From 24b14de39810261a8084ca74e2ea89feb5042faa Mon Sep 17 00:00:00 2001
From: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Date: Fri, 24 Nov 2023 10:50:54 +0000
Subject: [PATCH] Bug 34999: Throw exception for public routes if
 OPACMaintenance is enabled

Test plan:
[1] Try public endpoint like /api/v1/public/biblios/X/items.
    * Replace X by an existing biblionumber.
    You should receive a 200.
[2] Enable OPACMaintenance. Set to Show.
[3] Try same endpoint. You should get a 503 with a json error.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 1fc82dd827ad298bead46583ada08c549afe8d8e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
---
 Koha/REST/V1/Auth.pm | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/Koha/REST/V1/Auth.pm b/Koha/REST/V1/Auth.pm
index 11cd523188..948bed689b 100644
--- a/Koha/REST/V1/Auth.pm
+++ b/Koha/REST/V1/Auth.pm
@@ -74,11 +74,12 @@ sub under {
             $is_plugin = 1;
         }
 
-        if ( $is_public
-            and !C4::Context->preference('RESTPublicAPI') )
-        {
+        if ($is_public) {
+            Koha::Exceptions::UnderMaintenance->throw('Under maintenance')
+                if C4::Context->preference('OPACMaintenance');
             Koha::Exceptions::Authorization->throw(
-                "Configuration prevents the usage of this endpoint by unprivileged users");
+                "Configuration prevents the usage of this endpoint by unprivileged users")
+                if !C4::Context->preference('RESTPublicAPI');
         }
 
         if ( $c->req->url->to_abs->path =~ m#^/api/v1/oauth/# || $c->req->url->to_abs->path =~ m#^/api/v1/public/oauth/#) {
-- 
2.39.5