From 46a7434fbf85159f38d2d5508c90881af64add33 Mon Sep 17 00:00:00 2001 From: Pedro Amorim Date: Tue, 25 Oct 2022 18:55:35 +0000 Subject: [PATCH] Bug 32030: ERM - Add more API tests - Agreements: Added tests for search and filter_expired as well as some missing comments; fix user flags - Licenses: Updated tests to be on par with agreements; fix user flags - EHoldings Packages: New tests on par with others - EHoldings Titles: New tests on par with others plus import titles tests - EHoldings Resources: New tests - get and list - Documents: New tests; Only has GET endpoint; Tests to better mirror real documents lifecycle through a license; - Users: New tests Signed-off-by: Jonathan Field Signed-off-by: Martin Renvoize Signed-off-by: Kyle M Hall Signed-off-by: Tomas Cohen Arazi --- t/db_dependent/api/v1/erm_agreements.t | 75 ++- t/db_dependent/api/v1/erm_documents.t | 136 +++++ .../api/v1/erm_eholdings_packages.t | 437 +++++++++++++++ .../api/v1/erm_eholdings_resources.t | 163 ++++++ t/db_dependent/api/v1/erm_eholdings_titles.t | 512 ++++++++++++++++++ t/db_dependent/api/v1/erm_licenses.t | 88 ++- t/db_dependent/api/v1/erm_users.t | 91 ++++ 7 files changed, 1492 insertions(+), 10 deletions(-) create mode 100755 t/db_dependent/api/v1/erm_documents.t create mode 100755 t/db_dependent/api/v1/erm_eholdings_packages.t create mode 100755 t/db_dependent/api/v1/erm_eholdings_resources.t create mode 100755 t/db_dependent/api/v1/erm_eholdings_titles.t create mode 100755 t/db_dependent/api/v1/erm_users.t diff --git a/t/db_dependent/api/v1/erm_agreements.t b/t/db_dependent/api/v1/erm_agreements.t index 8456b726d6..0e3bc55f45 100755 --- a/t/db_dependent/api/v1/erm_agreements.t +++ b/t/db_dependent/api/v1/erm_agreements.t @@ -33,7 +33,7 @@ my $t = Test::Mojo->new('Koha::REST::V1'); subtest 'list() tests' => sub { - plan tests => 17; + plan tests => 32; $schema->storage->txn_begin; @@ -42,7 +42,7 @@ subtest 'list() tests' => sub { my $librarian = $builder->build_object( { class => 'Koha::Patrons', - value => { flags => 2**28} + value => { flags => 2**28 } } ); my $password = 'thePassword123'; @@ -95,6 +95,63 @@ subtest 'list() tests' => sub { . $agreement->vendor_id )->status_is(200) ->json_is( [ $agreement->to_api, $another_agreement->to_api ] ); + # Attempt to search by name like 'ko' + $agreement->delete; + $another_agreement->delete; + $agreement_with_another_vendor_id->delete; + $t->get_ok( qq~//$userid:$password@/api/v1/erm/agreements?q=[{"me.name":{"like":"%ko%"}}]~) + ->status_is(200) + ->json_is( [] ); + + my $agreement_to_search = $builder->build_object( + { + class => 'Koha::ERM::Agreements', + value => { + name => 'koha', + } + } + ); + + # Search works, searching for name like 'ko' + $t->get_ok( qq~//$userid:$password@/api/v1/erm/agreements?q=[{"me.name":{"like":"%ko%"}}]~) + ->status_is(200) + ->json_is( [ $agreement_to_search->to_api ] ); + + # Warn on incorrect filter date format + $t->get_ok( "//$userid:$password@/api/v1/erm/agreements?max_expiration_date=19-03-2021") + ->status_is(400) + ->json_is( + "/errors" => [ + { + message => "Does not match date format.", + path => "/max_expiration_date" + } + ] + ); + + # Attempt to filter by expired on 2021-03-19 + $t->get_ok( "//$userid:$password@/api/v1/erm/agreements?max_expiration_date=2021-03-19") + ->status_is(200) + ->json_is( [] ); + + my $agreement_to_filter = $builder->build_object( + { + class => 'Koha::ERM::Agreements' + } + ); + $agreement_to_filter->periods( + [ + { + 'started_on'=>'2021-03-17', + 'ended_on'=>'2021-03-19' + } + ] + ); + # Filter by expired on 2021-03-19 + $t->get_ok( "//$userid:$password@/api/v1/erm/agreements?max_expiration_date=2021-03-19") + ->status_is(200) + ->json_is( [ $agreement_to_filter->to_api ] ); + # Warn on unsupported query parameter $t->get_ok("//$userid:$password@/api/v1/erm/agreements?blah=blah") ->status_is(400) @@ -136,24 +193,29 @@ subtest 'get() tests' => sub { $patron->set_password( { password => $password, skip_validation => 1 } ); my $unauth_userid = $patron->userid; + # This agreement exists, should get returned $t->get_ok( "//$userid:$password@/api/v1/erm/agreements/" . $agreement->agreement_id )->status_is(200) ->json_is( $agreement->to_api ); + # Return one agreement with some embeds $t->get_ok( "//$userid:$password@/api/v1/erm/agreements/" . $agreement->agreement_id => {'x-koha-embed' => 'periods,user_roles,agreement_licenses'} )->status_is(200) ->json_is( { %{ $agreement->to_api }, periods => [], user_roles => [], agreement_licenses => [] }); + # Return one agreement with all embeds $t->get_ok( "//$userid:$password@/api/v1/erm/agreements/" . $agreement->agreement_id => {'x-koha-embed' => 'periods,user_roles,user_roles.patron,agreement_licenses,agreement_licenses.license'} )->status_is(200) ->json_is( { %{ $agreement->to_api }, periods => [], user_roles => [], agreement_licenses => [] }); + # Unauthorized access $t->get_ok( "//$unauth_userid:$password@/api/v1/erm/agreements/" . $agreement->agreement_id )->status_is(403); + # Attempt to get non-existent agreement my $agreement_to_delete = $builder->build_object( { class => 'Koha::ERM::Agreements' } ); - my $non_existent_id = $agreement_to_delete->id; + my $non_existent_id = $agreement_to_delete->agreement_id; $agreement_to_delete->delete; $t->get_ok("//$userid:$password@/api/v1/erm/agreements/$non_existent_id") @@ -354,9 +416,10 @@ subtest 'update() tests' => sub { ] ); + # Attempt to update non-existent agreement my $agreement_to_delete = $builder->build_object( { class => 'Koha::ERM::Agreements' } ); - my $non_existent_id = $agreement_to_delete->id; + my $non_existent_id = $agreement_to_delete->agreement_id; $agreement_to_delete->delete; $t->put_ok( "//$userid:$password@/api/v1/erm/agreements/$non_existent_id" => @@ -399,16 +462,18 @@ subtest 'delete() tests' => sub { my $unauth_userid = $patron->userid; my $agreement_id = - $builder->build_object( { class => 'Koha::ERM::Agreements' } )->id; + $builder->build_object( { class => 'Koha::ERM::Agreements' } )->agreement_id; # Unauthorized attempt to delete $t->delete_ok( "//$unauth_userid:$password@/api/v1/erm/agreements/$agreement_id") ->status_is(403); + # Delete existing agreement $t->delete_ok("//$userid:$password@/api/v1/erm/agreements/$agreement_id") ->status_is( 204, 'SWAGGER3.2.4' )->content_is( '', 'SWAGGER3.3.4' ); + # Attempt to delete non-existent agreement $t->delete_ok("//$userid:$password@/api/v1/erm/agreements/$agreement_id") ->status_is(404); diff --git a/t/db_dependent/api/v1/erm_documents.t b/t/db_dependent/api/v1/erm_documents.t new file mode 100755 index 0000000000..0857d1f428 --- /dev/null +++ b/t/db_dependent/api/v1/erm_documents.t @@ -0,0 +1,136 @@ +#!/usr/bin/env perl + +# This file is part of Koha. +# +# Koha is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# Koha is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Koha; if not, see . + +use Modern::Perl; + +use Test::More tests => 1; +use Test::Mojo; + +use t::lib::TestBuilder; +use t::lib::Mocks; + +use Koha::ERM::Documents; +use Koha::Database; + +use MIME::Base64 qw( decode_base64 ); +use Koha::ERM::Licenses; + +my $schema = Koha::Database->new->schema; +my $builder = t::lib::TestBuilder->new; + +my $t = Test::Mojo->new('Koha::REST::V1'); + +subtest 'get() tests' => sub { + + plan tests => 13; + + $schema->storage->txn_begin; + + my $document = $builder->build_object( + { + class => 'Koha::ERM::Documents', + value => { + file_content => '123', + file_name => 'name' + } + } + ); + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + # This document exists, should get returned + $t->get_ok( "//$userid:$password@/api/v1/erm/documents/" + . $document->document_id + . "/file/content" )->status_is(200)->json_is('123'); + + # Create a document through a license, gets returned + my $license = $builder->build_object( { class => 'Koha::ERM::Licenses' } ); + + $license->documents( + [ + { + file_content => '321', + file_name => '321.jpeg' + }, + { + file_content => '456', + file_name => '456.jpeg' + } + ] + ); + my @documents = $license->documents->as_list; + my $license_document_id = $documents[0]->document_id; + + $t->get_ok( "//$userid:$password@/api/v1/erm/documents/" + . $license_document_id + . "/file/content" )->status_is(200) + ->content_is( decode_base64('321') ); + + # Delete a document through a license, no longer exists + my $deleted_document_id = $license_document_id; + my $remaining_document_id = $documents[1]->document_id; + + $license->documents( + [ + { + document_id => $remaining_document_id, + file_content => '456', + file_name => '456.jpeg' + } + ] + ); + + $t->get_ok( "//$userid:$password@/api/v1/erm/documents/" + . $deleted_document_id + . "/file/content" )->status_is(404); + + # Unauthorized access + $t->get_ok( "//$unauth_userid:$password@/api/v1/erm/documents/" + . $document->document_id + . "/file/content" )->status_is(403); + + # Attempt to get non-existent document + my $document_to_delete = + $builder->build_object( { class => 'Koha::ERM::Documents' } ); + my $non_existent_id = $document_to_delete->id; + $document_to_delete->delete; + + $t->get_ok( +"//$userid:$password@/api/v1/erm/documents/$non_existent_id/file/content" + )->status_is(404)->json_is( '/error' => 'Document not found' ); + + $schema->storage->txn_rollback; +}; + diff --git a/t/db_dependent/api/v1/erm_eholdings_packages.t b/t/db_dependent/api/v1/erm_eholdings_packages.t new file mode 100755 index 0000000000..d6c101d951 --- /dev/null +++ b/t/db_dependent/api/v1/erm_eholdings_packages.t @@ -0,0 +1,437 @@ +#!/usr/bin/env perl + +# This file is part of Koha. +# +# Koha is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# Koha is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Koha; if not, see . + +use Modern::Perl; + +use Test::More tests => 5; +use Test::Mojo; + +use t::lib::TestBuilder; +use t::lib::Mocks; + +use Koha::ERM::EHoldings::Packages; +use Koha::Database; + +my $schema = Koha::Database->new->schema; +my $builder = t::lib::TestBuilder->new; + +my $t = Test::Mojo->new('Koha::REST::V1'); + +subtest 'list() tests' => sub { + + plan tests => 23; + + $schema->storage->txn_begin; + + Koha::ERM::EHoldings::Packages->search->delete; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + ## Authorized user tests + # No EHoldings package, so empty array should be returned + $t->get_ok("//$userid:$password@/api/v1/erm/eholdings/local/packages") + ->status_is(200)->json_is( [] ); + + my $ehpackage = $builder->build_object( + { + class => 'Koha::ERM::EHoldings::Packages', + value => { external_id => undef } + } + ); + + # One EHoldings package created, should get returned + $t->get_ok("//$userid:$password@/api/v1/erm/eholdings/local/packages") + ->status_is(200)->json_is( [ $ehpackage->to_api ] ); + + my $another_ehpackage = $builder->build_object( + { + class => 'Koha::ERM::EHoldings::Packages', + value => { + package_type => $ehpackage->package_type, + external_id => undef + } + } + ); + my $ehpackage_with_another_package_type = $builder->build_object( + { + class => 'Koha::ERM::EHoldings::Packages', + value => { external_id => undef } + } + ); + + # Two EHoldings packages created, they should both be returned + $t->get_ok("//$userid:$password@/api/v1/erm/eholdings/local/packages") + ->status_is(200)->json_is( + [ + $ehpackage->to_api, + $another_ehpackage->to_api, + $ehpackage_with_another_package_type->to_api + ] + ); + + # Filtering works, two EHoldings packages sharing package_type + $t->get_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages?package_type=" + . $ehpackage->package_type )->status_is(200) + ->json_is( [ $ehpackage->to_api, $another_ehpackage->to_api ] ); + + # Attempt to search by name like 'ko' + $ehpackage->delete; + $another_ehpackage->delete; + $ehpackage_with_another_package_type->delete; + $t->get_ok( +qq~//$userid:$password@/api/v1/erm/eholdings/local/packages?q=[{"me.name":{"like":"%ko%"}}]~ + )->status_is(200)->json_is( [] ); + + my $ehpackage_to_search = $builder->build_object( + { + class => 'Koha::ERM::EHoldings::Packages', + value => { + name => 'koha', + external_id => undef + } + } + ); + + # Search works, searching for name like 'ko' + $t->get_ok( +qq~//$userid:$password@/api/v1/erm/eholdings/local/packages?q=[{"me.name":{"like":"%ko%"}}]~ + )->status_is(200)->json_is( [ $ehpackage_to_search->to_api ] ); + + # Warn on unsupported query parameter + $t->get_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages?blah=blah") + ->status_is(400) + ->json_is( + [ { path => '/query/blah', message => 'Malformed query string' } ] ); + + # Unauthorized access + $t->get_ok( + "//$unauth_userid:$password@/api/v1/erm/eholdings/local/packages") + ->status_is(403); + + $schema->storage->txn_rollback; +}; + +subtest 'get() tests' => sub { + + plan tests => 11; + + $schema->storage->txn_begin; + + my $ehpackage = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Packages' } ); + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + # This EHoldings package exists, should get returned + $t->get_ok( "//$userid:$password@/api/v1/erm/eholdings/local/packages/" + . $ehpackage->package_id )->status_is(200) + ->json_is( $ehpackage->to_api ); + + # Return one EHoldings package with embed + $t->get_ok( "//$userid:$password@/api/v1/erm/eholdings/local/packages/" + . $ehpackage->package_id => + { 'x-koha-embed' => 'resources,resources.package' } )->status_is(200) + ->json_is( { %{ $ehpackage->to_api }, resources => [] } ); + + # Unauthorized access + $t->get_ok( + "//$unauth_userid:$password@/api/v1/erm/eholdings/local/packages/" + . $ehpackage->package_id )->status_is(403); + + # Attempt to get non-existent EHoldings package + my $ehpackage_to_delete = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Packages' } ); + my $non_existent_id = $ehpackage_to_delete->package_id; + $ehpackage_to_delete->delete; + + $t->get_ok( +"//$userid:$password@/api/v1/erm/eholdings/local/packages/$non_existent_id" + )->status_is(404)->json_is( '/error' => 'Package not found' ); + + $schema->storage->txn_rollback; +}; + +subtest 'add() tests' => sub { + + plan tests => 18; + + $schema->storage->txn_begin; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + my $ehpackage = { + name => "Package name", + package_type => "Package type", + content_type => "Content type", + notes => "Notes" + }; + + # Unauthorized attempt to write + $t->post_ok( + "//$unauth_userid:$password@/api/v1/erm/eholdings/local/packages" => + json => $ehpackage )->status_is(403); + + # Authorized attempt to write invalid data + my $ehpackage_with_invalid_field = { + blah => "EHolding Package Blah", + name => "Package name", + }; + + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages" => json => + $ehpackage_with_invalid_field )->status_is(400)->json_is( + "/errors" => [ + { + message => "Properties not allowed: blah.", + path => "/body" + } + ] + ); + + # Authorized attempt to write + my $ehpackage_id = + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages" => json => + $ehpackage )->status_is( 201, 'SWAGGER3.2.1' )->header_like( + Location => qr|^/api/v1/erm/eholdings/local/packages/\d*|, + 'SWAGGER3.4.1' + )->json_is( '/name' => $ehpackage->{name} ) + ->json_is( '/print_identifier' => $ehpackage->{print_identifier} ) + ->json_is( '/notes' => $ehpackage->{notes} ) + ->json_is( '/publisher_name' => $ehpackage->{publisher_name} ) + ->tx->res->json->{package_id}; + + # Authorized attempt to create with null id + $ehpackage->{package_id} = undef; + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages" => json => + $ehpackage )->status_is(400)->json_has('/errors'); + + # Authorized attempt to create with existing id + $ehpackage->{package_id} = $ehpackage_id; + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages" => json => + $ehpackage )->status_is(400)->json_is( + "/errors" => [ + { + message => "Read-only.", + path => "/body/package_id" + } + ] + ); + + $schema->storage->txn_rollback; +}; + +subtest 'update() tests' => sub { + + plan tests => 15; + + $schema->storage->txn_begin; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + