3 # This file is part of Koha.
5 # Koha is free software; you can redistribute it and/or modify it under the
6 # terms of the GNU General Public License as published by the Free Software
7 # Foundation; either version 3 of the License, or (at your option) any later
10 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
11 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
12 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License along
15 # with Koha; if not, write to the Free Software Foundation, Inc.,
16 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 use Test::More tests => 6;
22 use t::lib::TestBuilder;
35 use Koha::Biblioitems;
38 my $schema = Koha::Database->new->schema;
39 my $builder = t::lib::TestBuilder->new();
41 $schema->storage->txn_begin;
43 t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
45 my $t = Test::Mojo->new('Koha::REST::V1');
47 my $categorycode = $builder->build({ source => 'Category' })->{categorycode};
48 my $branchcode = $builder->build({ source => 'Branch' })->{branchcode};
49 my $itemtype = $builder->build({ source => 'Itemtype' })->{itemtype};
51 # Generic password for everyone
52 my $password = 'thePassword123';
54 # User without any permissions
55 my $nopermission = $builder->build_object({
56 class => 'Koha::Patrons',
58 branchcode => $branchcode,
59 categorycode => $categorycode,
63 $nopermission->set_password( { password => $password, skip_validation => 1 } );
64 my $nopermission_userid = $nopermission->userid;
66 my $patron_1 = $builder->build_object(
68 class => 'Koha::Patrons',
70 categorycode => $categorycode,
71 branchcode => $branchcode,
72 surname => 'Test Surname',
73 flags => 80, #borrowers and reserveforothers flags
77 $patron_1->set_password( { password => $password, skip_validation => 1 } );
78 my $userid_1 = $patron_1->userid;
80 my $patron_2 = $builder->build_object(
82 class => 'Koha::Patrons',
84 categorycode => $categorycode,
85 branchcode => $branchcode,
86 surname => 'Test Surname 2',
87 flags => 16, # borrowers flag
91 $patron_2->set_password( { password => $password, skip_validation => 1 } );
92 my $userid_2 = $patron_2->userid;
94 my $patron_3 = $builder->build_object(
96 class => 'Koha::Patrons',
98 categorycode => $categorycode,
99 branchcode => $branchcode,
100 surname => 'Test Surname 3',
101 flags => 64, # reserveforothers flag
105 $patron_3->set_password( { password => $password, skip_validation => 1 } );
106 my $userid_3 = $patron_3->userid;
108 my $biblio_1 = $builder->build_sample_biblio;
109 my $item_1 = $builder->build_sample_item({ biblionumber => $biblio_1->biblionumber, itype => $itemtype });
111 my $biblio_2 = $builder->build_sample_biblio;
112 my $item_2 = $builder->build_sample_item({ biblionumber => $biblio_2->biblionumber, itype => $itemtype });
114 my $dbh = C4::Context->dbh;
115 $dbh->do('DELETE FROM reserves');
116 $dbh->do('DELETE FROM issuingrules');
118 INSERT INTO issuingrules (categorycode, branchcode, itemtype, reservesallowed)
120 }, {}, '*', '*', '*', 1);
122 my $reserve_id = C4::Reserves::AddReserve($branchcode, $patron_1->borrowernumber,
123 $biblio_1->biblionumber, undef, 1, undef, undef, undef, '', $item_1->itemnumber);
125 # Add another reserve to be able to change first reserve's rank
126 my $reserve_id2 = C4::Reserves::AddReserve($branchcode, $patron_2->borrowernumber,
127 $biblio_1->biblionumber, undef, 2, undef, undef, undef, '', $item_1->itemnumber);
129 my $suspended_until = DateTime->now->add(days => 10)->truncate( to => 'day' );
130 my $expiration_date = DateTime->now->add(days => 10)->truncate( to => 'day' );
133 patron_id => int($patron_1->borrowernumber),
134 biblio_id => int($biblio_1->biblionumber),
135 item_id => int($item_1->itemnumber),
136 pickup_library_id => $branchcode,
137 expiration_date => output_pref({ dt => $expiration_date, dateformat => 'rfc3339', dateonly => 1 }),
142 suspended_until => output_pref({ dt => $suspended_until, dateformat => 'rfc3339' }),
