projects / koha.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Bug 25048: Regression tests
[koha.git] / t / db_dependent / api / v1 / holds.t
1 #!/usr/bin/env perl
2
3 # This file is part of Koha.
4 #
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
9 #
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
17
18 use Modern::Perl;
19
20 use Test::More tests => 8;
21 use Test::Mojo;
22 use t::lib::TestBuilder;
23 use t::lib::Mocks;
24
25 use DateTime;
26
27 use C4::Context;
28 use Koha::Patrons;
29 use C4::Reserves;
30 use C4::Items;
31
32 use Koha::Database;
33 use Koha::DateUtils;
34 use Koha::Biblios;
35 use Koha::Biblioitems;
36 use Koha::Items;
37 use Koha::CirculationRules;
38
39 my $schema  = Koha::Database->new->schema;
40 my $builder = t::lib::TestBuilder->new();
41
42 $schema->storage->txn_begin;
43
44 t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
45
46 my $t = Test::Mojo->new('Koha::REST::V1');
47
48 my $categorycode = $builder->build({ source => 'Category' })->{categorycode};
49 my $branchcode = $builder->build({ source => 'Branch' })->{branchcode};
50 my $branchcode2 = $builder->build({ source => 'Branch' })->{branchcode};
51 my $itemtype = $builder->build({ source => 'Itemtype' })->{itemtype};
52
53 # Generic password for everyone
54 my $password = 'thePassword123';
55
56 # User without any permissions
57 my $nopermission = $builder->build_object({
58     class => 'Koha::Patrons',
59     value => {
60         branchcode   => $branchcode,
61         categorycode => $categorycode,
62         flags        => 0
63     }
64 });
65 $nopermission->set_password( { password => $password, skip_validation => 1 } );
66 my $nopermission_userid = $nopermission->userid;
67
68 my $patron_1 = $builder->build_object(
69     {
70         class => 'Koha::Patrons',
71         value => {
72             categorycode => $categorycode,
73             branchcode   => $branchcode,
74             surname      => 'Test Surname',
75             flags        => 80, #borrowers and reserveforothers flags
76         }
77     }
78 );
79 $patron_1->set_password( { password => $password, skip_validation => 1 } );
80 my $userid_1 = $patron_1->userid;
81
82 my $patron_2 = $builder->build_object(
83     {
84         class => 'Koha::Patrons',
85         value => {
86             categorycode => $categorycode,
87             branchcode   => $branchcode,
88             surname      => 'Test Surname 2',
89             flags        => 16, # borrowers flag
90         }
91     }
92 );
93 $patron_2->set_password( { password => $password, skip_validation => 1 } );
94 my $userid_2 = $patron_2->userid;
95
96 my $patron_3 = $builder->build_object(
97     {
98         class => 'Koha::Patrons',
99         value => {
100             categorycode => $categorycode,
101             branchcode   => $branchcode,
102             surname      => 'Test Surname 3',
103             flags        => 64, # reserveforothers flag
104         }
105     }
106 );
107 $patron_3->set_password( { password => $password, skip_validation => 1 } );
108 my $userid_3 = $patron_3->userid;
109
110 my $biblio_1 = $builder->build_sample_biblio;
111 my $item_1   = $builder->build_sample_item({ biblionumber => $biblio_1->biblionumber, itype => $itemtype });
112
113 my $biblio_2 = $builder->build_sample_biblio;
114 my $item_2   = $builder->build_sample_item({ biblionumber => $biblio_2->biblionumber, itype => $itemtype });
115
