3 # This file is part of Koha.
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
20 use Test::More tests => 5;
24 use t::lib::TestBuilder;
27 use Koha::Acquisition::Orders;
30 my $schema = Koha::Database->new->schema;
31 my $builder = t::lib::TestBuilder->new;
33 t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
35 my $t = Test::Mojo->new('Koha::REST::V1');
37 subtest 'list() tests' => sub {
40 $schema->storage->txn_begin;
42 my $patron = $builder->build_object({
43 class => 'Koha::Patrons',
44 value => { flags => 1 }
46 my $password = 'thePassword123';
47 $patron->set_password({ password => $password, skip_validation => 1 });
48 my $userid = $patron->userid;
50 my $basket = $builder->build_object({ class => 'Koha::Acquisition::Baskets' });
52 my $order = $builder->build_object(
54 class => 'Koha::Acquisition::Orders',
55 value => { basketno => $basket->basketno, orderstatus => 'new' }
58 my $another_order = $order->unblessed; # create a copy of $order but make
59 delete $another_order->{ordernumber}; # sure ordernumber will be regenerated
60 $another_order = $builder->build_object({ class => 'Koha::Acquisition::Orders', value => $another_order });
62 ## Authorized user tests
63 my $count_of_orders = Koha::Acquisition::Orders->search->count;
64 # Make sure we are returned with the correct amount of orders
65 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders" )
66 ->status_is( 200, 'SWAGGER3.2.2' )
67 ->json_has('/'.($count_of_orders-1).'/order_id')
68 ->json_hasnt('/'.($count_of_orders).'/order_id');
70 subtest 'query parameters' => sub {
73 biblio_id => 'biblionumber',
74 basket_id => 'basketno',
75 fund_id => 'budget_id',
78 my $size = keys %{$fields};
80 plan tests => $size * (2 + 2 * $size);
82 foreach my $field ( keys %{$fields} ) {
83 my $model_field = $fields->{ $field };
84 my $result = $t->get_ok("//$userid:$password@/api/v1/acquisitions/orders?$field=" . $order->$model_field)
87 foreach my $key ( keys %{$fields} ) {
88 my $key_field = $fields->{ $key };
89 # Check the result order first since it's not predefined.
90 if ($result->tx->res->json->[0]->{$key} eq $order->$key_field) {
91 $result->json_is( "/0/$key", $order->$key_field );
92 $result->json_is( "/1/$key", $another_order->$key_field );
94 $result->json_is( "/0/$key", $another_order->$key_field );
95 $result->json_is( "/1/$key", $order->$key_field );
101 # Warn on unsupported query parameter
102 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders?order_blah=blah" )
104 ->json_is( [{ path => '/query/order_blah', message => 'Malformed query string'}] );
106 $schema->storage->txn_rollback;
109 subtest 'get() tests' => sub {
113 $schema->storage->txn_begin;
115 my $order = $builder->build_object(
117 class => 'Koha::Acquisition::Orders',
118 value => { orderstatus => 'new' }
121 my $patron = $builder->build_object({
122 class => 'Koha::Patrons',
123 value => { flags => 2048 }
125 my $password = 'thePassword123';
126 $patron->set_password({ password => $password, skip_validation => 1 });
127 my $userid = $patron->userid;
129 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
130 ->status_is( 200, 'SWAGGER3.2.2' )
131 ->json_is( '' => $order->to_api, 'SWAGGER3.3.2' );
133 my $non_existent_order_id = $order->ordernumber;
136 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders/" . $non_existent_order_id )
138 ->json_is( '/error' => 'Order not found' );
140 # Regression tests for bug 25513
141 # Pick a high value that could be transformed into exponential
142 # representation and not considered a number by buggy DBD::mysql versions
143 $order = $builder->build_object(
145 class => 'Koha::Acquisition::Orders',
147 orderstatus => 'new',
148 ecost_tax_excluded => 9963405519357589504,
149 unitprice => 10177559957753600000
154 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
155 ->json_is( '' => $order->to_api, 'Number representation should be consistent' );
157 $schema->storage->txn_rollback;
160 subtest 'add() tests' => sub {
164 $schema->storage->txn_begin;
166 my $authorized_patron = $builder->build_object({
167 class => 'Koha::Patrons',
168 value => { flags => 1 }
170 my $password = 'thePassword123';
171 $authorized_patron->set_password({ password => $password, skip_validation => 1 });
172 my $auth_userid = $authorized_patron->userid;
174 my $unauthorized_patron = $builder->build_object({
175 class => 'Koha::Patrons',
176 value => { flags => 4 }
178 $unauthorized_patron->set_password({ password => $password, skip_validation => 1 });
179 my $unauth_userid = $unauthorized_patron->userid;
181 my $order_obj = $builder->build_object(
183 class => 'Koha::Acquisition::Orders',
185 orderstatus => 'new',
187 replacementprice => 10,
189 quantityreceived => 0,
190 datecancellationprinted => undef,
191 order_internalnote => 'This is a dummy note for testing'
195 my $order = $order_obj->to_api;
197 delete $order->{ordernumber};
198 $order->{uncertain_price} = Mojo::JSON->false;
200 # Unauthorized attempt to write
