projects / koha.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Bug 22206: (follow-up) Voted RFC changes
[koha.git] / t / db_dependent / api / v1 / holds.t
diff --git a/t/db_dependent/api/v1/holds.t b/t/db_dependent/api/v1/holds.t
index c7ec7f8..1374a7b 100644 (file)
--- a/t/db_dependent/api/v1/holds.t
+++ b/t/db_dependent/api/v1/holds.t
@@ -17,25 +17,32 @@
 
 use Modern::Perl;
 
-use Test::More tests => 4;
+use Test::More tests => 5;
 use Test::Mojo;
 use t::lib::TestBuilder;
+use t::lib::Mocks;
 
 use DateTime;
 
 use C4::Context;
+use Koha::Patrons;
 use C4::Reserves;
+use C4::Items;
 
 use Koha::Database;
+use Koha::DateUtils;
 use Koha::Biblios;
+use Koha::Biblioitems;
 use Koha::Items;
-use Koha::Patrons;
 
+my $schema  = Koha::Database->new->schema;
 my $builder = t::lib::TestBuilder->new();
 
-my $dbh = C4::Context->dbh;
-$dbh->{AutoCommit} = 0;
-$dbh->{RaiseError} = 1;
+$schema->storage->txn_begin;
+
+# FIXME: sessionStorage defaults to mysql, but it seems to break transaction handling
+# this affects the other REST api tests
+t::lib::Mocks::mock_preference( 'SessionStorage', 'tmp' );
 
 $ENV{REMOTE_ADDR} = '127.0.0.1';
 my $t = Test::Mojo->new('Koha::REST::V1');
@@ -43,6 +50,7 @@ my $tx;
 
 my $categorycode = $builder->build({ source => 'Category' })->{categorycode};
 my $branchcode = $builder->build({ source => 'Branch' })->{branchcode};
+my $itemtype = $builder->build({ source => 'Itemtype' })->{itemtype};
 
 # User without any permissions
 my $nopermission = $builder->build({
@@ -60,59 +68,73 @@ $session_nopermission->param('ip', '127.0.0.1');
 $session_nopermission->param('lasttime', time());
 $session_nopermission->flush;
 
-my $borrower = Koha::Patron->new;
-$borrower->categorycode( $categorycode );
-$borrower->branchcode( $branchcode );
-$borrower->surname("Test Surname");
-$borrower->flags(80); #borrowers and reserveforothers flags
-$borrower->userid($nopermission->{ userid }."z");
-$borrower->store;
-my $borrowernumber = $borrower->borrowernumber;
-
-my $borrower2 = Koha::Patron->new;
-$borrower2->categorycode( $categorycode );
-$borrower2->branchcode( $branchcode );
-$borrower2->surname("Test Surname 2");
-$borrower2->userid($nopermission->{ userid }."x");
-$borrower2->flags(16); # borrowers flag
-$borrower2->store;
-my $borrowernumber2 = $borrower2->borrowernumber;
-
-my $borrower3 = Koha::Patron->new;
-$borrower3->categorycode( $categorycode );
-$borrower3->branchcode( $branchcode );
-$borrower3->surname("Test Surname 2");
-$borrower3->userid($nopermission->{ userid }."y");
-$borrower3->flags(64); # reserveforothers flag
-$borrower3->store;
-my $borrowernumber3 = $borrower3->borrowernumber;
+my $patron_1 = $builder->build_object(
+    {
+        class => 'Koha::Patrons',
+        value => {
+            categorycode => $categorycode,
+            branchcode   => $branchcode,
+            surname      => 'Test Surname',
+            flags        => 80, #borrowers and reserveforothers flags
+        }
+    }
+);
+
+my $patron_2 = $builder->build_object(
+    {
+        class => 'Koha::Patrons',
+        value => {
+            categorycode => $categorycode,
+            branchcode   => $branchcode,
+            surname      => 'Test Surname 2',
+            flags        => 16, # borrowers flag
+        }
+    }
+);
+
+my $patron_3 = $builder->build_object(
+    {
+        class => 'Koha::Patrons',
+        value => {
+            categorycode => $categorycode,
+            branchcode   => $branchcode,
+            surname      => 'Test Surname 3',
+            flags        => 64, # reserveforothers flag
+        }
+    }
+);
 
