3 # This file is part of Koha.
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
20 use Test::More tests => 5;
24 use t::lib::TestBuilder;
27 use Koha::Acquisition::Booksellers;
30 my $schema = Koha::Database->new->schema;
31 my $builder = t::lib::TestBuilder->new;
33 t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
35 my $t = Test::Mojo->new('Koha::REST::V1');
37 subtest 'list() and delete() tests | authorized user' => sub {
41 $schema->storage->txn_begin;
43 $schema->resultset('Aqbasket')->search->delete;
44 Koha::Acquisition::Booksellers->search->delete;
46 my $patron = $builder->build_object({
47 class => 'Koha::Patrons',
48 value => { flags => 2 ** 11 } ## 11 => acquisitions
50 my $password = 'thePassword123';
51 $patron->set_password({ password => $password, skip_validation => 1 });
52 my $userid = $patron->userid;
54 ## Authorized user tests
55 # No vendors, so empty array should be returned
56 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors" )
60 my $vendor_name = 'Ruben libros';
61 my $vendor = $builder->build_object({ class => 'Koha::Acquisition::Booksellers', value => { name => $vendor_name } });
63 # One vendor created, should get returned
64 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors" )
66 ->json_like( '/0/name' => qr/$vendor_name/ );
68 my $other_vendor_name = 'Amerindia';
70 = $builder->build_object({ class => 'Koha::Acquisition::Booksellers', value => { name => $other_vendor_name } });
72 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors" )
74 ->json_like( '/0/name' => qr/Ruben/ )
75 ->json_like( '/1/name' => qr/Amerindia/ );
77 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors?name=$vendor_name" )
79 ->json_like( '/0/name' => qr/Ruben/ );
81 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors?name=$other_vendor_name" )
83 ->json_like( '/0/name' => qr/Amerindia/ );
86 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors?accountnumber=" . $vendor->accountnumber )
88 ->json_like( '/0/name' => qr/Ruben/ );
90 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors?accountnumber=" . $other_vendor->accountnumber )
92 ->json_like( '/0/name' => qr/Amerindia/ );
94 $t->delete_ok( "//$userid:$password@/api/v1/acquisitions/vendors/" . $vendor->id )
95 ->status_is(204, 'SWAGGER3.2.4')
96 ->content_is('', 'SWAGGER3.3.4');
98 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors" )
100 ->json_like( '/0/name' => qr/$other_vendor_name/ )
101 ->json_hasnt( '/1', 'Only one vendor' );
103 $t->delete_ok( "//$userid:$password@/api/v1/acquisitions/vendors/" . $other_vendor->id )
104 ->status_is(204, 'SWAGGER3.2.4')
105 ->content_is('', 'SWAGGER3.3.4');
107 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors" )
111 $schema->storage->txn_rollback;
114 subtest 'get() test' => sub {
118 $schema->storage->txn_begin;
120 my $vendor = $builder->build_object({ class => 'Koha::Acquisition::Booksellers' });
121 my $nonexistent_vendor = $builder->build_object({ class => 'Koha::Acquisition::Booksellers' });
122 my $non_existent_id = $nonexistent_vendor->id;
123 $nonexistent_vendor->delete;
125 my $patron = $builder->build_object({
126 class => 'Koha::Patrons',
127 value => { flags => 2 ** 11 } ## 11 => acquisitions
129 my $password = 'thePassword123';
130 $patron->set_password({ password => $password, skip_validation => 1 });
131 my $userid = $patron->userid;
133 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors/" . $vendor->id )
135 ->json_is( $vendor->to_api );
137 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors/" . $non_existent_id )
139 ->json_is( '/error' => 'Vendor not found' );
142 $patron->set({ flags => 0 })->store;
144 $t->get_ok( "//$userid:$password@/api/v1/acquisitions/vendors/" . $vendor->id )
146 ->json_is( '/error', 'Authorization failure. Missing required permission(s).' );
148 $schema->storage->txn_rollback;
151 subtest 'add() tests' => sub {
155 $schema->storage->txn_begin;
157 my $authorized_patron = $builder->build_object({
158 class => 'Koha::Patrons',
159 value => { flags => 2 ** 11 }
161 my $password = 'thePassword123';
162 $authorized_patron->set_password({ password => $password, skip_validation => 1 });
163 my $auth_userid = $authorized_patron->userid;
165 my $unauthorized_patron = $builder->build_object({
166 class => 'Koha::Patrons',
167 value => { flags => 0 }
169 $unauthorized_patron->set_password({ password => $password, skip_validation => 1 });
170 my $unauth_userid = $unauthorized_patron->userid;
172 my $vendor = { name => 'Ruben libros' };
174 # Unauthorized attempt to write
175 $t->post_ok( "//$unauth_userid:$password@/api/v1/acquisitions/vendors" => json => $vendor )