my $ehpackage_id = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Packages' } ) + ->package_id; + + # Unauthorized attempt to update + $t->put_ok( +"//$unauth_userid:$password@/api/v1/erm/eholdings/local/packages/$ehpackage_id" + => json => { name => 'New unauthorized name change' } ) + ->status_is(403); + + # Attempt partial update on a PUT + my $ehpackage_with_missing_field = { package_type => "Package type", }; + + $t->put_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages/$ehpackage_id" + => json => $ehpackage_with_missing_field )->status_is(400) + ->json_is( "/errors" => + [ { message => "Missing property.", path => "/body/name" } ] ); + + # Full object update on PUT + my $ehpackage_with_updated_field = { + name => "Package name", + package_type => "Package type", + content_type => "Content type", + notes => "Notes" + }; + + $t->put_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages/$ehpackage_id" + => json => $ehpackage_with_updated_field )->status_is(200) + ->json_is( '/name' => 'Package name' ); + + # Authorized attempt to write invalid data + my $ehpackage_with_invalid_field = { + blah => "EHolding Package Blah", + name => "Package name", + }; + + $t->put_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages/$ehpackage_id" + => json => $ehpackage_with_invalid_field )->status_is(400)->json_is( + "/errors" => [ + { + message => "Properties not allowed: blah.", + path => "/body" + } + ] + ); + + # Attempt to update non-existent EHolding package + my $ehpackage_to_delete = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Packages' } ); + my $non_existent_id = $ehpackage_to_delete->package_id; + $ehpackage_to_delete->delete; + + $t->put_ok( +"//$userid:$password@/api/v1/erm/eholdings/local/packages/$non_existent_id" + => json => $ehpackage_with_updated_field )->status_is(404); + + # Wrong method (POST) + $ehpackage_with_updated_field->{package_id} = 2; + + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages/$ehpackage_id" + => json => $ehpackage_with_updated_field )->status_is(404); + + $schema->storage->txn_rollback; +}; + +subtest 'delete() tests' => sub { + + plan tests => 7; + + $schema->storage->txn_begin; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + my $ehpackage_id = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Packages' } ) + ->package_id; + + # Unauthorized attempt to delete + $t->delete_ok( +"//$unauth_userid:$password@/api/v1/erm/eholdings/local/packages/$ehpackage_id" + )->status_is(403); + + # Delete existing EHolding package + $t->delete_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages/$ehpackage_id" + )->status_is( 204, 'SWAGGER3.2.4' )->content_is( '', 'SWAGGER3.3.4' ); + + # Attempt to delete non-existent EHolding package + $t->delete_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/packages/$ehpackage_id" + )->status_is(404); + + $schema->storage->txn_rollback; +}; + diff --git a/t/db_dependent/api/v1/erm_eholdings_resources.t b/t/db_dependent/api/v1/erm_eholdings_resources.t new file mode 100755 index 0000000000..adf6567d22 --- /dev/null +++ b/t/db_dependent/api/v1/erm_eholdings_resources.t @@ -0,0 +1,163 @@ +#!/usr/bin/env perl + +# This file is part of Koha. +# +# Koha is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# Koha is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Koha; if not, see . + +use Modern::Perl; + +use Test::More tests => 2; +use Test::Mojo; + +use t::lib::TestBuilder; +use t::lib::Mocks; + +use Koha::ERM::EHoldings::Resources; +use Koha::Database; + +my $schema = Koha::Database->new->schema; +my $builder = t::lib::TestBuilder->new; + +my $t = Test::Mojo->new('Koha::REST::V1'); + +subtest 'list() tests' => sub { + + plan tests => 17; + + $schema->storage->txn_begin; + + Koha::ERM::EHoldings::Resources->search->delete; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + ## Authorized user tests + # No resources, so empty array should be returned + $t->get_ok("//$userid:$password@/api/v1/erm/eholdings/local/resources") + ->status_is(200)->json_is( [] ); + + my $resource = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Resources' } ); + + # One resource created, should get returned + $t->get_ok("//$userid:$password@/api/v1/erm/eholdings/local/resources") + ->status_is(200)->json_is( [ $resource->to_api ] ); + + my $another_resource = $builder->build_object( + { + class => 'Koha::ERM::EHoldings::Resources', + value => { vendor_id => $resource->vendor_id } + } + ); + my $resource_with_another_vendor_id = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Resources' } ); + + # Two resources created, they should both be returned + $t->get_ok("//$userid:$password@/api/v1/erm/eholdings/local/resources") + ->status_is(200)->json_is( + [ + $resource->to_api, + $another_resource->to_api, + $resource_with_another_vendor_id->to_api + ] + ); + + # Filtering works, two resources sharing vendor_id + $t->get_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/resources?vendor_id=" + . $resource->vendor_id )->status_is(200) + ->json_is( [ $resource->to_api, $another_resource->to_api ] ); + + # Warn on unsupported query parameter + $t->get_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/resources?blah=blah") + ->status_is(400) + ->json_is( + [ { path => '/query/blah', message => 'Malformed query string' } ] ); + + # Unauthorized