116 my $dbh = C4::Context->dbh;
117 $dbh->do('DELETE FROM reserves');
118 Koha::CirculationRules->search()->delete();
119 Koha::CirculationRules->set_rules(
120     {
121         categorycode => undef,
122         branchcode   => undef,
123         itemtype     => undef,
124         rules        => {
125             reservesallowed => 1,
126             holds_per_record => 99
127         }
128     }
129 );
130
131 my $reserve_id = C4::Reserves::AddReserve(
132     {
133         branchcode     => $branchcode,
134         borrowernumber => $patron_1->borrowernumber,
135         biblionumber   => $biblio_1->biblionumber,
136         priority       => 1,
137         itemnumber     => $item_1->itemnumber,
138     }
139 );
140
141 # Add another reserve to be able to change first reserve's rank
142 my $reserve_id2 = C4::Reserves::AddReserve(
143     {
144         branchcode     => $branchcode,
145         borrowernumber => $patron_2->borrowernumber,
146         biblionumber   => $biblio_1->biblionumber,
147         priority       => 2,
148         itemnumber     => $item_1->itemnumber,
149     }
150 );
151
152 my $suspended_until = DateTime->now->add(days => 10)->truncate( to => 'day' );
153 my $expiration_date = DateTime->now->add(days => 10)->truncate( to => 'day' );
154
155 my $post_data = {
156     patron_id => int($patron_1->borrowernumber),
157     biblio_id => int($biblio_1->biblionumber),
158     item_id => int($item_1->itemnumber),
159     pickup_library_id => $branchcode,
160     expiration_date => output_pref({ dt => $expiration_date, dateformat => 'rfc3339', dateonly => 1 }),
161     priority => 2,
162 };
163 my $put_data = {
164     priority => 2,
165     suspended_until => output_pref({ dt => $suspended_until, dateformat => 'rfc3339' }),
166 };
167
168 subtest "Test endpoints without authentication" => sub {
169     plan tests => 8;
170     $t->get_ok('/api/v1/holds')
171       ->status_is(401);
172     $t->post_ok('/api/v1/holds')
173       ->status_is(401);
174     $t->put_ok('/api/v1/holds/0')
175       ->status_is(401);
176     $t->delete_ok('/api/v1/holds/0')
177       ->status_is(401);
178 };
179
180 subtest "Test endpoints without permission" => sub {
181
182     plan tests => 10;
183
184     $t->get_ok( "//$nopermission_userid:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber ) # no permission
185       ->status_is(403);
186
187     $t->get_ok( "//$userid_3:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber )    # no permission
188       ->status_is(403);
189
190     $t->post_ok( "//$nopermission_userid:$password@/api/v1/holds" => json => $post_data )
191       ->status_is(403);
192
193     $t->put_ok( "//$nopermission_userid:$password@/api/v1/holds/0" => json => $put_data )
194       ->status_is(403);
195
196     $t->delete_ok( "//$nopermission_userid:$password@/api/v1/holds/0" )
197       ->status_is(403);
198 };
199
200 subtest "Test endpoints with permission" => sub {
201
202     plan tests => 59;
203
204     $t->get_ok( "//$userid_1:$password@/api/v1/holds" )
205       ->status_is(200)
206       ->json_has('/0')
207       ->json_has('/1')
208       ->json_hasnt('/2');
209
210     $t->get_ok( "//$userid_1:$password@/api/v1/holds?priority=2" )
211       ->status_is(200)
212       ->json_is('/0/patron_id', $patron_2->borrowernumber)
213       ->json_hasnt('/1');
214
215     # While suspended_until is date-time, it's always set to midnight.
