Tomas Cohen Arazi
39d090a8b6
Bug 17927 introduced data type fixes on the /patrons endpoint (integer and boolean types got fixed). This led to the /patrons endpoint not to work because the underlying code didn't provide the right data. With the introduction of TO_JSON on Koha::Object(s) we now have a way to output the proper data types. This patch does so by: - Adding is_boolean => 1 to the relevant columns on the Borrower.pm schema file. - Tweaking the controller class for the /patrons endpoint so it doesn't use the $object(s)->unblessed call but just let the Mojo::JSON library pick out TO_JSON implementation instead on rendering the output. - It adds a new test for booleans. To test: - Have 17927 applied - Run: $ prove t/db_dependent/api/v1/patrons.t => FAIL: Tests fail [1] - Apply this patches - Run: $ prove t/db_dependent/api/v1/patrons.t => SUCCESS: Tests pass! - Sign off! :-D [1] It is self explanatory to just try the API using any of the available tools (I use HttpRequester on Firefox) Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
134 lines
4.2 KiB
Perl
134 lines
4.2 KiB
Perl
#!/usr/bin/env perl
|
|
|
|
# This file is part of Koha.
|
|
#
|
|
# Koha is free software; you can redistribute it and/or modify it under the
|
|
# terms of the GNU General Public License as published by the Free Software
|
|
# Foundation; either version 3 of the License, or (at your option) any later
|
|
# version.
|
|
#
|
|
# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
|
|
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License along
|
|
# with Koha; if not, write to the Free Software Foundation, Inc.,
|
|
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
|
|
use Modern::Perl;
|
|
|
|
use Test::More tests => 21;
|
|
use Test::Mojo;
|
|
use t::lib::TestBuilder;
|
|
|
|
use C4::Auth;
|
|
use C4::Context;
|
|
|
|
use Koha::Database;
|
|
use Koha::Patron;
|
|
|
|
my $builder = t::lib::TestBuilder->new();
|
|
|
|
my $dbh = C4::Context->dbh;
|
|
$dbh->{AutoCommit} = 0;
|
|
$dbh->{RaiseError} = 1;
|
|
|
|
$ENV{REMOTE_ADDR} = '127.0.0.1';
|
|
my $t = Test::Mojo->new('Koha::REST::V1');
|
|
|
|
my $categorycode = $builder->build({ source => 'Category' })->{ categorycode };
|
|
my $branchcode = $builder->build({ source => 'Branch' })->{ branchcode };
|
|
my $guarantor = $builder->build({
|
|
source => 'Borrower',
|
|
value => {
|
|
branchcode => $branchcode,
|
|
categorycode => $categorycode,
|
|
flags => 0,
|
|
}
|
|
});
|
|
my $borrower = $builder->build({
|
|
source => 'Borrower',
|
|
value => {
|
|
branchcode => $branchcode,
|
|
categorycode => $categorycode,
|
|
flags => 0,
|
|
lost => 1,
|
|
guarantorid => $guarantor->{borrowernumber},
|
|
}
|
|
});
|
|
|
|
$t->get_ok('/api/v1/patrons')
|
|
->status_is(401);
|
|
|
|
$t->get_ok("/api/v1/patrons/" . $borrower->{ borrowernumber })
|
|
->status_is(401);
|
|
|
|
my $session = C4::Auth::get_session('');
|
|
$session->param('number', $borrower->{ borrowernumber });
|
|
$session->param('id', $borrower->{ userid });
|
|
$session->param('ip', '127.0.0.1');
|
|
$session->param('lasttime', time());
|
|
$session->flush;
|
|
|
|
my $session2 = C4::Auth::get_session('');
|
|
$session2->param('number', $guarantor->{ borrowernumber });
|
|
$session2->param('id', $guarantor->{ userid });
|
|
$session2->param('ip', '127.0.0.1');
|
|
$session2->param('lasttime', time());
|
|
$session2->flush;
|
|
|
|
my $tx = $t->ua->build_tx(GET => '/api/v1/patrons');
|
|
$tx->req->cookies({name => 'CGISESSID', value => $session->id});
|
|
$t->request_ok($tx)
|
|
->status_is(403);
|
|
|
|
$tx = $t->ua->build_tx(GET => "/api/v1/patrons/" . ($borrower->{ borrowernumber }-1));
|
|
$tx->req->cookies({name => 'CGISESSID', value => $session->id});
|
|
$t->request_ok($tx)
|
|
->status_is(403)
|
|
->json_is('/required_permissions', {"borrowers" => "1"});
|
|
|
|
# User without permissions, but is the owner of the object
|
|
$tx = $t->ua->build_tx(GET => "/api/v1/patrons/" . $borrower->{borrowernumber});
|
|
$tx->req->cookies({name => 'CGISESSID', value => $session->id});
|
|
$t->request_ok($tx)
|
|
->status_is(200);
|
|
|
|
# User without permissions, but is the guarantor of the owner of the object
|
|
$tx = $t->ua->build_tx(GET => "/api/v1/patrons/" . $borrower->{borrowernumber});
|
|
$tx->req->cookies({name => 'CGISESSID', value => $session2->id});
|
|
$t->request_ok($tx)
|
|
->status_is(200)
|
|
->json_is('/guarantorid', $guarantor->{borrowernumber});
|
|
|
|
my $loggedinuser = $builder->build({
|
|
source => 'Borrower',
|
|
value => {
|
|
branchcode => $branchcode,
|
|
categorycode => $categorycode,
|
|
flags => 16 # borrowers flag
|
|
}
|
|
});
|
|
|
|
$session = C4::Auth::get_session('');
|
|
$session->param('number', $loggedinuser->{ borrowernumber });
|
|
$session->param('id', $loggedinuser->{ userid });
|
|
$session->param('ip', '127.0.0.1');
|
|
$session->param('lasttime', time());
|
|
$session->flush;
|
|
|
|
$tx = $t->ua->build_tx(GET => '/api/v1/patrons');
|
|
$tx->req->cookies({name => 'CGISESSID', value => $session->id});
|
|
$tx->req->env({REMOTE_ADDR => '127.0.0.1'});
|
|
$t->request_ok($tx)
|
|
->status_is(200);
|
|
|
|
$tx = $t->ua->build_tx(GET => "/api/v1/patrons/" . $borrower->{ borrowernumber });
|
|
$tx->req->cookies({name => 'CGISESSID', value => $session->id});
|
|
$t->request_ok($tx)
|
|
->status_is(200)
|
|
->json_is('/borrowernumber' => $borrower->{ borrowernumber })
|
|
->json_is('/surname' => $borrower->{ surname })
|
|
->json_is('/lost' => 1 );
|
|
|
|
$dbh->rollback;
|