access + $t->get_ok( + "//$unauth_userid:$password@/api/v1/erm/eholdings/local/resources") + ->status_is(403); + + $schema->storage->txn_rollback; +}; + +subtest 'get() tests' => sub { + + plan tests => 8; + + $schema->storage->txn_begin; + + my $resource = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Resources' } ); + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + # This resource exists, should get returned + $t->get_ok( "//$userid:$password@/api/v1/erm/eholdings/local/resources/" + . $resource->resource_id )->status_is(200) + ->json_is( $resource->to_api ); + + # Unauthorized access + $t->get_ok( + "//$unauth_userid:$password@/api/v1/erm/eholdings/local/resources/" + . $resource->resource_id )->status_is(403); + + # Attempt to get non-existent resource + my $resource_to_delete = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Resources' } ); + my $non_existent_id = $resource_to_delete->resource_id; + $resource_to_delete->delete; + + $t->get_ok( +"//$userid:$password@/api/v1/erm/eholdings/local/resources/$non_existent_id" + )->status_is(404)->json_is( '/error' => 'eHolding resource not found' ); + + $schema->storage->txn_rollback; +}; diff --git a/t/db_dependent/api/v1/erm_eholdings_titles.t b/t/db_dependent/api/v1/erm_eholdings_titles.t new file mode 100755 index 0000000000..af2826a28f --- /dev/null +++ b/t/db_dependent/api/v1/erm_eholdings_titles.t @@ -0,0 +1,512 @@ +#!/usr/bin/env perl + +# This file is part of Koha. +# +# Koha is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# Koha is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Koha; if not, see . + +use Modern::Perl; + +use Test::More tests => 5; +use Test::Mojo; + +use t::lib::TestBuilder; +use t::lib::Mocks; + +use Koha::ERM::EHoldings::Titles; +use Koha::ERM::EHoldings::Packages; +use Koha::Virtualshelves; +use Koha::Database; + +my $schema = Koha::Database->new->schema; +my $builder = t::lib::TestBuilder->new; + +my $t = Test::Mojo->new('Koha::REST::V1'); + +subtest 'list() tests' => sub { + + plan tests => 23; + + $schema->storage->txn_begin; + + Koha::ERM::EHoldings::Titles->search->delete; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + ## Authorized user tests + # No EHoldings title, so empty array should be returned + $t->get_ok("//$userid:$password@/api/v1/erm/eholdings/local/titles") + ->status_is(200)->json_is( [] ); + + my $ehtitle = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Titles' } ); + + # One EHoldings title created, should get returned + $t->get_ok("//$userid:$password@/api/v1/erm/eholdings/local/titles") + ->status_is(200)->json_is( [ $ehtitle->to_api ] ); + + my $another_ehtitle = $builder->build_object( + { + class => 'Koha::ERM::EHoldings::Titles', + value => { publication_type => $ehtitle->publication_type } + } + ); + my $ehtitle_with_another_publication_type = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Titles' } ); + + # Two EHoldings titles created, they should both be returned + $t->get_ok("//$userid:$password@/api/v1/erm/eholdings/local/titles") + ->status_is(200)->json_is( + [ + $ehtitle->to_api, + $another_ehtitle->to_api, + $ehtitle_with_another_publication_type->to_api + ] + ); + + # Filtering works, two EHoldings titles sharing publication_type + $t->get_ok( +"//$userid:$password@/api/v1/erm/eholdings/local/titles?publication_type=" + . $ehtitle->publication_type )->status_is(200) + ->json_is( [ $ehtitle->to_api, $another_ehtitle->to_api ] ); + + # Attempt to search by publication_title like 'ko' + $ehtitle->delete; + $another_ehtitle->delete; + $ehtitle_with_another_publication_type->delete; + $t->get_ok(qq~//$userid:$password@/api/v1/erm/eholdings/local/titles?q=[{"me.publication_title":{"like":"%ko%"}}]~) + ->status_is(200)->json_is( [] ); + + my $ehtitle_to_search = $builder->build_object( + { + class => 'Koha::ERM::EHoldings::Titles', + value => { + publication_title => 'koha', + } + } + ); + + # Search works, searching for publication_title like 'ko' + $t->get_ok(qq~//$userid:$password@/api/v1/erm/eholdings/local/titles?q=[{"me.publication_title":{"like":"%ko%"}}]~) + ->status_is(200)->json_is( [ $ehtitle_to_search->to_api ] ); + + # Warn on unsupported query parameter + $t->get_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles?blah=blah") + ->status_is(400) + ->json_is( + [ { path => '/query/blah', message => 'Malformed query string' } ] ); + + # Unauthorized access + $t->get_ok("//$unauth_userid:$password@/api/v1/erm/eholdings/local/titles") + ->status_is(403); + + $schema->storage->txn_rollback; +}; + +subtest 'get() tests' => sub { + + plan tests => 11; + + $schema->storage->txn_begin; + + my $ehtitle = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Titles' } ); + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + # This EHoldings title exists, should get returned + $t->get_ok( "//$userid:$password@/api/v1/erm/eholdings/local/titles/" + . $ehtitle->title_id )->status_is(200)->json_is( $ehtitle->to_api ); + + # Return one EHoldings title with embed + $t->get_ok( "//$userid:$password@/api/v1/erm/eholdings/local/titles/" + . $ehtitle->title_id => + { 'x-koha-embed' => 'resources,resources.package' } )->status_is(200) + ->json_is( { %{ $ehtitle->to_api }, resources => [] } ); + + # Unauthorized access + $t->get_ok( "//$unauth_userid:$password@/api/v1/erm/eholdings/local/titles/" + . $ehtitle->title_id )->status_is(403); + + # Attempt to get non-existent EHoldings title + my $ehtitle_to_delete = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Titles' } ); + my $non_existent_id = $ehtitle_to_delete->title_id; + $ehtitle_to_delete->delete; + + $t->get_ok( +"//$userid:$password@/api/v1/erm/eholdings/local/titles/$non_existent_id" + )->status_is(404)->json_is( '/error' => 'eHolding title not found' ); + + $schema->storage->txn_rollback; +}; + +subtest 'add() tests' => sub { + + plan tests => 24; + + $schema->storage->txn_begin; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + my $ehtitle = { + publication_title => "Publication title", + print_identifier => "Print-format identifier", + online_identifier => "Online-format identifier", + date_first_issue_online => + "Date of first serial issue available online", + num_first_vol_online => "Number of first volume available online", + num_first_issue_online => "Number of first issue available online", + date_last_issue_online => "Date of last issue available online", + num_last_vol_online => "Number of last volume available online", + num_last_issue_online => "Number of last issue available online", + title_url => "Title-level URL", + first_author => "First author", + embargo_info => "Embargo information", + coverage_depth => "Coverage depth", + notes => "Notes", + publisher_name => "Publisher name", + publication_type => "Book", + date_monograph_published_print => + "Date the monograph is first published in print", + date_monograph_published_online => + "Date the monograph is first published online", + monograph_volume => "Number of volume for monograph", + monograph_edition => "Edition of the monograph", + first_editor => "First editor", + parent_publication_title_id => + "Title identifier of the parent publication", + preceeding_publication_title_id => + "Title identifier of any preceding publication title", + access_type => "Access type" + }; + + # Unauthorized attempt to write + $t->post_ok( + "//$unauth_userid:$password@/api/v1/erm/eholdings/local/titles" => + json => $ehtitle )->status_is(403); + + # Authorized attempt to write invalid data + my $ehtitle_with_invalid_field = { + blah => "EHolding Title Blah", + publication_title => "Publication title", + print_identifier => "Print-format identifier" + }; + + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles" => json => + $ehtitle_with_invalid_field )->status_is(400)->json_is( + "/errors" => [ + { + message => "Properties not allowed: blah.", + path => "/body" + } + ] + ); + + # Authorized attempt to write + my $ehtitle_id = + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles" => json => + $ehtitle )->status_is( 201, 'SWAGGER3.2.1' )->header_like( + Location => qr|^/api/v1/erm/eholdings/local/titles/\d*|, + 'SWAGGER3.4.1' + )->json_is( '/publication_title' => $ehtitle->{publication_title} ) + ->json_is( '/print_identifier' => $ehtitle->{print_identifier} ) + ->json_is( '/notes' => $ehtitle->{notes} ) + ->json_is( '/publisher_name' => $ehtitle->{publisher_name} ) + ->tx->res->json->{title_id}; + + # Import titles from virtualshelf to package + my $ehpackage_id = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Packages' } ) + ->package_id; + + my $virtual_shelf = + $builder->build_object( + { + class => 'Koha::Virtualshelves', + } ); + $virtual_shelf->transfer_ownership($librarian->borrowernumber); + my $virtual_shelf_id = $virtual_shelf->shelfnumber; + + my $import_request = + { + list_id => $virtual_shelf_id, + package_id => $ehpackage_id + }; + + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles/import" => json => + $import_request )->status_is(201)->json_has('/job_id'); + + # Attempt to import titles from a virtualshelf that doesn't exist + $virtual_shelf->delete; + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles/import" => json => + $import_request )->status_is(404)->json_is( + { error => 'List not found' } + ); + + # Authorized attempt to create with null id + $ehtitle->{title_id} = undef; + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles" => json => + $ehtitle )->status_is(400)->json_has('/errors'); + + # Authorized attempt to create with existing id + $ehtitle->{title_id} = $ehtitle_id; + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles" => json => + $ehtitle )->status_is(400)->json_is( + "/errors" => [ + { + message => "Read-only.", + path => "/body/title_id" + } + ] + ); + + $schema->storage->txn_rollback; +}; + +subtest 'update() tests' => sub { + + plan tests => 15; + + $schema->storage->txn_begin; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + my $ehtitle_id = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Titles' } ) + ->title_id; + + # Unauthorized attempt to update + $t->put_ok( +"//$unauth_userid:$password@/api/v1/erm/eholdings/local/titles/$ehtitle_id" + => json => + { publication_title => 'New unauthorized publication_title change' } ) + ->status_is(403); + + # Attempt partial update on a PUT + my $ehtitle_with_missing_field = { date_first_issue_online => + "Date of first serial issue available online", }; + + $t->put_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles/$ehtitle_id" => + json => $ehtitle_with_missing_field )->status_is(400)->json_is( + "/errors" => [ + { + message => "Missing property.", + path => "/body/publication_title" + } + ] + ); + + # Full