216     my $expected_suspended_until = $suspended_until->strftime('%FT00:00:00%z');
217     substr($expected_suspended_until, -2, 0, ':');
218
219     $t->put_ok( "//$userid_1:$password@/api/v1/holds/$reserve_id" => json => $put_data )
220       ->status_is(200)
221       ->json_is( '/hold_id', $reserve_id )
222       ->json_is( '/suspended_until', $expected_suspended_until )
223       ->json_is( '/priority', 2 )
224       ->json_is( '/pickup_library_id', $branchcode );
225
226     # Change only pickup library, everything else should remain
227     $t->put_ok( "//$userid_1:$password@/api/v1/holds/$reserve_id" => json => { pickup_library_id => $branchcode2 } )
228       ->status_is(200)
229       ->json_is( '/hold_id', $reserve_id )
230       ->json_is( '/suspended_until', $expected_suspended_until )
231       ->json_is( '/priority', 2 )
232       ->json_is( '/pickup_library_id', $branchcode2 );
233
234     # Reset suspended_until, everything else should remain
235     $t->put_ok( "//$userid_1:$password@/api/v1/holds/$reserve_id" => json => { suspended_until => undef } )
236       ->status_is(200)
237       ->json_is( '/hold_id', $reserve_id )
238       ->json_is( '/suspended_until', undef )
239       ->json_is( '/priority', 2 )
240       ->json_is( '/pickup_library_id', $branchcode2 );
241
242     $t->delete_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id" )
243       ->status_is(204, 'SWAGGER3.2.4')
244       ->content_is('', 'SWAGGER3.3.4');
245
246     $t->put_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id" => json => $put_data )
247       ->status_is(404)
248       ->json_has('/error');
249
250     $t->delete_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id" )
251       ->status_is(404)
252       ->json_has('/error');
253
254     $t->get_ok( "//$userid_2:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber )
255       ->status_is(200)
256       ->json_is([]);
257
258     my $inexisting_borrowernumber = $patron_2->borrowernumber * 2;
259     $t->get_ok( "//$userid_1:$password@/api/v1/holds?patron_id=$inexisting_borrowernumber")
260       ->status_is(200)
261       ->json_is([]);
262
263     $t->delete_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id2" )
264       ->status_is(204, 'SWAGGER3.2.4')
265       ->content_is('', 'SWAGGER3.3.4');
266
267     $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
268       ->status_is(201)
269       ->json_has('/hold_id');
270     # Get id from response
271     $reserve_id = $t->tx->res->json->{hold_id};
272
273     $t->get_ok( "//$userid_1:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber )
274       ->status_is(200)
275       ->json_is('/0/hold_id', $reserve_id)
276       ->json_is('/0/expiration_date', output_pref({ dt => $expiration_date, dateformat => 'rfc3339', dateonly => 1 }))
277       ->json_is('/0/pickup_library_id', $branchcode);
278
279     $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
280       ->status_is(403)
281       ->json_like('/error', qr/itemAlreadyOnHold/);
282
283     $post_data->{biblionumber} = int($biblio_2->biblionumber);
284     $post_data->{itemnumber}   = int($item_2->itemnumber);
285
286     $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
287       ->status_is(403)
288       ->json_like('/error', qr/itemAlreadyOnHold/);
289 };
290
291 subtest 'Reserves with itemtype' => sub {
292     plan tests => 10;
293
294     my $post_data = {
295         patron_id => int($patron_1->borrowernumber),
296         biblio_id => int($biblio_1->biblionumber),
297         pickup_library_id => $branchcode,
298         item_type => $itemtype,
299     };
300
301     $t->delete_ok( "//$userid_3:$password@/api/v1/holds/$reserve_id" )
302       ->status_is(204, 'SWAGGER3.2.4')
303       ->content_is('', 'SWAGGER3.3.4');
304
305     $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
306       ->status_is(201)
307       ->json_has('/hold_id');
308
309     $reserve_id = $t->tx->res->json->{hold_id};
310
311     $t->get_ok( "//$userid_1:$password@/api/v1/holds?patron_id=" . $patron_1->borrowernumber )
312       ->status_is(200)
313       ->json_is('/0/hold_id', $reserve_id)
314       ->json_is('/0/item_type', $itemtype);
315 };
316
317
318 subtest 'test AllowHoldDateInFuture' => sub {
319
320     plan tests => 6;
321
322     $dbh->do('DELETE FROM reserves');
323
324     my $future_hold_date = DateTime->now->add(days => 10)->truncate( to => 'day' );
325
326     my $post_data = {
327         patron_id => int($patron_1->borrowernumber),