 # Get sessions
 my $session = C4::Auth::get_session('');
-$session->param('number', $borrower->borrowernumber);
-$session->param('id', $borrower->userid);
+$session->param('number', $patron_1->borrowernumber);
+$session->param('id', $patron_1->userid);
 $session->param('ip', '127.0.0.1');
 $session->param('lasttime', time());
 $session->flush;
 my $session2 = C4::Auth::get_session('');
-$session2->param('number', $borrower2->borrowernumber);
-$session2->param('id', $borrower2->userid);
+$session2->param('number', $patron_2->borrowernumber);
+$session2->param('id', $patron_2->userid);
 $session2->param('ip', '127.0.0.1');
 $session2->param('lasttime', time());
 $session2->flush;
 my $session3 = C4::Auth::get_session('');
-$session3->param('number', $borrower3->borrowernumber);
-$session3->param('id', $borrower3->userid);
+$session3->param('number', $patron_3->borrowernumber);
+$session3->param('id', $patron_3->userid);
 $session3->param('ip', '127.0.0.1');
 $session3->param('lasttime', time());
 $session3->flush;
 
 my $biblionumber = create_biblio('RESTful Web APIs');
-my $itemnumber = create_item($biblionumber, 'TEST000001');
+my $item = create_item($biblionumber, 'TEST000001');
+my $itemnumber = $item->{itemnumber};
+$item->{itype} = $itemtype;
+C4::Items::ModItem($item, $biblionumber, $itemnumber);
 
 my $biblionumber2 = create_biblio('RESTful Web APIs');
-my $itemnumber2 = create_item($biblionumber2, 'TEST000002');
+my $item2 = create_item($biblionumber2, 'TEST000002');
+my $itemnumber2 = $item2->{itemnumber};
 
+my $dbh = C4::Context->dbh;
 $dbh->do('DELETE FROM reserves');
 $dbh->do('DELETE FROM issuingrules');
     $dbh->do(q{
@@ -120,26 +142,27 @@ $dbh->do('DELETE FROM issuingrules');
         VALUES (?, ?, ?, ?)
     }, {}, '*', '*', '*', 1);
 
-my $reserve_id = C4::Reserves::AddReserve($branchcode, $borrowernumber,
+my $reserve_id = C4::Reserves::AddReserve($branchcode, $patron_1->borrowernumber,
     $biblionumber, undef, 1, undef, undef, undef, '', $itemnumber);
 
 # Add another reserve to be able to change first reserve's rank
-my $reserve_id2 = C4::Reserves::AddReserve($branchcode, $borrowernumber2,
+my $reserve_id2 = C4::Reserves::AddReserve($branchcode, $patron_2->borrowernumber,
     $biblionumber, undef, 2, undef, undef, undef, '', $itemnumber);
 
-my $suspend_until = DateTime->now->add(days => 10)->ymd;
-my $expirationdate = DateTime->now->add(days => 10)->ymd;
+my $suspended_until = DateTime->now->add(days => 10)->truncate( to => 'day' );
+my $expiration_date = DateTime->now->add(days => 10)->truncate( to => 'day' );
 
 my $post_data = {
-    borrowernumber => int($borrowernumber),
-    biblionumber => int($biblionumber),
-    itemnumber => int($itemnumber),
-    branchcode => $branchcode,
-    expirationdate => $expirationdate,
+    patron_id => int($patron_1->borrowernumber),
+    biblio_id => int($biblionumber),
+    item_id => int($itemnumber),
+    pickup_library_id => $branchcode,
+    expiration_date => output_pref({ dt => $expiration_date, dateformat => 'rfc3339', dateonly => 1 }),
+    priority => 2,
 };
 my $put_data = {
     priority => 2,
-    suspend_until => $suspend_until,
+    suspended_until => output_pref({ dt => $suspended_until, dateformat => 'rfc3339' }),
 };
 
 subtest "Test endpoints without authentication" => sub {
@@ -158,11 +181,11 @@ subtest "Test endpoints without authentication" => sub {
 subtest "Test endpoints without permission" => sub {
     plan tests => 10;
 