object update on PUT + my $ehtitle_with_updated_field = { + publication_title => "Publication title", + print_identifier => "Print-format identifier", + online_identifier => "Online-format identifier", + date_first_issue_online => + "Date of first serial issue available online", + num_first_vol_online => "Number of first volume available online", + num_first_issue_online => "Number of first issue available online", + date_last_issue_online => "Date of last issue available online", + num_last_vol_online => "Number of last volume available online", + num_last_issue_online => "Number of last issue available online", + title_url => "Title-level URL", + first_author => "First author", + embargo_info => "Embargo information", + coverage_depth => "Coverage depth", + notes => "Notes", + publisher_name => "Publisher name", + publication_type => "Book", + date_monograph_published_print => + "Date the monograph is first published in print", + date_monograph_published_online => + "Date the monograph is first published online", + monograph_volume => "Number of volume for monograph", + monograph_edition => "Edition of the monograph", + first_editor => "First editor", + parent_publication_title_id => + "Title identifier of the parent publication", + preceeding_publication_title_id => + "Title identifier of any preceding publication title", + access_type => "Access type" + }; + + $t->put_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles/$ehtitle_id" => + json => $ehtitle_with_updated_field )->status_is(200) + ->json_is( '/publication_title' => 'Publication title' ); + + # Authorized attempt to write invalid data + my $ehtitle_with_invalid_field = { + blah => "EHolding Title Blah", + publication_title => "Publication title", + print_identifier => "Print-format identifier" + }; + + $t->put_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles/$ehtitle_id" => + json => $ehtitle_with_invalid_field )->status_is(400)->json_is( + "/errors" => [ + { + message => "Properties not allowed: blah.", + path => "/body" + } + ] + ); + + # Attempt to update non-existent EHolding title + my $ehtitle_to_delete = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Titles' } ); + my $non_existent_id = $ehtitle_to_delete->title_id; + $ehtitle_to_delete->delete; + + $t->put_ok( +"//$userid:$password@/api/v1/erm/eholdings/local/titles/$non_existent_id" + => json => $ehtitle_with_updated_field )->status_is(404); + + # Wrong method (POST) + $ehtitle_with_updated_field->{title_id} = 2; + + $t->post_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles/$ehtitle_id" => + json => $ehtitle_with_updated_field )->status_is(404); + + $schema->storage->txn_rollback; +}; + +subtest 'delete() tests' => sub { + + plan tests => 7; + + $schema->storage->txn_begin; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + + my $ehtitle_id = + $builder->build_object( { class => 'Koha::ERM::EHoldings::Titles' } ) + ->title_id; + + # Unauthorized attempt to delete + $t->delete_ok( +"//$unauth_userid:$password@/api/v1/erm/eholdings/local/titles/$ehtitle_id" + )->status_is(403); + + # Delete existing EHolding title + $t->delete_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles/$ehtitle_id") + ->status_is( 204, 'SWAGGER3.2.4' )->content_is( '', 'SWAGGER3.3.4' ); + + # Attempt to delete non-existent EHolding title + $t->delete_ok( + "//$userid:$password@/api/v1/erm/eholdings/local/titles/$ehtitle_id") + ->status_is(404); + + $schema->storage->txn_rollback; +}; + diff --git a/t/db_dependent/api/v1/erm_licenses.t b/t/db_dependent/api/v1/erm_licenses.t index 14b3552745..a3e47756c0 100755 --- a/t/db_dependent/api/v1/erm_licenses.t +++ b/t/db_dependent/api/v1/erm_licenses.t @@ -33,7 +33,7 @@ my $t = Test::Mojo->new('Koha::REST::V1'); subtest 'list() tests' => sub { - plan tests => 8; + plan tests => 23; $schema->storage->txn_begin; @@ -71,6 +71,58 @@ subtest 'list() tests' => sub { $t->get_ok("//$userid:$password@/api/v1/erm/licenses")->status_is(200) ->json_is( [ $license->to_api ] ); + my $another_license = $builder->build_object( + { + class => 'Koha::ERM::Licenses', + value => { vendor_id => $license->vendor_id } + } + ); + my $license_with_another_vendor_id = + $builder->build_object( { class => 'Koha::ERM::Licenses' } ); + + # Two licenses created, they should both be returned + $t->get_ok("//$userid:$password@/api/v1/erm/licenses")->status_is(200) + ->json_is( + [ + $license->to_api, + $another_license->to_api, + $license_with_another_vendor_id->to_api + ] + ); + + # Filtering works, two licenses sharing vendor_id + $t->get_ok( "//$userid:$password@/api/v1/erm/licenses?vendor_id=" + . $license->vendor_id )->status_is(200) + ->json_is( [ $license->to_api, $another_license->to_api ] ); + + # Attempt to search by name like 'ko' + $license->delete; + $another_license->delete; + $license_with_another_vendor_id->delete; + $t->get_ok( qq~//$userid:$password@/api/v1/erm/licenses?q=[{"me.name":{"like":"%ko%"}}]~) + ->status_is(200) + ->json_is( [] ); + + my $license_to_search = $builder->build_object( + { + class => 'Koha::ERM::Licenses', + value => { + name => 'koha', + } + } + ); + + # Search works, searching for name like 'ko' + $t->get_ok( qq~//$userid:$password@/api/v1/erm/licenses?q=[{"me.name":{"like":"%ko%"}}]~) + ->status_is(200) + ->json_is( [ $license_to_search->to_api ] ); + + # Warn on unsupported query