328         biblio_id => int($biblio_1->biblionumber),
329         item_id => int($item_1->itemnumber),
330         pickup_library_id => $branchcode,
331         expiration_date => output_pref({ dt => $expiration_date, dateformat => 'rfc3339', dateonly => 1 }),
332         hold_date => output_pref({ dt => $future_hold_date, dateformat => 'rfc3339', dateonly => 1 }),
333         priority => 2,
334     };
335
336     t::lib::Mocks::mock_preference( 'AllowHoldDateInFuture', 0 );
337
338     $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
339       ->status_is(400)
340       ->json_has('/error');
341
342     t::lib::Mocks::mock_preference( 'AllowHoldDateInFuture', 1 );
343
344     $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
345       ->status_is(201)
346       ->json_is('/hold_date', output_pref({ dt => $future_hold_date, dateformat => 'rfc3339', dateonly => 1 }));
347 };
348
349 subtest 'test AllowHoldPolicyOverride' => sub {
350
351     plan tests => 5;
352
353     $dbh->do('DELETE FROM reserves');
354
355     Koha::CirculationRules->set_rules(
356         {
357             itemtype     => undef,
358             branchcode   => undef,
359             rules        => {
360                 holdallowed              => 1
361             }
362         }
363     );
364
365     t::lib::Mocks::mock_preference( 'AllowHoldPolicyOverride', 0 );
366
367     $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
368       ->status_is(403)
369       ->json_has('/error');
370
371     t::lib::Mocks::mock_preference( 'AllowHoldPolicyOverride', 1 );
372
373     $t->post_ok( "//$userid_3:$password@/api/v1/holds" => json => $post_data )
374       ->status_is(201);
375 };
376
377 $schema->storage->txn_rollback;
378
379 subtest 'suspend and resume tests' => sub {
380
381     plan tests => 24;
382
383     $schema->storage->txn_begin;
384
385     my $password = 'AbcdEFG123';
386
387     my $patron = $builder->build_object(
388         { class => 'Koha::Patrons', value => { userid => 'tomasito', flags => 1 } } );
389     $patron->set_password({ password => $password, skip_validation => 1 });
390     my $userid = $patron->userid;
391
392     # Disable logging
393     t::lib::Mocks::mock_preference( 'HoldsLog',      0 );
394     t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
395
396     my $hold = $builder->build_object(
397         {   class => 'Koha::Holds',
398             value => { suspend => 0, suspend_until => undef, waitingdate => undef, found => undef }
399         }
400     );
401
402     ok( !$hold->is_suspended, 'Hold is not suspended' );
403     $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
404         ->status_is( 201, 'Hold suspension created' );
405
406     $hold->discard_changes;    # refresh object
407
408     ok( $hold->is_suspended, 'Hold is suspended' );
409     $t->json_is('/end_date', undef, 'Hold suspension has no end date');
410
411     my $end_date = output_pref({
412       dt         => dt_from_string( undef ),
413       dateformat => 'rfc3339',
414       dateonly   => 1
415     });
416
417     $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" => json => { end_date => $end_date } );
418
419     $hold->discard_changes;    # refresh object
420
421     ok( $hold->is_suspended, 'Hold is suspended' );
422     $t->json_is(
423       '/end_date',
424       output_pref({
425         dt         => dt_from_string( $hold->suspend_until ),
426         dateformat => 'rfc3339',
427         dateonly   => 1
428       }),
429       'Hold suspension has correct end date'
430     );
431
432     $t->delete_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
433       ->status_is(204, 'SWAGGER3.2.4')
434       ->content_is('', 'SWAGGER3.3.4');
435
436     # Pass a an expiration date for the suspension
437     my $date = dt_from_string()->add( days => 5 );
438     $t->post_ok(
439               "//$userid:$password@/api/v1/holds/"
440             . $hold->id
441             . "/suspension" => json => {
442             end_date =>
443                 output_pref( { dt => $date, dateformat => 'rfc3339', dateonly => 1 } )
444             }
445     )->status_is( 201, 'Hold suspension created' )
446         ->json_is( '/end_date',
447         output_pref( { dt => $date, dateformat => 'rfc3339', dateonly => 1 } ) )
448         ->header_is( Location => "/api/v1/holds/" . $hold->id . "/suspension", 'The Location header is set' );
449
450     $t->delete_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
451       ->status_is(204, 'SWAGGER3.2.4')
452       ->content_is('', 'SWAGGER3.3.4');