-    $tx = $t->ua->build_tx(GET => "/api/v1/holds?borrowernumber=$borrowernumber");
+    $tx = $t->ua->build_tx(GET => "/api/v1/holds?patron_id=" . $patron_1->borrowernumber);
     $tx->req->cookies({name => 'CGISESSID', value => $session_nopermission->id});
     $t->request_ok($tx) # no permission
       ->status_is(403);
-    $tx = $t->ua->build_tx(GET => "/api/v1/holds?borrowernumber=$borrowernumber");
+    $tx = $t->ua->build_tx(GET => "/api/v1/holds?patron_id=" . $patron_1->borrowernumber);
     $tx->req->cookies({name => 'CGISESSID', value => $session3->id});
     $t->request_ok($tx) # reserveforothers permission
       ->status_is(403);
@@ -179,40 +202,10 @@ subtest "Test endpoints without permission" => sub {
     $t->request_ok($tx) # no permission
       ->status_is(403);
 };
-subtest "Test endpoints without permission, but accessing own object" => sub {
-    plan tests => 15;
-
-    my $borrno_tmp = $post_data->{'borrowernumber'};
-    $post_data->{'borrowernumber'} = int $nopermission->{'borrowernumber'};
-    $tx = $t->ua->build_tx(POST => "/api/v1/holds" => json => $post_data);
-    $tx->req->cookies({name => 'CGISESSID', value => $session_nopermission->id});
-    $t->request_ok($tx) # create hold to myself
-      ->status_is(201)
-      ->json_has('/reserve_id');
-
-    $post_data->{'borrowernumber'} = $borrno_tmp;
-    $tx = $t->ua->build_tx(GET => "/api/v1/holds?borrowernumber=".$nopermission-> { borrowernumber });
-    $tx->req->cookies({name => 'CGISESSID', value => $session_nopermission->id});
-    $t->request_ok($tx) # get my own holds
-      ->status_is(200)
-      ->json_is('/0/borrowernumber', $nopermission->{ borrowernumber })
-      ->json_is('/0/biblionumber', $biblionumber)
-      ->json_is('/0/itemnumber', $itemnumber)
-      ->json_is('/0/expirationdate', $expirationdate)
-      ->json_is('/0/branchcode', $branchcode);
-
-    my $reserve_id3 = Koha::Holds->find({ borrowernumber => $nopermission->{borrowernumber} })->reserve_id;
-    $tx = $t->ua->build_tx(PUT => "/api/v1/holds/$reserve_id3" => json => $put_data);
-    $tx->req->cookies({name => 'CGISESSID', value => $session_nopermission->id});
-    $t->request_ok($tx) # create hold to myself
-      ->status_is(200)
-      ->json_is('/reserve_id', $reserve_id3)
-      ->json_is('/suspend_until', $suspend_until . ' 00:00:00')
-      ->json_is('/priority', 2);
-};
 
 subtest "Test endpoints with permission" => sub {
-    plan tests => 45;
+
+    plan tests => 44;
 
     $tx = $t->ua->build_tx(GET => '/api/v1/holds');
     $tx->req->cookies({name => 'CGISESSID', value => $session->id});
@@ -220,23 +213,22 @@ subtest "Test endpoints with permission" => sub {
       ->status_is(200)
       ->json_has('/0')
       ->json_has('/1')
-      ->json_has('/2')
-      ->json_hasnt('/3');
+      ->json_hasnt('/2');
 
     $tx = $t->ua->build_tx(GET => '/api/v1/holds?priority=2');
     $tx->req->cookies({name => 'CGISESSID', value => $session->id});
     $t->request_ok($tx)
       ->status_is(200)
-      ->json_is('/0/borrowernumber', $nopermission->{borrowernumber})
+      ->json_is('/0/patron_id', $patron_2->borrowernumber)
       ->json_hasnt('/1');
 