parameter + $t->get_ok("//$userid:$password@/api/v1/erm/licenses?blah=blah") + ->status_is(400) + ->json_is( + [ { path => '/query/blah', message => 'Malformed query string' } ] ); + # Unauthorized access $t->get_ok("//$unauth_userid:$password@/api/v1/erm/licenses") ->status_is(403); @@ -80,7 +132,7 @@ subtest 'list() tests' => sub { subtest 'get() tests' => sub { - plan tests => 8; + plan tests => 11; $schema->storage->txn_begin; @@ -106,16 +158,24 @@ subtest 'get() tests' => sub { $patron->set_password( { password => $password, skip_validation => 1 } ); my $unauth_userid = $patron->userid; + # This license exists, should get returned $t->get_ok( "//$userid:$password@/api/v1/erm/licenses/" . $license->license_id )->status_is(200) ->json_is( $license->to_api ); + # Return one license with embed + $t->get_ok( "//$userid:$password@/api/v1/erm/licenses/" + . $license->license_id => {'x-koha-embed' => 'documents'} )->status_is(200) + ->json_is( { %{ $license->to_api }, documents => [] }); + + # Unauthorized access $t->get_ok( "//$unauth_userid:$password@/api/v1/erm/licenses/" . $license->license_id )->status_is(403); + # Attempt to get non-existent license my $license_to_delete = $builder->build_object( { class => 'Koha::ERM::Licenses' } ); - my $non_existent_id = $license_to_delete->id; + my $non_existent_id = $license_to_delete->license_id; $license_to_delete->delete; $t->get_ok("//$userid:$password@/api/v1/erm/licenses/$non_existent_id") @@ -221,7 +281,7 @@ subtest 'add() tests' => sub { subtest 'update() tests' => sub { - plan tests => 12; + plan tests => 15; $schema->storage->txn_begin; @@ -253,6 +313,21 @@ subtest 'update() tests' => sub { "//$unauth_userid:$password@/api/v1/erm/licenses/$license_id" => json => { name => 'New unauthorized name change' } )->status_is(403); + # Attempt partial update on a PUT + my $license_with_missing_field = { + description => 'New description', + type => 'national', + status => 'expired', + started_on => undef, + ended_on => undef, + }; + + $t->put_ok( + "//$userid:$password@/api/v1/erm/licenses/$license_id" => json => + $license_with_missing_field )->status_is(400) + ->json_is( "/errors" => + [ { message => "Missing property.", path => "/body/name" } ] ); + # Full object update on PUT my $license_with_updated_field = { name => 'New name', @@ -290,6 +365,7 @@ subtest 'update() tests' => sub { ] ); + # Attempt to update non-existent license my $license_to_delete = $builder->build_object( { class => 'Koha::ERM::Licenses' } ); my $non_existent_id = $license_to_delete->id; @@ -335,16 +411,18 @@ subtest 'delete() tests' => sub { my $unauth_userid = $patron->userid; my $license_id = - $builder->build_object( { class => 'Koha::ERM::Licenses' } )->id; + $builder->build_object( { class => 'Koha::ERM::Licenses' } )->license_id; # Unauthorized attempt to delete $t->delete_ok( "//$unauth_userid:$password@/api/v1/erm/licenses/$license_id") ->status_is(403); + # Delete existing license $t->delete_ok("//$userid:$password@/api/v1/erm/licenses/$license_id") ->status_is( 204, 'SWAGGER3.2.4' )->content_is( '', 'SWAGGER3.3.4' ); + # Attempt to delete non-existent license $t->delete_ok("//$userid:$password@/api/v1/erm/licenses/$license_id") ->status_is(404); diff --git a/t/db_dependent/api/v1/erm_users.t b/t/db_dependent/api/v1/erm_users.t new file mode 100755 index 0000000000..7a87bbf68a --- /dev/null +++ b/t/db_dependent/api/v1/erm_users.t @@ -0,0 +1,91 @@ +#!/usr/bin/env perl + +# This file is part of Koha. +# +# Koha is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# Koha is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Koha; if not, see . + +use Modern::Perl; + +use Test::More tests => 1; +use Test::Mojo; + +use t::lib::TestBuilder; +use t::lib::Mocks; + +use Koha::Patron::Attributes; +use Koha::Database; + +my $schema = Koha::Database->new->schema; +my $builder = t::lib::TestBuilder->new; + +my $t = Test::Mojo->new('Koha::REST::V1'); + +subtest 'list() tests' => sub { + + plan tests => 11; + + $schema->storage->txn_begin; + + Koha::Patrons->search->delete; + + my $librarian = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + + my $password = 'thePassword123'; + $librarian->set_password( { password => $password, skip_validation => 1 } ); + my $userid = $librarian->userid; + + + + ## Authorized user tests + # One erm_user created, should get returned + $librarian->discard_changes; + $t->get_ok("//$userid:$password@/api/v1/erm/users")->status_is(200) + ->json_is( [ $librarian->to_api ] ); + + my $another_erm_user = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 2**28 } + } + ); + + # Two erm_users created, they should both be returned + $t->get_ok("//$userid:$password@/api/v1/erm/users")->status_is(200) + ->json_is( [ $librarian->to_api ] ); + + # Warn on unsupported query parameter + $t->get_ok("//$userid:$password@/api/v1/erm/users?blah=blah") + ->status_is(400) + ->json_is( + [ { path => '/query/blah', message => 'Malformed query string' } ] ); + + my $patron = $builder->build_object( + { + class => 'Koha::Patrons', + value => { flags => 0 } + } + ); + + $patron->set_password( { password => $password, skip_validation => 1 } ); + my $unauth_userid = $patron->userid; + # Unauthorized access + $t->get_ok("//$unauth_userid:$password@/api/v1/erm/users")->status_is(403); + + $schema->storage->txn_rollback; +}; -- 2.39.2