201 $t->post_ok( "//$unauth_userid:$password@/api/v1/acquisitions/orders" => json => $order )
204 # Authorized attempt to write invalid data
205 my $order_with_invalid_field = { %$order };
206 $order_with_invalid_field->{'orderinvalid'} = 'Order invalid';
208 $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders" => json => $order_with_invalid_field )
213 message => "Properties not allowed: orderinvalid.",
219 # Authorized attempt to write
220 $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders" => json => $order )
221 ->status_is( 201, 'SWAGGER3.2.1' )
222 ->json_is( '/internal_note' => $order->{internal_note}, 'SWAGGER3.3.1' )
223 ->header_like( Location => qr/\/api\/v1\/acquisitions\/orders\/\d*/, 'SWAGGER3.4.1' );
226 my $order_id = $order->{order_id};
227 # Authorized attempt to create with null id
228 $order->{order_id} = undef;
230 $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders" => json => $order )
232 ->json_has('/errors');
234 # Authorized attempt to create with existing id
235 $order->{order_id} = $order_id;
238 $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders" => json => $order )
240 ->json_has( '/error' => "Fails when trying to add an existing order_id")
241 ->json_like( '/conflict' => qr/(aqorders\.)?PRIMARY/ ); }
242 qr/DBD::mysql::st execute failed: Duplicate entry '(.*)' for key '(aqorders\.)?PRIMARY'/;
244 $schema->storage->txn_rollback;
247 subtest 'update() tests' => sub {
250 $schema->storage->txn_begin;
252 my $authorized_patron = $builder->build_object({
253 class => 'Koha::Patrons',
254 value => { flags => 1 }
256 my $password = 'thePassword123';
257 $authorized_patron->set_password({ password => $password, skip_validation => 1 });
258 my $auth_userid = $authorized_patron->userid;
260 my $unauthorized_patron = $builder->build_object({
261 class => 'Koha::Patrons',
262 value => { flags => 4 }
264 $unauthorized_patron->set_password({ password => $password, skip_validation => 1 });
265 my $unauth_userid = $unauthorized_patron->userid;
267 my $library = $builder->build_object({ class => 'Koha::Libraries' });
268 my $library_id = $library->branchcode;
270 # Unauthorized attempt to update
271 $t->put_ok( "//$unauth_userid:$password@/api/v1/libraries/$library_id"
272 => json => { name => 'New unauthorized name change' } )
275 # Attempt partial update on a PUT
276 my $library_with_missing_field = {
277 address1 => "New library address",
280 my $result = $t->put_ok( "//$auth_userid:$password@/api/v1/libraries/$library_id" => json => $library_with_missing_field )
282 # Check the result order first since it's not predefined.
283 if ($result->tx->res->json->{errors}->[0]->{path} eq '/body/name') {
287 {message => "Missing property.", path => "/body/name"},
288 {message => "Missing property.", path => "/body/library_id"}
295 {message => "Missing property.", path => "/body/library_id"},
296 {message => "Missing property.", path => "/body/name"}
301 my $deleted_library = $builder->build_object( { class => 'Koha::Libraries' } );
302 my $library_with_updated_field = $deleted_library->to_api;
303 $library_with_updated_field->{library_id} = $library_id;
304 $deleted_library->delete;
306 $t->put_ok( "//$auth_userid:$password@/api/v1/libraries/$library_id" => json => $library_with_updated_field )
307 ->status_is(200, 'SWAGGER3.2.1')
308 ->json_is( '' => $library_with_updated_field, 'SWAGGER3.3.3' );
310 # Authorized attempt to write invalid data
311 my $library_with_invalid_field = { %$library_with_updated_field };
312 $library_with_invalid_field->{'branchinvalid'} = 'Library invalid';
314 $t->put_ok( "//$auth_userid:$password@/api/v1/libraries/$library_id" => json => $library_with_invalid_field )
319 message => "Properties not allowed: branchinvalid.",
325 my $non_existent_code = 'nope'.int(rand(10000));
326 $t->put_ok("//$auth_userid:$password@/api/v1/libraries/$non_existent_code" => json => $library_with_updated_field)
329 $schema->storage->txn_rollback;
332 subtest 'delete() tests' => sub {
335 $schema->storage->txn_begin;
337 my $authorized_patron = $builder->build_object({
338 class => 'Koha::Patrons',
339 value => { flags => 1 }
341 my $password = 'thePassword123';
342 $authorized_patron->set_password({ password => $password, skip_validation => 1 });
343 my $auth_userid = $authorized_patron->userid;
345 my $unauthorized_patron = $builder->build_object({
346 class => 'Koha::Patrons',
347 value => { flags => 4 }
349 $unauthorized_patron->set_password({ password => $password, skip_validation => 1 });
350 my $unauth_userid = $unauthorized_patron->userid;
352 my $order = $builder->build_object( { class => 'Koha::Acquisition::Orders' } );
354 # Unauthorized attempt to delete
355 $t->delete_ok( "//$unauth_userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
358 $t->delete_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
359 ->status_is(204, 'SWAGGER3.2.4')
360 ->content_is('', 'SWAGGER3.3.4');
362 $t->delete_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
365 $schema->storage->txn_rollback;