453
454     $hold->set_waiting->discard_changes;
455
456     $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
457       ->status_is( 400, 'Cannot suspend waiting hold' )
458       ->json_is( '/error', 'Found hold cannot be suspended. Status=W' );
459
460     $hold->set_waiting(1)->discard_changes;
461
462     $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
463       ->status_is( 400, 'Cannot suspend waiting hold' )
464       ->json_is( '/error', 'Found hold cannot be suspended. Status=T' );
465
466     $schema->storage->txn_rollback;
467 };
468
469 subtest 'PUT /holds/{hold_id}/priority tests' => sub {
470
471     plan tests => 14;
472
473     $schema->storage->txn_begin;
474
475     my $password = 'AbcdEFG123';
476
477     my $library  = $builder->build_object({ class => 'Koha::Libraries' });
478     my $patron_np = $builder->build_object(
479         { class => 'Koha::Patrons', value => { flags => 0 } } );
480     $patron_np->set_password( { password => $password, skip_validation => 1 } );
481     my $userid_np = $patron_np->userid;
482
483     my $patron = $builder->build_object(
484         { class => 'Koha::Patrons', value => { flags => 0 } } );
485     $patron->set_password( { password => $password, skip_validation => 1 } );
486     my $userid = $patron->userid;
487     $builder->build(
488         {
489             source => 'UserPermission',
490             value  => {
491                 borrowernumber => $patron->borrowernumber,
492                 module_bit     => 6,
493                 code           => 'modify_holds_priority',
494             },
495         }
496     );
497
498     # Disable logging
499     t::lib::Mocks::mock_preference( 'HoldsLog',      0 );
500     t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
501
502     my $biblio   = $builder->build_sample_biblio;
503     my $patron_1 = $builder->build_object(
504         {
505             class => 'Koha::Patrons',
506             value => { branchcode => $library->branchcode }
507         }
508     );
509     my $patron_2 = $builder->build_object(
510         {
511             class => 'Koha::Patrons',
512             value => { branchcode => $library->branchcode }
513         }
514     );
515     my $patron_3 = $builder->build_object(
516         {
517             class => 'Koha::Patrons',
518             value => { branchcode => $library->branchcode }
519         }
520     );
521
522     my $hold_1 = Koha::Holds->find(
523         AddReserve(
524             {
525                 branchcode     => $library->branchcode,
526                 borrowernumber => $patron_1->borrowernumber,
527                 biblionumber   => $biblio->biblionumber,
528                 priority       => 1,
529             }
530         )
531     );
532     my $hold_2 = Koha::Holds->find(
533         AddReserve(
534             {
535                 branchcode     => $library->branchcode,
536                 borrowernumber => $patron_2->borrowernumber,
537                 biblionumber   => $biblio->biblionumber,
538                 priority       => 2,
539             }
540         )
541     );
542     my $hold_3 = Koha::Holds->find(
543         AddReserve(
544             {
545                 branchcode     => $library->branchcode,
546                 borrowernumber => $patron_3->borrowernumber,
547                 biblionumber   => $biblio->biblionumber,
548                 priority       => 3,
549             }
550         )
551     );
552
553     $t->put_ok( "//$userid_np:$password@/api/v1/holds/"
554           . $hold_3->id
555           . "/priority" => json => 1 )->status_is(403);
556
557     $t->put_ok( "//$userid:$password@/api/v1/holds/"
558           . $hold_3->id
559           . "/priority" => json => 1 )->status_is(200)->json_is(1);
560
561     is( $hold_1->discard_changes->priority, 2, 'Priority adjusted correctly' );
562     is( $hold_2->discard_changes->priority, 3, 'Priority adjusted correctly' );
563     is( $hold_3->discard_changes->priority, 1, 'Priority adjusted correctly' );
564
565     $t->put_ok( "//$userid:$password@/api/v1/holds/"
566           . $hold_3->id
567           . "/priority" => json => 3 )->status_is(200)->json_is(3);
568
569     is( $hold_1->discard_changes->priority, 1, 'Priority adjusted correctly' );
570     is( $hold_2->discard_changes->priority, 2, 'Priority adjusted correctly' );
571     is( $hold_3->discard_changes->priority, 3, 'Priority adjusted correctly' );
572
573     $schema->storage->txn_rollback;
574 };
Main Koha release repository