     $tx = $t->ua->build_tx(PUT => "/api/v1/holds/$reserve_id" => json => $put_data);
     $tx->req->cookies({name => 'CGISESSID', value => $session3->id});
     $t->request_ok($tx)
       ->status_is(200)
-      ->json_is('/reserve_id', $reserve_id)
-      ->json_is('/suspend_until', $suspend_until . ' 00:00:00')
-      ->json_is('/priority', 2);
+      ->json_is( '/hold_id', $reserve_id )
+      ->json_is( '/suspended_until', output_pref({ dt => $suspended_until, dateformat => 'rfc3339' }) )
+      ->json_is( '/priority', 2 );
 
     $tx = $t->ua->build_tx(DELETE => "/api/v1/holds/$reserve_id");
     $tx->req->cookies({name => 'CGISESSID', value => $session3->id});
@@ -255,14 +247,14 @@ subtest "Test endpoints with permission" => sub {
       ->status_is(404)
       ->json_has('/error');
 
-    $tx = $t->ua->build_tx(GET => "/api/v1/holds?borrowernumber=".$borrower->borrowernumber);
+    $tx = $t->ua->build_tx(GET => "/api/v1/holds?patron_id=" . $patron_1->borrowernumber);
     $tx->req->cookies({name => 'CGISESSID', value => $session2->id}); # get with borrowers flag
     $t->request_ok($tx)
       ->status_is(200)
       ->json_is([]);
 
-    my $inexisting_borrowernumber = $borrowernumber2*2;
-    $tx = $t->ua->build_tx(GET => "/api/v1/holds?borrowernumber=$inexisting_borrowernumber");
+    my $inexisting_borrowernumber = $patron_2->borrowernumber * 2;
+    $tx = $t->ua->build_tx(GET => "/api/v1/holds?patron_id=$inexisting_borrowernumber");
     $tx->req->cookies({name => 'CGISESSID', value => $session->id});
     $t->request_ok($tx)
       ->status_is(200)
@@ -277,16 +269,16 @@ subtest "Test endpoints with permission" => sub {
     $tx->req->cookies({name => 'CGISESSID', value => $session3->id});
     $t->request_ok($tx)
       ->status_is(201)
-      ->json_has('/reserve_id');
-    $reserve_id = $t->tx->res->json->{reserve_id};
+      ->json_has('/hold_id');
+    $reserve_id = $t->tx->res->json->{hold_id};
 
-    $tx = $t->ua->build_tx(GET => "/api/v1/holds?borrowernumber=$borrowernumber");
+    $tx = $t->ua->build_tx(GET => "/api/v1/holds?patron_id=" . $patron_1->borrowernumber);
     $tx->req->cookies({name => 'CGISESSID', value => $session->id});
     $t->request_ok($tx)
       ->status_is(200)
-      ->json_is('/0/reserve_id', $reserve_id)
-      ->json_is('/0/expirationdate', $expirationdate)
-      ->json_is('/0/branchcode', $branchcode);
+      ->json_is('/0/hold_id', $reserve_id)
+      ->json_is('/0/expiration_date', output_pref({ dt => $expiration_date, dateformat => 'rfc3339', dateonly => 1 }))
+      ->json_is('/0/pickup_library_id', $branchcode);
 
     $tx = $t->ua->build_tx(POST => "/api/v1/holds" => json => $post_data);
     $tx->req->cookies({name => 'CGISESSID', value => $session3->id});
@@ -300,16 +292,124 @@ subtest "Test endpoints with permission" => sub {
     $tx->req->cookies({name => 'CGISESSID', value => $session3->id});
     $t->request_ok($tx)
       ->status_is(403)
-      ->json_like('/error', qr/tooManyReserves/);
+      ->json_like('/error', qr/itemAlreadyOnHold/);
+};
+
+subtest 'Reserves with itemtype' => sub {
+    plan tests => 9;
+
+    my $post_data = {
+        patron_id => int($patron_1->borrowernumber),
+        biblio_id => int($biblionumber),
+        pickup_library_id => $branchcode,
+        item_type => $itemtype,
+    };
+
+    $tx = $t->ua->build_tx(DELETE => "/api/v1/holds/$reserve_id");
+    $tx->req->cookies({name => 'CGISESSID', value => $session3->id});
+    $t->request_ok($tx)
+      ->status_is(200);
+
+    $tx = $t->ua->build_tx(POST => "/api/v1/holds" => json => $post_data);
+    $tx->req->cookies({name => 'CGISESSID', value => $session3->id});
+    $t->request_ok($tx)
+      ->status_is(201)
+      ->json_has('/hold_id');
+
+    $reserve_id = $t->tx->res->json->{hold_id};
+
+    $tx = $t->ua->build_tx(GET => "/api/v1/holds?patron_id=" . $patron_1->borrowernumber);
+    $tx->req->cookies({name => 'CGISESSID', value => $session->id});
+    $t->request_ok($tx)
+      ->status_is(200)
+      ->json_is('/0/hold_id', $reserve_id)
+      ->json_is('/0/item_type', $itemtype);
 };
 
