions/error"
"500":
description: |
Internal server error. Possible `error_code` attribute values:
* `internal_server_error`
schema:
$ref: "../swagger.yaml#/definitions/error"
"503":
description: Under maintenance
schema:
$ref: "../swagger.yaml#/definitions/error"
x-koha-authorization:
allow-owner: true