# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
use Modern::Perl;
-use Test::More tests => 54;
+use Test::More tests => 99;
use Test::MockModule;
use Test::Mojo;
use t::lib::Mocks;
use t::lib::TestBuilder;
use DateTime;
-use MARC::Record;
use C4::Context;
-use C4::Biblio;
-use C4::Circulation;
-use C4::Items;
+use C4::Circulation qw( AddIssue AddReturn );
use Koha::Database;
-use Koha::DateUtils;
-use Koha::Patron;
+use Koha::DateUtils qw( dt_from_string output_pref );
my $schema = Koha::Database->schema;
my $builder = t::lib::TestBuilder->new;
-$schema->storage->txn_begin;
-
-t::lib::Mocks::mock_preference( 'SessionStorage', 'tmp' );
-
-$ENV{REMOTE_ADDR} = '127.0.0.1';
+t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
my $t = Test::Mojo->new('Koha::REST::V1');
-my $tx;
+
+$schema->storage->txn_begin;
my $dbh = C4::Context->dbh;
-$dbh->do('DELETE FROM issues');
-$dbh->do('DELETE FROM items');
-$dbh->do('DELETE FROM issuingrules');
-my $loggedinuser = $builder->build({ source => 'Borrower' });
-
-$dbh->do(q{
- INSERT INTO user_permissions (borrowernumber, module_bit, code)
- VALUES (?, 1, 'circulate_remaining_permissions')
-}, undef, $loggedinuser->{borrowernumber});
-
-my $session = C4::Auth::get_session('');
-$session->param('number', $loggedinuser->{ borrowernumber });
-$session->param('id', $loggedinuser->{ userid });
-$session->param('ip', '127.0.0.1');
-$session->param('lasttime', time());
-$session->flush;
-
-my $patron = $builder->build({ source => 'Borrower', value => { flags => 0 } });
-my $borrowernumber = $patron->{borrowernumber};
-my $patron_session = C4::Auth::get_session('');
-$patron_session->param('number', $borrowernumber);
-$patron_session->param('id', $patron->{ userid });
-$patron_session->param('ip', '127.0.0.1');
-$patron_session->param('lasttime', time());
-$patron_session->flush;
+my $librarian = $builder->build_object({
+ class => 'Koha::Patrons',
+ value => { flags => 2 }
+});
+my $password = 'thePassword123';
+$librarian->set_password({ password => $password, skip_validation => 1 });
+my $userid = $librarian->userid;
+
+my $patron = $builder->build_object({
+ class => 'Koha::Patrons',
+ value => { flags => 0 }
+});
+my $unauth_password = 'thePassword000';
+$patron->set_password({ password => $unauth_password, skip_validattion => 1 });
+my $unauth_userid = $patron->userid;
+my $patron_id = $patron->borrowernumber;
my $branchcode = $builder->build({ source => 'Branch' })->{ branchcode };
-my $module = new Test::MockModule('C4::Context');
-$module->mock('userenv', sub { { branch => $branchcode } });
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=$borrowernumber");
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$userid:$password@/api/v1/checkouts?patron_id=$patron_id" )
->status_is(200)
->json_is([]);
-my $notexisting_borrowernumber = $borrowernumber + 1;
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=$notexisting_borrowernumber");
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
+my $notexisting_patron_id = $patron_id + 1;
+$t->get_ok( "//$userid:$password@/api/v1/checkouts?patron_id=$notexisting_patron_id" )
->status_is(200)
->json_is([]);
-my $biblionumber = create_biblio('RESTful Web APIs');
-my $itemnumber1 = create_item($biblionumber, 'TEST000001');
-my $itemnumber2 = create_item($biblionumber, 'TEST000002');
-my $itemnumber3 = create_item($biblionumber, 'TEST000003');
+Koha::CirculationRules->set_rules(
+ {
+ categorycode => undef,
+ itemtype => undef,
+ branchcode => undef,
+ rules => {
+ renewalperiod => 7,
+ renewalsallowed => 1,
+ issuelength => 5,
+ }
+ }
+);
+
+my $item1 = $builder->build_sample_item;
+my $item2 = $builder->build_sample_item;
+my $item3 = $builder->build_sample_item;
+my $item4 = $builder->build_sample_item;
my $date_due = DateTime->now->add(weeks => 2);
-my $issue1 = C4::Circulation::AddIssue($patron, 'TEST000001', $date_due);
+my $issue1 = C4::Circulation::AddIssue($patron->unblessed, $item1->barcode, $date_due);
my $date_due1 = Koha::DateUtils::dt_from_string( $issue1->date_due );
-my $issue2 = C4::Circulation::AddIssue($patron, 'TEST000002', $date_due);
+my $issue2 = C4::Circulation::AddIssue($patron->unblessed, $item2->barcode, $date_due);
my $date_due2 = Koha::DateUtils::dt_from_string( $issue2->date_due );
-my $issue3 = C4::Circulation::AddIssue($loggedinuser, 'TEST000003', $date_due);
+my $issue3 = C4::Circulation::AddIssue($librarian->unblessed, $item3->barcode, $date_due);
