#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA 02111-1307 USA
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
-use strict;
-use warnings;
+use Modern::Perl;
use C4::ILSDI::Services;
-use C4::Auth;
-use C4::Output;
+use C4::Auth qw( get_template_and_user );
+use C4::Output qw( output_html_with_http_headers );
use C4::Context;
-use XML::Simple;
-use CGI;
+
+use List::MoreUtils qw( any );
+use XML::Simple qw( XMLout );
+use CGI qw ( -utf8 );
+use Net::Netmask;
=head1 DLF ILS-DI for Koha
This script is a basic implementation of ILS-DI protocol for Koha.
It acts like a dispatcher, that get the CGI request, check required and
-optionals arguments, call a function from C4::ILS-DI::Services, and finaly
+optionals arguments, call a function from C4::ILS-DI, and finally
outputs the returned hashref as XML.
=cut
# Instanciate the CGI request
-my $cgi = new CGI;
+my $cgi = CGI->new;
# List of available services, sorted by level
my @services = (
# Level 1: Basic Discovery Interfaces
# 'HarvestBibliographicRecords', # OAI-PMH
# 'HarvestExpandedRecords', # OAI-PMH
- 'GetAvailability', # FIXME Add bibbliographic level
+ 'GetAvailability', # FIXME Add bibliographic level
# 'GoToBibliographicRequestPage' # I don't understant this one
# Level 2: Elementary OPAC supplement
# List of optional arguments
my %optional = (
'Describe' => [],
- 'GetAvailability' => [ 'return_type', 'return_fmt' ],
+ 'GetAvailability' => [ 'return_type', 'return_fmt', 'language' ],
'GetRecords' => ['schema'],
'GetAuthorityRecords' => ['schema'],
'LookupPatron' => ['id_type'],
'AuthenticatePatron' => [],
- 'GetPatronInfo' => [ 'show_contact', 'show_fines', 'show_holds', 'show_loans' ],
+ 'GetPatronInfo' => [ 'show_contact', 'show_fines', 'show_holds', 'show_loans', 'loans_per_page', 'loans_page', 'show_attributes' ],
'GetPatronStatus' => [],
'GetServices' => [],
'RenewLoan' => ['desired_due_date'],
- 'HoldTitle' => [ 'pickup_location', 'needed_before_date', 'pickup_expiry_date' ],
- 'HoldItem' => [ 'pickup_location', 'needed_before_date', 'pickup_expiry_date' ],
+ 'HoldTitle' => [ 'pickup_location', 'start_date', 'expiry_date' ],
+ 'HoldItem' => [ 'pickup_location', 'start_date', 'expiry_date' ],
'CancelHold' => [],
);
-# If ILS-DI module is disabled in System->Preferences, redirect to 404
-if ( not C4::Context->preference('ILS-DI') ) {
- print $cgi->redirect("/cgi-bin/koha/errors/404.pl");
-}
-
# If no service is requested, display the online documentation
-if ( not $cgi->param('service') ) {
+unless ( $cgi->param('service') ) {
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
- { template_name => "ilsdi.tmpl",
+ { template_name => "ilsdi.tt",
query => $cgi,
type => "opac",
authnotrequired => 1,
- debug => 1,
}
);
output_html_with_http_headers $cgi, $cookie, $template->output;
exit 0;
}
+# Set the userenv
+C4::Context->_new_userenv( 'ILSDI_'.time() );
+C4::Context->set_userenv(
+ undef, undef, undef, 'ILSDI', 'ILSDI',
+ undef, undef, undef, undef, undef,
+);
+C4::Context->interface('opac');
+
# If user requested a service description, then display it
-if ( $cgi->param('service') eq "Describe" and grep { $cgi->param('verb') eq $_ } @services ) {
+if ( scalar $cgi->param('service') eq "Describe" and any { scalar $cgi->param('verb') eq $_ } @services ) {
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
- { template_name => "ilsdi.tmpl",
+ { template_name => "ilsdi.tt",
query => $cgi,
type => "opac",
authnotrequired => 1,
- debug => 1,
}
);