+$schema->storage->txn_rollback;
+
+subtest 'suspend and resume tests' => sub {
+
+    plan tests => 21;
+
+    $schema->storage->txn_begin;
+
+    my $password = 'AbcdEFG123';
+
+    my $patron = $builder->build_object(
+        { class => 'Koha::Patrons', value => { userid => 'tomasito', flags => 1 } } );
+    $patron->set_password({ password => $password, skip_validation => 1 });
+    my $userid = $patron->userid;
+
+    # Disable logging
+    t::lib::Mocks::mock_preference( 'HoldsLog',      0 );
+    t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
 
-$dbh->rollback;
+    my $hold = $builder->build_object(
+        {   class => 'Koha::Holds',
+            value => { suspend => 0, suspend_until => undef, waitingdate => undef }
+        }
+    );
+
+    ok( !$hold->is_suspended, 'Hold is not suspended' );
+    $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
+        ->status_is( 201, 'Hold suspension created' );
+
+    $hold->discard_changes;    # refresh object
+
+    ok( $hold->is_suspended, 'Hold is suspended' );
+    $t->json_is(
+        '/end_date',
+        output_pref(
+            {   dt         => dt_from_string( $hold->suspend_until ),
+                dateformat => 'rfc3339',
+                dateonly   => 1
+            }
+        )
+    );
+
+    $t->delete_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
+      ->status_is( 204, "Correct status when deleting a resource" )
+      ->json_is( undef );
+
+    # Pass a an expiration date for the suspension
+    my $date = dt_from_string()->add( days => 5 );
+    $t->post_ok(
+              "//$userid:$password@/api/v1/holds/"
+            . $hold->id
+            . "/suspension" => json => {
+            end_date =>
+                output_pref( { dt => $date, dateformat => 'rfc3339', dateonly => 1 } )
+            }
+    )->status_is( 201, 'Hold suspension created' )
+        ->json_is( '/end_date',
+        output_pref( { dt => $date, dateformat => 'rfc3339', dateonly => 1 } ) )
+        ->header_is( Location => "/api/v1/holds/" . $hold->id . "/suspension", 'The Location header is set' );
+
+    $t->delete_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
+      ->status_is( 204, "Correct status when deleting a resource" )
+      ->json_is( undef );
+
+    $hold->set_waiting->discard_changes;
+
+    $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
+      ->status_is( 400, 'Cannot suspend waiting hold' )
+      ->json_is( '/error', 'Found hold cannot be suspended. Status=W' );
+
+    $hold->set_waiting(1)->discard_changes;
+
+    $t->post_ok( "//$userid:$password@/api/v1/holds/" . $hold->id . "/suspension" )
+      ->status_is( 400, 'Cannot suspend waiting hold' )
+      ->json_is( '/error', 'Found hold cannot be suspended. Status=T' );
+
+    $schema->storage->txn_rollback;
+};
 
 sub create_biblio {
     my ($title) = @_;
 
     my $biblio = Koha::Biblio->new( { title => $title } )->store;
+    my $biblioitem = Koha::Biblioitem->new({biblionumber => $biblio->biblionumber})->store;
 
     return $biblio->biblionumber;
 }
@@ -329,5 +429,5 @@ sub create_item {
         }
     );
 
-    return $item->{itemnumber};
+    return $item;
 }
Koha ILS @ FFZG - based on git://git.koha.org/pub/scm/koha.git