From 240b52170be0551830d0d1c77967f271d5ae553e Mon Sep 17 00:00:00 2001 From: Nick Clemens Date: Wed, 22 Apr 2020 21:13:34 +0000 Subject: [PATCH] Bug 17268: Update patchs per RFC https://wiki.koha-community.org/wiki/Advanced_editor_macros_endpoint_RFC Signed-off-by: Katrin Fischer Signed-off-by: Martin Renvoize --- Koha/REST/V1/AdvancedEditorMacro.pm | 6 +- api/v1/swagger/paths.json | 16 ++-- .../swagger/paths/advancededitormacros.json | 8 +- .../prog/en/includes/cateditor-ui.inc | 12 +-- .../api/v1/advanced_editor_macros.t | 86 +++++++++---------- 5 files changed, 64 insertions(+), 64 deletions(-) diff --git a/Koha/REST/V1/AdvancedEditorMacro.pm b/Koha/REST/V1/AdvancedEditorMacro.pm index 86706b7b11..92077713cc 100644 --- a/Koha/REST/V1/AdvancedEditorMacro.pm +++ b/Koha/REST/V1/AdvancedEditorMacro.pm @@ -72,7 +72,7 @@ sub get { } if( $macro->shared ){ return $c->render( status => 403, openapi => { - error => "This macro is shared, you must access it via advancededitormacros/shared" + error => "This macro is shared, you must access it via advanced_editor/macros/shared" }); } warn $macro->borrowernumber; @@ -104,7 +104,7 @@ sub get_shared { } unless( $macro->shared ){ return $c->render( status => 403, openapi => { - error => "This macro is not shared, you must access it via advancededitormacros" + error => "This macro is not shared, you must access it via advanced_editor/macros" }); } return $c->render( status => 200, openapi => $macro->to_api ); @@ -180,7 +180,7 @@ sub update { if( $macro->shared == 1 || defined $c->validation->param('body')->{shared} && $c->validation->param('body')->{shared} == 1 ){ return $c->render( status => 403, - openapi => { error => "To update a macro as shared you must use the advancededitormacros/shared endpoint" } ); + openapi => { error => "To update a macro as shared you must use the advanced_editor/macros/shared endpoint" } ); } else { unless ( $macro->borrowernumber == $patron->borrowernumber ){ return $c->render( status => 403, diff --git a/api/v1/swagger/paths.json b/api/v1/swagger/paths.json index 8e0af9bed8..8f1af595ce 100644 --- a/api/v1/swagger/paths.json +++ b/api/v1/swagger/paths.json @@ -68,17 +68,17 @@ "/checkouts/{checkout_id}/allows_renewal": { "$ref": "paths/checkouts.json#/~1checkouts~1{checkout_id}~1allows_renewal" }, - "/advancededitormacros": { - "$ref": "paths/advancededitormacros.json#/~1advancededitormacros" + "/advanced_editor/macros": { + "$ref": "paths/advancededitormacros.json#/~1advanced_editor~1macros" }, - "/advancededitormacros/{advancededitormacro_id}": { - "$ref": "paths/advancededitormacros.json#/~1advancededitormacros~1{advancededitormacro_id}" + "/advanced_editor/macros/{advancededitormacro_id}": { + "$ref": "paths/advancededitormacros.json#/~1advanced_editor~1macros~1{advancededitormacro_id}" }, - "/advancededitormacros/shared": { - "$ref": "paths/advancededitormacros.json#/~1advancededitormacros~1shared" + "/advanced_editor/macros/shared": { + "$ref": "paths/advancededitormacros.json#/~1advanced_editor~1macros~1shared" }, - "/advancededitormacros/shared/{advancededitormacro_id}": { - "$ref": "paths/advancededitormacros.json#/~1advancededitormacros~1shared~1{advancededitormacro_id}" + "/advanced_editor/macros/shared/{advancededitormacro_id}": { + "$ref": "paths/advancededitormacros.json#/~1advanced_editor~1macros~1shared~1{advancededitormacro_id}" }, "/patrons": { "$ref": "paths/patrons.json#/~1patrons" diff --git a/api/v1/swagger/paths/advancededitormacros.json b/api/v1/swagger/paths/advancededitormacros.json index 7c7eb93aaa..120d14d64b 100644 --- a/api/v1/swagger/paths/advancededitormacros.json +++ b/api/v1/swagger/paths/advancededitormacros.json @@ -1,5 +1,5 @@ { - "/advancededitormacros": { + "/advanced_editor/macros": { "get": { "x-mojo-to": "AdvancedEditorMacro#list", "operationId": "listMacro", @@ -127,7 +127,7 @@ } } }, - "/advancededitormacros/shared": { + "/advanced_editor/macros/shared": { "post": { "x-mojo-to": "AdvancedEditorMacro#add_shared", "operationId": "addsharedAdvancedEditorMacro", @@ -184,7 +184,7 @@ } } }, - "/advancededitormacros/{advancededitormacro_id}": { + "/advanced_editor/macros/{advancededitormacro_id}": { "get": { "x-mojo-to": "AdvancedEditorMacro#get", "operationId": "getAdvancedEditorMacro", @@ -350,7 +350,7 @@ } } }, - "/advancededitormacros/shared/{advancededitormacro_id}": { + "/advanced_editor/macros/shared/{advancededitormacro_id}": { "get": { "x-mojo-to": "AdvancedEditorMacro#get_shared", "operationId": "getsharedAdvancedEditorMacro", diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/cateditor-ui.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/cateditor-ui.inc index 08ad36a44e..f8c2d3e2d8 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/cateditor-ui.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/cateditor-ui.inc @@ -702,7 +702,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr var shared = macroEditor.activeMacroShared; var id = macroEditor.activeMacroId; macroEditor.activeMacroId = null; - api_url = "/api/v1/advancededitormacros/"; + api_url = "/api/v1/advanced_editor/macros/"; if( shared ) { api_url += "shared/" } let options = { url: api_url + id, @@ -741,7 +741,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr return; } $( '#macro-list li[data-name="' + name + '"][data-id="' + id + '"]' ).addClass( 'active' ); - api_url = "/api/v1/advancededitormacros/"; + api_url = "/api/v1/advanced_editor/macros/"; if( shared ) { api_url += "shared/" } let options = { url: api_url + id, @@ -792,7 +792,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr } ); $.each( macro_list, function( index, macro ) { let options = { - url: "/api/v1/advancededitormacros/", + url: "/api/v1/advanced_editor/macros/", method: "POST", contentType: "application/json", data: JSON.stringify({ @@ -838,7 +838,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr $("#macro-toolbar").prepend($convert); } let options = { - url: "/api/v1/advancededitormacros/", + url: "/api/v1/advanced_editor/macros/", method: "GET", contentType: "application/json", }; @@ -866,7 +866,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr // if ( !Preferences.user.macros[name] ) storeMacro( name, { format: "rancor", contents: "" } ); let options = { - url: "/api/v1/advancededitormacros/", + url: "/api/v1/advanced_editor/macros/", method: "POST", contentType: "application/json", data: JSON.stringify({ @@ -903,7 +903,7 @@ require( [ 'koha-backend', 'search', 'macros', 'marc-editor', 'marc-record', 'pr if ( !name || macroEditor.savedGeneration == macroEditor.changeGeneration() && was_shared == shared ) return; macroEditor.savedGeneration = macroEditor.changeGeneration(); - api_url = "/api/v1/advancededitormacros/"; + api_url = "/api/v1/advanced_editor/macros/"; if( shared || was_shared ) { api_url += "shared/" } let options = { diff --git a/t/db_dependent/api/v1/advanced_editor_macros.t b/t/db_dependent/api/v1/advanced_editor_macros.t index 9df48fdb36..f9a9140d49 100644 --- a/t/db_dependent/api/v1/advanced_editor_macros.t +++ b/t/db_dependent/api/v1/advanced_editor_macros.t @@ -85,7 +85,7 @@ subtest 'list() tests' => sub { my $macros_index = Koha::AdvancedEditorMacros->search({ -or => { shared => 1, borrowernumber => $patron_1->borrowernumber } })->count-1; ## Authorized user tests # Make sure we are returned with the correct amount of macros - $t->get_ok( "//$userid:$password@/api/v1/advancededitormacros" ) + $t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros" ) ->status_is( 200, 'SWAGGER3.2.2' ) ->json_has('/' . $macros_index . '/macro_id') ->json_hasnt('/' . ($macros_index + 1) . '/macro_id'); @@ -93,25 +93,25 @@ subtest 'list() tests' => sub { subtest 'query parameters' => sub { plan tests => 15; - $t->get_ok("//$userid:$password@/api/v1/advancededitormacros?name=" . $macro_2->name) + $t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?name=" . $macro_2->name) ->status_is(200) ->json_has( [ $macro_2 ] ); - $t->get_ok("//$userid:$password@/api/v1/advancededitormacros?name=" . $macro_3->name) + $t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?name=" . $macro_3->name) ->status_is(200) ->json_has( [ ] ); - $t->get_ok("//$userid:$password@/api/v1/advancededitormacros?macro_text=delete 100") + $t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?macro_text=delete 100") ->status_is(200) ->json_has( [ $macro_1, $macro_2, $macro_4 ] ); - $t->get_ok("//$userid:$password@/api/v1/advancededitormacros?patron_id=" . $patron_1->borrowernumber) + $t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?patron_id=" . $patron_1->borrowernumber) ->status_is(200) ->json_has( [ $macro_1, $macro_2 ] ); - $t->get_ok("//$userid:$password@/api/v1/advancededitormacros?shared=1") + $t->get_ok("//$userid:$password@/api/v1/advanced_editor/macros?shared=1") ->status_is(200) ->json_has( [ $macro_2, $macro_4 ] ); }; # Warn on unsupported query parameter - $t->get_ok( "//$userid:$password@/api/v1/advancededitormacros?macro_blah=blah" ) + $t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros?macro_blah=blah" ) ->status_is(400) ->json_is( [{ path => '/query/macro_blah', message => 'Malformed query string'}] ); @@ -143,26 +143,26 @@ subtest 'get() tests' => sub { } }); - $t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/" . $macro_1->id ) + $t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/" . $macro_1->id ) ->status_is( 403, 'Cannot get a shared macro via regular endpoint' ) - ->json_is( '/error' => 'This macro is shared, you must access it via advancededitormacros/shared' ); + ->json_is( '/error' => 'This macro is shared, you must access it via advanced_editor/macros/shared' ); - $t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/shared/" . $macro_1->id ) + $t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/shared/" . $macro_1->id ) ->status_is( 200, 'Can get a shared macro via shared endpoint' ) ->json_is( '' => Koha::REST::V1::AdvancedEditorMacro::_to_api( $macro_1->TO_JSON ), 'Macro correctly retrieved' ); - $t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/" . $macro_2->id ) + $t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/" . $macro_2->id ) ->status_is( 403, 'Cannot access another users macro' ) ->json_is( '/error' => 'You do not have permission to access this macro' ); - $t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/" . $macro_3->id ) + $t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/" . $macro_3->id ) ->status_is( 200, 'Can get your own private macro' ) ->json_is( '' => Koha::REST::V1::AdvancedEditorMacro::_to_api( $macro_3->TO_JSON ), 'Macro correctly retrieved' ); my $non_existent_code = $macro_1->id; $macro_1->delete; - $t->get_ok( "//$userid:$password@/api/v1/advancededitormacros/" . $non_existent_code ) + $t->get_ok( "//$userid:$password@/api/v1/advanced_editor/macros/" . $non_existent_code ) ->status_is(404) ->json_is( '/error' => 'Macro not found' ); @@ -205,14 +205,14 @@ subtest 'add() tests' => sub { $macro->delete; # Unauthorized attempt to write - $t->post_ok( "//$unauth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values ) + $t->post_ok( "//$unauth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values ) ->status_is(403); # Authorized attempt to write invalid data my $macro_with_invalid_field = { %$macro_values }; $macro_with_invalid_field->{'big_mac_ro'} = 'Mac attack'; - $t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_with_invalid_field ) + $t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_with_invalid_field ) ->status_is(400) ->json_is( "/errors" => [ @@ -224,14 +224,14 @@ subtest 'add() tests' => sub { ); # Authorized attempt to write - $t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values ) + $t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values ) ->status_is( 201, 'SWAGGER3.2.1' ) ->json_has( '/macro_id', 'We generated a new id' ) ->json_is( '/name' => $macro_values->{name}, 