145 subtest "Test endpoints without authentication" => sub {
147 $t->get_ok('/api/v1/holds')
149 $t->post_ok('/api/v1/holds')
151 $t->put_ok('/api/v1/holds/0')
153 $t->delete_ok('/api/v1/holds/0')
157 subtest "Test endpoints without permission" => sub {
161 $t->get_ok( "//$nopermission_userid:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber ) # no permission
164 $t->get_ok( "//$userid_3:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber ) # no permission
167 $t->post_ok( "//$nopermission_userid:$password@/api/v1/holds" => json => $post_data )
170 $t->put_ok( "//$nopermission_userid:$password@/api/v1/holds/0" => json => $put_data )
173 $t->delete_ok( "//$nopermission_userid:$password@/api/v1/holds/0" )
177 subtest "Test endpoints with permission" => sub {
181 $t->get_ok( "//$userid_1:$password@/api/v1/holds" )
187 $t->get_ok( "//$userid_1:$password@/api/v1/holds?priority=2" )
189 ->json_is('/0/patron_id', $patron_2->borrowernumber)
192 $t->put_ok( "//$userid_1:$password@/api/v1/holds/$reserve_id" => json => $put_data )
194 ->json_is( '/hold_id', $reserve_id )
195 ->json_is( '/suspended_until', output_pref({ dt => $suspended_until, dateformat => 'rfc3339' }) )
196 ->json_is( '/priority', 2 );
198 $t->delete_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id" )
201 $t->put_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id" => json => $put_data )
203 ->json_has('/error');
205 $t->delete_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id" )
207 ->json_has('/error');
209 $t->get_ok( "//$userid_2:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber )
213 my $inexisting_borrowernumber = $patron_2->borrowernumber * 2;
214 $t->get_ok( "//$userid_1:$password@/api/v1/holds?patron_id=$inexisting_borrowernumber")
218 $t->delete_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id2" )
221 $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
223 ->json_has('/hold_id');
224 # Get id from response
225 $reserve_id = $t->tx->res->json->{hold_id};
227 $t->get_ok( "//$userid_1:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber )
229 ->json_is('/0/hold_id', $reserve_id)
230 ->json_is('/0/expiration_date', output_pref({ dt => $expiration_date, dateformat => 'rfc3339', dateonly => 1 }))
231 ->json_is('/0/pickup_library_id', $branchcode);
233 $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
235 ->json_like('/error', qr/itemAlreadyOnHold/);
237 $post_data->{biblionumber} = int($biblio_2->biblionumber);
238 $post_data->{itemnumber} = int($item_2->itemnumber);
240 $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
242 ->json_like('/error', qr/itemAlreadyOnHold/);
245 subtest 'Reserves with itemtype' => sub {
249 patron_id => int($patron_1->borrowernumber),
250 biblio_id => int($biblio_1->biblionumber),
251 pickup_library_id => $branchcode,
252 item_type => $itemtype,
255 $t->delete_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id" )
258 $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
260 ->json_has('/hold_id');
262 $reserve_id = $t->tx->res->json->{hold_id};
264 $t->get_ok( "//$userid_1:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber )
266 ->json_is('/0/hold_id', $reserve_id)
267 ->json_is('/0/item_type', $itemtype);
270 $schema->storage->txn_rollback;
272 subtest 'suspend and resume tests' => sub {
276 $schema->storage->txn_begin;
278 my $password = 'AbcdEFG123';
280 my $patron = $builder->build_object(
281 { class => 'Koha::Patrons', value => { userid => 'tomasito', flags => 1 } } );
282 $patron->set_password({ password => $password, skip_validation => 1 });
283 my $userid = $patron->userid;
286 t::lib::Mocks::mock_preference( 'HoldsLog', 0 );
287 t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
289 my $hold = $builder->build_object(
290 { class => 'Koha::Holds',
291 value => { suspend => 0, suspend_until => undef, waitingdate => undef }
295 ok( !$hold->is_suspended, 'Hold is not suspended' );
296 $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
297 ->status_is( 201, 'Hold suspension created' );
