]> git.koha-community.org Git - koha.git/commit
Bug 25045: Allow restricting anonymous requests on the public API
authorTomas Cohen Arazi <tomascohen@theke.io>
Mon, 13 Apr 2020 14:40:48 +0000 (11:40 -0300)
committerAleisha Amohia <aleishaamohia@hotmail.com>
Sun, 21 Jun 2020 22:07:10 +0000 (10:07 +1200)
commit4efbb9bd613c38956d82e77a31bab40fbad93f4f
treed3750e74be0b4c771e0219cef285b1c036440144
parent554cf13b1bfb0bc3fe85bda41580f2e5b7c59206
Bug 25045: Allow restricting anonymous requests on the public API

This patch introduces a check on the authenticate_api_request method for
the RESTPublicAnonymousRequests system preference. If disabled,
anonymous  requests get rejected.

The idea is to replicate the homologous OpacPublic system preference
behaviour.

To test:
1. Apply the Unit tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail, 200 is answered instead of 401 on the route.
3. Apply this patch
4. Repeat 2.
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit ec99043a2ede2f994dae72ee2f68884174f94d4c)

Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Koha/REST/V1/Auth.pm