git.koha-community.org Git - koha.git/commit

author	Tomas Cohen Arazi <tomascohen@theke.io>
	Wed, 2 Jan 2019 18:05:47 +0000 (15:05 -0300)
committer	Nick Clemens <nick@bywatersolutions.com>
	Mon, 28 Jan 2019 15:45:54 +0000 (15:45 +0000)
commit	ee2931a7b09d9c707e93f43ed784ac4e833290bd
tree	20e197f7982e218cf00856a29a97d2d86d4de797	tree \| snapshot
parent	ff7bf419872a9ef394600f46348622244963324f	commit \| diff

Bug 22061: Add a /public namespace that can be switched on/off

This patch adds a check in Koha::REST::V1::Auth::under to catch all
routes that begin with 'public' (inside /api/v1). If they match, and the
RESTPublicAPI syspref is off, then an exception is thrown, rendering a
403 error to the consumer.

Otherwise the routes are processed as usual. This is THE on/off switch
for the public REST API. The target use case: people not wanting an OPAC
or public interaction with the API besides privileged users.

In order to test, the rest of the patches are needed because the only
way to test a route is having it in the spec.

To test:
- Apply the patches
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth.t
=> SUCCESS: tests pass!
- Sign off :-D

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Koha/REST/V1/Auth.pm		diff \| blob \| history
t/db_dependent/api/v1/auth.t		diff \| blob \| history