299 $hold->discard_changes; # refresh object
301 ok( $hold->is_suspended, 'Hold is suspended' );
305 { dt => dt_from_string( $hold->suspend_until ),
306 dateformat => 'rfc3339',
312 $t->delete_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
313 ->status_is( 204, "Correct status when deleting a resource" )
316 # Pass a an expiration date for the suspension
317 my $date = dt_from_string()->add( days => 5 );
319 "//$userid:$password@/api/v1/holds/"
321 . "/suspension" => json => {
323 output_pref( { dt => $date, dateformat => 'rfc3339', dateonly => 1 } )
325 )->status_is( 201, 'Hold suspension created' )
326 ->json_is( '/end_date',
327 output_pref( { dt => $date, dateformat => 'rfc3339', dateonly => 1 } ) )
328 ->header_is( Location => "/api/v1/holds/" . $hold->id . "/suspension", 'The Location header is set' );
330 $t->delete_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
331 ->status_is( 204, "Correct status when deleting a resource" )
334 $hold->set_waiting->discard_changes;
336 $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
337 ->status_is( 400, 'Cannot suspend waiting hold' )
338 ->json_is( '/error', 'Found hold cannot be suspended. Status=W' );
340 $hold->set_waiting(1)->discard_changes;
342 $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
343 ->status_is( 400, 'Cannot suspend waiting hold' )
344 ->json_is( '/error', 'Found hold cannot be suspended. Status=T' );
346 $schema->storage->txn_rollback;
349 subtest 'PUT /holds/{hold_id}/priority tests' => sub {
353 $schema->storage->txn_begin;
355 my $password = 'AbcdEFG123';
357 my $library = $builder->build_object({ class => 'Koha::Libraries' });
358 my $patron_np = $builder->build_object(
359 { class => 'Koha::Patrons', value => { flags => 0 } } );
360 $patron_np->set_password( { password => $password, skip_validation => 1 } );
361 my $userid_np = $patron_np->userid;
363 my $patron = $builder->build_object(
364 { class => 'Koha::Patrons', value => { flags => 0 } } );
365 $patron->set_password( { password => $password, skip_validation => 1 } );
366 my $userid = $patron->userid;
369 source => 'UserPermission',
371 borrowernumber => $patron->borrowernumber,
373 code => 'modify_holds_priority',
379 t::lib::Mocks::mock_preference( 'HoldsLog', 0 );
380 t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
382 my $biblio = $builder->build_sample_biblio;
383 my $patron_1 = $builder->build_object(
385 class => 'Koha::Patrons',
386 value => { branchcode => $library->branchcode }
389 my $patron_2 = $builder->build_object(
391 class => 'Koha::Patrons',
392 value => { branchcode => $library->branchcode }
395 my $patron_3 = $builder->build_object(
397 class => 'Koha::Patrons',
398 value => { branchcode => $library->branchcode }
402 my $hold_1 = Koha::Holds->find(
404 $library->branchcode, $patron_1->borrowernumber,
405 $biblio->biblionumber, undef,
409 my $hold_2 = Koha::Holds->find(
411 $library->branchcode, $patron_2->borrowernumber,
412 $biblio->biblionumber, undef,
416 my $hold_3 = Koha::Holds->find(
418 $library->branchcode, $patron_3->borrowernumber,
419 $biblio->biblionumber, undef,
424 $t->put_ok( "//$userid_np:$password@/api/v1/holds/"
426 . "/priority" => json => 1 )->status_is(403);
428 $t->put_ok( "//$userid:$password@/api/v1/holds/"
430 . "/priority" => json => 1 )->status_is(200)->json_is(1);
432 is( $hold_1->discard_changes->priority, 2, 'Priority adjusted correctly' );
433 is( $hold_2->discard_changes->priority, 3, 'Priority adjusted correctly' );
434 is( $hold_3->discard_changes->priority, 1, 'Priority adjusted correctly' );
436 $t->put_ok( "//$userid:$password@/api/v1/holds/"
438 . "/priority" => json => 3 )->status_is(200)->json_is(3);
440 is( $hold_1->discard_changes->priority, 1, 'Priority adjusted correctly' );
441 is( $hold_2->discard_changes->priority, 2, 'Priority adjusted correctly' );
442 is( $hold_3->discard_changes->priority, 3, 'Priority adjusted correctly' );
444 $schema->storage->txn_rollback;