178 # Authorized attempt to write invalid data
179 my $vendor_with_invalid_field = {
181 address5 => 'An address'
184 $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors" => json => $vendor_with_invalid_field )
188 { message => "Properties not allowed: address5.",
194 # Authorized attempt to write
195 $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors" => json => $vendor )
196 ->status_is( 201, 'SWAGGER3 .2.1' )
197 ->header_like( Location => qr|^\/api\/v1\/acquisitions\/vendors/\d*|, 'SWAGGER3.4.1')
198 ->json_is( '/name' => $vendor->{name} )
199 ->json_is( '/address1' => $vendor->{address1} );
201 # read the response vendor id for later use
202 my $vendor_id = $t->tx->res->json('/id');
204 # Authorized attempt to create with null id
205 $vendor->{id} = undef;
206 $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors" => json => $vendor )
208 ->json_has('/errors');
210 # Authorized attempt to create with existing id
211 $vendor->{id} = $vendor_id;
212 $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors" => json => $vendor )
216 { message => "Read-only.",
222 $schema->storage->txn_rollback;
225 subtest 'update() tests' => sub {
229 $schema->storage->txn_begin;
231 my $authorized_patron = $builder->build_object({
232 class => 'Koha::Patrons',
233 value => { flags => 2 ** 11 }
235 my $password = 'thePassword123';
236 $authorized_patron->set_password({ password => $password, skip_validation => 1 });
237 my $auth_userid = $authorized_patron->userid;
239 my $unauthorized_patron = $builder->build_object({
240 class => 'Koha::Patrons',
241 value => { flags => 0 }
243 $unauthorized_patron->set_password({ password => $password, skip_validation => 1 });
244 my $unauth_userid = $unauthorized_patron->userid;
246 my $vendor = $builder->build_object({ class => 'Koha::Acquisition::Booksellers' } );
248 # Unauthorized attempt to update
249 $t->put_ok( "//$unauth_userid:$password@/api/v1/acquisitions/vendors/"
250 . $vendor->id => json =>
251 { city_name => 'New unauthorized name change' } )
254 # Attempt partial update on a PUT
255 my $vendor_without_mandatory_field = { address1 => 'New address' };
257 $t->put_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors/"
258 . $vendor->id => json => $vendor_without_mandatory_field )
260 ->json_is( "/errors" => [ { message => "Missing property.", path => "/body/name" } ] );
262 # Full object update on PUT
263 my $vendor_with_updated_field = { name => "London books", };
265 $t->put_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors/"
266 . $vendor->id => json => $vendor_with_updated_field )
268 ->json_is( '/name' => 'London books' );
270 # Authorized attempt to write invalid data
271 my $vendor_with_invalid_field = {
273 address1 => "Address 1",
274 address2 => "Address 2",
275 address3 => "Address 3"
278 $t->put_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors/"
279 . $vendor->id => json => $vendor_with_invalid_field )
283 { message => "Properties not allowed: blah.",
289 my $nonexistent_vendor = $builder->build_object({ class => 'Koha::Acquisition::Booksellers' } );
290 my $non_existent_id = $nonexistent_vendor->id;
291 $nonexistent_vendor->delete;
293 $t->put_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors/"
294 . $non_existent_id => json => $vendor_with_updated_field )
297 $schema->storage->txn_rollback;
299 # Wrong method (POST)
300 $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors/"
301 . $vendor->id => json => $vendor_with_updated_field )
305 subtest 'delete() tests' => sub {
309 $schema->storage->txn_begin;
311 my $authorized_patron = $builder->build_object({
312 class => 'Koha::Patrons',
313 value => { flags => 2 ** 11 }
315 my $password = 'thePassword123';
316 $authorized_patron->set_password({ password => $password, skip_validation => 1 });
317 my $auth_userid = $authorized_patron->userid;
319 my $unauthorized_patron = $builder->build_object({
320 class => 'Koha::Patrons',
321 value => { flags => 0 }
323 $unauthorized_patron->set_password({ password => $password, skip_validation => 1 });
324 my $unauth_userid = $unauthorized_patron->userid;
326 my $vendor = $builder->build_object({ class => 'Koha::Acquisition::Booksellers' } );
328 # Unauthorized attempt to delete
329 $t->delete_ok( "//$unauth_userid:$password@/api/v1/acquisitions/vendors/" . $vendor->id )
332 $t->delete_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors/" . $vendor->id )
333 ->status_is(204, 'SWAGGER3.2.4')
334 ->content_is('', 'SWAGGER3.3.4');
336 $t->delete_ok( "//$auth_userid:$password@/api/v1/acquisitions/vendors/" . $vendor->id )
339 $schema->storage->txn_rollback;