- $template->param( $cgi->param('verb') => 1 );
+ $template->param( scalar $cgi->param('verb') => 1 );
output_html_with_http_headers $cgi, $cookie, $template->output;
exit 0;
}
-my $service = $cgi->param('service') || "ilsdi";
+# any output after this point will be UTF-8 XML
+binmode STDOUT, ':encoding(UTF-8)';
+print CGI::header('-type'=>'text/xml', '-charset'=>'utf-8');
my $out;
+# If ILS-DI module is disabled in System->Preferences, redirect to 404
+unless ( C4::Context->preference('ILS-DI') ) {
+ $out->{'code'} = "NotAllowed";
+ $out->{'message'} = "ILS-DI is disabled.";
+}
+
+# If the remote address is not allowed, redirect to 403
+my @AuthorizedIPs = split( /,/, C4::Context->preference('ILS-DI:AuthorizedIPs') );
+if (@AuthorizedIPs) { # If no filter set, allow access to everybody
+ my $authorized = 0;
+ foreach my $ip (@AuthorizedIPs) {
+ my $netmask = Net::Netmask->new2($ip);
+ if ( $netmask && $netmask->match( $ENV{REMOTE_ADDR} ) ) {
+ $authorized = 1;
+ last;
+ }
+ }
+ unless ($authorized) {
+ $out->{'code'} = "NotAllowed";
+ $out->{'message'} = "Unauthorized IP address: $ENV{REMOTE_ADDR}.";
+ }
+}
+
+my $service = $cgi->param('service') || "ilsdi";
+
# Check if the requested service is in the list
-if ( $service and grep { $service eq $_ } @services ) {
+if ( $service and any { $service eq $_ } @services ) {
my @parmsrequired = @{ $required{$service} };
my @parmsoptional = @{ $optional{$service} };
my @parmsall = ( @parmsrequired, @parmsoptional );
- my @names = $cgi->param;
- my %paramhash = ();
- foreach my $name (@names) {
- $paramhash{$name} = 1;
- }
+ my @names = $cgi->multi_param;
+ my %paramhash;
+ $paramhash{$_} = 1 for @names;
# check for missing parameters
- foreach my $name (@parmsrequired) {
- if ( ( !exists $paramhash{$name} ) ) {
- $out->{'message'} = "missing $name parameter";
+ for ( @parmsrequired ) {
+ unless ( exists $paramhash{$_} ) {
+ $out->{'code'} = "MissingParameter";
+ $out->{'message'} = "The required parameter ".$_." is missing.";
}
}
# check for illegal parameters
- foreach my $name (@names) {
+ for my $name ( @names ) {
my $found = 0;
- foreach my $name2 (@parmsall) {
+ for my $name2 (@parmsall) {
if ( $name eq $name2 ) {
$found = 1;
}
}
- if ( ( $found == 0 ) && ( $name ne 'service' ) ) {
- $out->{'message'} = "$name is an illegal parameter";
+ if ( $found == 0 && $name ne 'service' ) {
+ $out->{'code'} = "IllegalParameter";
+ $out->{'message'} = "The parameter ".$name." is illegal.";
}
}
# check for multiple parameters
- foreach my $name (@names) {
- my @values = $cgi->param($name);
+ for ( @names ) {
+ my @values = $cgi->multi_param($_);
if ( $#values != 0 ) {
- $out->{'message'} = "multiple values are not allowed for the $name parameter";
+ $out->{'code'} = "MultipleValuesNotAllowed";
+ $out->{'message'} = "Multiple values not allowed for the parameter ".$_.".";
}
}
# GetAvailability is a special case, as it cannot use XML::Simple
if ( $service eq "GetAvailability" ) {
- print CGI::header('text/xml');
print C4::ILSDI::Services::GetAvailability($cgi);
exit 0;
} else {
# Variable functions
my $sub = do {
- no strict 'refs';
+# no strict 'refs';
my $symbol = 'C4::ILSDI::Services::' . $service;
\&{"$symbol"};
};
}
# Output XML by passing the hashref to XMLOut
-print CGI::header('text/xml');
print XMLout(
$out,
noattr => 1,
- noescape => 1,
nosort => 1,
- xmldecl => '<?xml version="1.0" encoding="ISO-8859-1" ?>',
+ xmldecl => '<?xml version="1.0" encoding="UTF-8" ?>',
RootName => $service,
SuppressEmpty => 1
);
+exit 0;