'The name matches what we supplied' ) ->json_is( '/macro_text' => $macro_values->{macro_text}, 'The text matches what we supplied' ) ->json_is( '/patron_id' => $macro_values->{patron_id}, 'The borrower matches the borrower who submitted' ) - ->json_is( '/shared' => 0, 'The macro is not shared' ) - ->header_like( Location => qr|^\/api\/v1\/advancededitormacros\/d*|, 'Correct location' ); + ->json_is( '/shared' => Mojo::JSON->false, 'The macro is not shared' ) + ->header_like( Location => qr|^\/api\/v1\/advanced_editor/macros\/d*|, 'Correct location' ); # save the library_id my $macro_id = 999; @@ -239,7 +239,7 @@ subtest 'add() tests' => sub { # Authorized attempt to create with existing id $macro_values->{macro_id} = $macro_id; - $t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values ) + $t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values ) ->status_is(400) ->json_is( '/errors' => [ { @@ -249,14 +249,14 @@ subtest 'add() tests' => sub { ] ); - $macro_values->{shared} = 1; + $macro_values->{shared} = Mojo::JSON->true; delete $macro_values->{macro_id}; # Unauthorized attempt to write a shared macro on private endpoint - $t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values ) + $t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values ) ->status_is(403); # Unauthorized attempt to write a private macro on shared endpoint - $t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared" => json => $macro_values ) + $t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared" => json => $macro_values ) ->status_is(403); $builder->build({ @@ -269,11 +269,11 @@ subtest 'add() tests' => sub { }); # Authorized attempt to write a shared macro on private endpoint - $t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros" => json => $macro_values ) + $t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros" => json => $macro_values ) ->status_is(403); # Authorized attempt to write a shared macro on shared endpoint - $t->post_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared" => json => $macro_values ) + $t->post_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared" => json => $macro_values ) ->status_is(201); }; @@ -319,7 +319,7 @@ subtest 'update() tests' => sub { delete $macro_values->{macro_id}; # Unauthorized attempt to update - $t->put_ok( "//$unauth_userid:$password@/api/v1/advancededitormacros/$macro_id" + $t->put_ok( "//$unauth_userid:$password@/api/v1/advanced_editor/macros/$macro_id" => json => { name => 'New unauthorized name change' } ) ->status_is(403); @@ -328,7 +328,7 @@ subtest 'update() tests' => sub { name => "Call it macro-roni", }; - $t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id" => json => $macro_with_missing_field ) + $t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id" => json => $macro_with_missing_field ) ->status_is(400) ->json_has( "/errors" => [ { message => "Missing property.", path => "/body/macro_text" } ] @@ -338,10 +338,10 @@ subtest 'update() tests' => sub { name => "Macro-update", macro_text => "delete 100", patron_id => $authorized_patron->borrowernumber, - shared => 0, + shared => Mojo::JSON->false, }; - my $test = $t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id" => json => $macro_update ) + my $test = $t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id" => json => $macro_update ) ->status_is(200, 'Authorized user can update a macro') ->json_is( '/macro_id' => $macro_id, 'We get the id back' ) ->json_is( '/name' => $macro_update->{name}, 'We get the name back' ) @@ -350,11 +350,11 @@ subtest 'update() tests' => sub { ->json_is( '/shared' => $macro_update->{shared}, 'It should still not be shared' ); # Now try to make the macro shared - $macro_update->{shared} = 1; + $macro_update->{shared} = Mojo::JSON->true; - $t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_id" => json => $macro_update ) + $t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_id" => json => $macro_update ) ->status_is(403, 'Cannot make your macro shared on private endpoint'); - $t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_id" => json => $macro_update ) + $t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_id" => json => $macro_update ) ->status_is(403, 'Cannot make your macro shared without permission'); $builder->build({ @@ -366,22 +366,22 @@ subtest 'update() tests' => sub { }, }); - $t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id" => json => $macro_update ) + $t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id" => json => $macro_update ) ->status_is(403, 'Cannot make your macro shared on the private endpoint'); - $t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_id" => json => $macro_update ) + $t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_id" => json => $macro_update ) ->status_is(200, 'Can update macro to shared with permission') ->json_is( '/macro_id' => $macro_id, 'We get back the id' ) ->json_is( '/name' => $macro_update->{name}, 'We get back the name' ) ->json_is( '/macro_text' => $macro_update->{macro_text}, 'We get back the text' ) ->json_is( '/patron_id' => $macro_update->{patron_id}, 'We get back our patron id' ) - ->json_is( '/shared' => 1, 'It is shared' ); + ->json_is( '/shared' => Mojo::JSON->true, 'It is shared' ); # Authorized attempt to write invalid data my $macro_with_invalid_field = { %$macro_update }; $macro_with_invalid_field->{'big_mac_ro'} = 'Mac attack'; - $t->put_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id" => json => $macro_with_invalid_field ) + $t->put_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id" => json => $macro_with_invalid_field ) ->status_is(400) ->json_is( "/errors" => [ @@ -396,10 +396,10 @@ subtest 'update() tests' => sub { my $non_existent_code = $non_existent_macro->id; $non_existent_macro->delete; - $t->put_ok("//$auth_userid:$password@/api/v1/advancededitormacros/$non_existent_code" => json => $macro_update) + $t->put_ok("//$auth_userid:$password@/api/v1/advanced_editor/macros/$non_existent_code" => json => $macro_update) ->status_is(404); - $t->put_ok("//$auth_userid:$password@/api/v1/advancededitormacros/$macro_2_id" => json => $macro_update) + $t->put_ok("//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_2_id" => json => $macro_update) ->status_is(403, "Cannot update other borrowers private macro"); }; @@ -442,18 +442,18 @@ subtest 'delete() tests' => sub { my $macro_2_id = $macro_2->id; # Unauthorized attempt to delete - $t->delete_ok( "//$unauth_userid:$password@/api/v1/advancededitormacros/$macro_2_id") + $t->delete_ok( "//$unauth_userid:$password@/api/v1/advanced_editor/macros/$macro_2_id") ->status_is(403, "Cannot delete macro without permission"); - $t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_id") + $t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_id") ->status_is(200, 'Can delete macro with permission'); - $t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_2_id") + $t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_2_id") ->status_is(403, 'Cannot delete other users macro with permission'); $macro_2->shared(1)->store(); - $t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_2_id") + $t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_2_id") ->status_is(403, 'Cannot delete other users shared macro without permission'); $builder->build({ @@ -464,9 +464,9 @@ subtest 'delete() tests' => sub { code => 'delete_shared_macros', }, }); - $t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/$macro_2_id") + $t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/$macro_2_id") ->status_is(403, 'Cannot delete other users shared macro with permission on private endpoint'); - $t->delete_ok( "//$auth_userid:$password@/api/v1/advancededitormacros/shared/$macro_2_id") + $t->delete_ok( "//$auth_userid:$password@/api/v1/advanced_editor/macros/shared/$macro_2_id") ->status_is(200, 'Can delete other users shared macro with permission'); }; -- 2.39.5