From 9ef23bb642802dee9b2a9c2833daef32bf9b4e32 Mon Sep 17 00:00:00 2001 From: Tomas Cohen Arazi Date: Thu, 7 Jan 2021 08:50:43 -0300 Subject: [PATCH] Bug 27358: Add GET /public/biblios/:biblio_id/items This patch introduces a route to fetch items belonging to a biblio. It is expected to return the 'public' representation of the Koha::Item objects. It is also enforcing the visibility rules, by using Koha::Items->filter_by_visible_in_opac. To test: 1. Apply this patches 2. Run: $ kshell k$ prove t/db_dependent/api/v1/biblios.t => SUCCESS: Test pass and they cover all the cases! 3. Try your favourite REST tool against the new route. 4. Sign off :-D Signed-off-by: Martin Renvoize Signed-off-by: Marcel de Rooy Signed-off-by: Jonathan Druart --- Koha/Item.pm | 18 ++++++ Koha/REST/V1/Biblios.pm | 37 ++++++++++++ api/v1/swagger/paths.json | 3 + api/v1/swagger/paths/biblios.json | 93 +++++++++++++++++++++++++++++++ 4 files changed, 151 insertions(+) diff --git a/Koha/Item.pm b/Koha/Item.pm index 86d82f8637..b5dd6f28db 100644 --- a/Koha/Item.pm +++ b/Koha/Item.pm @@ -1219,6 +1219,24 @@ sub _set_found_trigger { return $self; } +=head3 public_read_list + +This method returns the list of publicly readable database fields for both API and UI output purposes + +=cut + +sub public_read_list { + return [ + 'itemnumber', 'biblionumber', 'homebranch', + 'holdingbranch', 'location', 'collectioncode', + 'itemcallnumber', 'copynumber', 'enumchron', + 'barcode', 'dateaccessioned', 'itemnotes', + 'onloan', 'uri', 'itype', + 'notforloan', 'damaged', 'itemlost', + 'withdrawn', 'restricted' + ]; +} + =head3 to_api_mapping This method returns the mapping for representing a Koha::Item object diff --git a/Koha/REST/V1/Biblios.pm b/Koha/REST/V1/Biblios.pm index 3ddb896e73..1ac6ccdcfe 100644 --- a/Koha/REST/V1/Biblios.pm +++ b/Koha/REST/V1/Biblios.pm @@ -340,4 +340,41 @@ sub pickup_locations { }; } +=head3 get_items_public + +Controller function that handles retrieving biblio's items, for unprivileged +access. + +=cut + +sub get_items_public { + my $c = shift->openapi->valid_input or return; + + my $biblio = Koha::Biblios->find( { biblionumber => $c->validation->param('biblio_id') }, { prefetch => ['items'] } ); + + unless ( $biblio ) { + return $c->render( + status => 404, + openapi => { + error => "Object not found." + } + ); + } + + return try { + + my $patron = $c->stash('koha.user'); + + my $items_rs = $biblio->items->filter_by_visible_in_opac({ patron => $patron }); + my $items = $c->objects->search( $items_rs ); + return $c->render( + status => 200, + openapi => $items + ); + } + catch { + $c->unhandled_exception($_); + }; +} + 1; diff --git a/api/v1/swagger/paths.json b/api/v1/swagger/paths.json index e17dbcca80..77b4c8b810 100644 --- a/api/v1/swagger/paths.json +++ b/api/v1/swagger/paths.json @@ -164,6 +164,9 @@ "/public/biblios/{biblio_id}": { "$ref": "paths/biblios.json#/~1public~1biblios~1{biblio_id}" }, + "/public/biblios/{biblio_id}/items": { + "$ref": "paths/biblios.json#/~1public~1biblios~1{biblio_id}~1items" + }, "/public/libraries": { "$ref": "paths/libraries.json#/~1public~1libraries" }, diff --git a/api/v1/swagger/paths/biblios.json b/api/v1/swagger/paths/biblios.json index f1b494ddb1..03ef619393 100644 --- a/api/v1/swagger/paths/biblios.json +++ b/api/v1/swagger/paths/biblios.json @@ -396,5 +396,98 @@ } } } + }, + "/public/biblios/{biblio_id}/items": { + "get": { + "x-mojo-to": "Biblios#get_items_public", + "operationId": "getBiblioItemsPublic", + "tags": [ + "biblios", + "items" + ], + "parameters": [ + { + "$ref": "../parameters.json#/biblio_id_pp" + }, + { + "$ref": "../parameters.json#/match" + }, + { + "$ref": "../parameters.json#/order_by" + }, + { + "$ref": "../parameters.json#/page" + }, + { + "$ref": "../parameters.json#/per_page" + }, + { + "$ref": "../parameters.json#/q_param" + }, + { + "$ref": "../parameters.json#/q_body" + }, + { + "$ref": "../parameters.json#/q_header" + } + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "A list of the items attached to the record", + "schema": { + "type": "array", + "items": { + "$ref": "../definitions.json#/item" + } + } + }, + "401": { + "description": "Authentication required", + "schema": { + "$ref": "../definitions.json#/error" + } + }, + "403": { + "description": "Access forbidden", + "schema": { + "$ref": "../definitions.json#/error" + } + }, + "404": { + "description": "Biblio not found", + "schema": { + "$ref": "../definitions.json#/error" + } + }, + "406": { + "description": "Not acceptable", + "schema": { + "type": "array", + "description": "Accepted content-types", + "items": { + "type": "string" + } + } + }, + "500": { + "description": "Internal server error", + "schema": { + "$ref": "../definitions.json#/error" + } + }, + "503": { + "description": "Under maintenance", + "schema": { + "$ref": "../definitions.json#/error" + } + } + } + } } } -- 2.39.5