Bug 10667: Allow authentication with cardnumber for ILS-DI

Test authentication via ILS-DI:
- with userid and password
- with userid and wrong password
- with cardnumber and password
- with cardnumber and wrong password
...

Before the patch only userid will authenticate the patron.
After the patch was applied, userid and cardnumber will work.

To test:
- Run t/db_dependent/ILSDI_Services.t - all tests should pass.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
No koha-qa errors

Test:
Enable ISL-DI
access opac with /cgi-bin/koha/ilsdi.pl?service=AuthenticatePatron&username=XXX&password=YYY
With userid/cardnumber & password returns borrowernumber
With userid/cardnumber & wrong password returns PatronNotFound
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>

diff --git a/C4/ILSDI/Services.pm b/C4/ILSDI/Services.pm
index eff483d..7941a70 100644 (file)
--- a/C4/ILSDI/Services.pm
+++ b/C4/ILSDI/Services.pm
@@ -313,28 +313,24 @@ the patron.
 Parameters:
 
   - username (Required)
-       user's login identifier
+    user's login identifier (userid or cardnumber)
   - password (Required)
-       user's password
+    user's password
 
 =cut
 
 sub AuthenticatePatron {
     my ($cgi) = @_;
-
-    # Check if borrower exists, using a C4::Auth function...
-    unless( C4::Auth::checkpw( C4::Context->dbh, $cgi->param('username'), $cgi->param('password') ) ) {
+    my ($status, $cardnumber, $userid) = C4::Auth::checkpw( C4::Context->dbh, $cgi->param('username'), $cgi->param('password') );
+    if ( $status ) {
+        # Get the borrower
+        my $borrower = GetMember( cardnumber => $cardnumber );
+        my $patron->{'id'} = $borrower->{'borrowernumber'};
+        return $patron;
+    }
+    else {
         return { code => 'PatronNotFound' };
     }
-
-    # Get the borrower
-    my $borrower = GetMember( userid => $cgi->param('username') );
-
-    # Build the hashref
-    my $patron->{'id'} = $borrower->{'borrowernumber'};
-
-    # ... and return his ID
-    return $patron;
 }
 
 =head2 GetPatronInfo

diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/ilsdi.tt b/koha-tmpl/opac-tmpl/prog/en/modules/ilsdi.tt
index 6ebfaeb..a727b29 100644 (file)
--- a/koha-tmpl/opac-tmpl/prog/en/modules/ilsdi.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/ilsdi.tt
@@ -388,7 +388,7 @@
                 <h4>Parameters</h4>
                 <dl>
                     <dt><strong>username</strong> (Required)</dt>
-                    <dd>user's login identifier</dd>
+                    <dd>user's login identifier (userid or cardnumber)</dd>
                     <dt><strong>password</strong> (Required)</dt>
                     <dd>user's password</dd>
                 </dl>

diff --git a/t/db_dependent/ILSDI_Services.t b/t/db_dependent/ILSDI_Services.t
index 2e4f933..9b68604 100644 (file)
--- a/t/db_dependent/ILSDI_Services.t
+++ b/t/db_dependent/ILSDI_Services.t
@@ -72,7 +72,6 @@ my $borrower = GetMember( borrowernumber => $borrowernumber );
     is($reply->{'id'}, $borrowernumber, "userid is not case sensitive - Patron authenticated");
     is($reply->{'code'}, undef, "Error code undef");
 
-TODO: { local: $TODO = "Can't use cardnumber for authentication with ILS-DI yet.";
     $query->param('username',$borrower->{'cardnumber'});
     $reply = C4::ILSDI::Services::AuthenticatePatron($query);
     is($reply->{'id'}, $borrowernumber, "cardnumber and password - Patron authenticated");
@@ -88,6 +87,6 @@ TODO: { local: $TODO = "Can't use cardnumber for authentication with ILS-DI yet.
     $reply = C4::ILSDI::Services::AuthenticatePatron($query);
     is($reply->{'code'}, 'PatronNotFound', "non-existing cardnumer/userid - PatronNotFound");
     is($reply->{'id'}, undef, "id undef");
-    }
 
 }
+