my $date_due3 = Koha::DateUtils::dt_from_string( $issue3->date_due );
+my $issue4 = C4::Circulation::AddIssue($patron->unblessed, $item4->barcode);
+C4::Circulation::AddReturn($item4->barcode, $branchcode);
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=$borrowernumber");
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$userid:$password@/api/v1/checkouts?patron_id=$patron_id" )
->status_is(200)
- ->json_is('/0/patron_id' => $borrowernumber)
- ->json_is('/0/item_id' => $itemnumber1)
+ ->json_is('/0/patron_id' => $patron_id)
+ ->json_is('/0/item_id' => $item1->itemnumber)
->json_is('/0/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) )
- ->json_is('/1/patron_id' => $borrowernumber)
- ->json_is('/1/item_id' => $itemnumber2)
+ ->json_is('/1/patron_id' => $patron_id)
+ ->json_is('/1/item_id' => $item2->itemnumber)
->json_is('/1/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due2 }) )
->json_hasnt('/2');
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts/".$issue3->issue_id);
-$tx->req->cookies({name => 'CGISESSID', value => $patron_session->id});
-$t->request_ok($tx)
- ->status_is(403)
- ->json_is({ error => "Authorization failure. Missing required permission(s).",
- required_permissions => { circulate => "circulate_remaining_permissions" }
- });
+# Test checked_in parameter, zero means, the response is same as without it
+$t->get_ok( "//$userid:$password@/api/v1/checkouts?patron_id=$patron_id&checked_in=0" )
+ ->status_is(200)
+ ->json_is('/0/patron_id' => $patron_id)
+ ->json_is('/0/item_id' => $item1->itemnumber)
+ ->json_is('/0/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) )
+ ->json_is('/1/patron_id' => $patron_id)
+ ->json_is('/1/item_id' => $item2->itemnumber)
+ ->json_is('/1/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due2 }) )
+ ->json_hasnt('/2');
+
+# Test checked_in parameter, one measn, the checked in checkout is in the response too
+$t->get_ok( "//$userid:$password@/api/v1/checkouts?patron_id=$patron_id&checked_in=1" )
+ ->status_is(200)
+ ->json_is('/0/patron_id' => $patron_id)
+ ->json_is('/0/item_id' => $item4->itemnumber)
+ ->json_hasnt('/1');
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=".$loggedinuser->{borrowernumber});
-$tx->req->cookies({name => 'CGISESSID', value => $patron_session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$unauth_userid:$unauth_password@/api/v1/checkouts/" . $issue3->issue_id )
->status_is(403)
->json_is({ error => "Authorization failure. Missing required permission(s).",
- required_permissions => { circulate => "circulate_remaining_permissions" }
- });
+ required_permissions => { circulate => "circulate_remaining_permissions" }
+ });
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=$borrowernumber");
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$userid:$password@/api/v1/checkouts?patron_id=$patron_id")
->status_is(200)
- ->json_is('/0/patron_id' => $borrowernumber)
- ->json_is('/0/item_id' => $itemnumber1)
+ ->json_is('/0/patron_id' => $patron_id)
+ ->json_is('/0/item_id' => $item1->itemnumber)
->json_is('/0/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) )
- ->json_is('/1/patron_id' => $borrowernumber)
- ->json_is('/1/item_id' => $itemnumber2)
+ ->json_is('/1/patron_id' => $patron_id)
+ ->json_is('/1/item_id' => $item2->itemnumber)
->json_is('/1/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due2 }) )
->json_hasnt('/2');
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts/" . $issue1->issue_id);
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$userid:$password@/api/v1/checkouts?patron_id=$patron_id&_per_page=1&_page=1")
+ ->status_is(200)
+ ->header_is('X-Total-Count', '2')
+ ->header_like('Link', qr|rel="next"|)
+ ->header_like('Link', qr|rel="first"|)
+ ->header_like('Link', qr|rel="last"|)
+ ->json_is('/0/patron_id' => $patron_id)
+ ->json_is('/0/item_id' => $item1->itemnumber)
+ ->json_is('/0/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) )
+ ->json_hasnt('/1');
+
+$t->get_ok( "//$userid:$password@/api/v1/checkouts?patron_id=$patron_id&_per_page=1&_page=2")
->status_is(200)
- ->json_is('/patron_id' => $borrowernumber)
- ->json_is('/item_id' => $itemnumber1)
+ ->header_is('X-Total-Count', '2')
+ ->header_like('Link', qr|rel="prev"|)
+ ->header_like('Link', qr|rel="first"|)
+ ->header_like('Link', qr|rel="last"|)
+ ->json_is('/0/patron_id' => $patron_id)
+ ->json_is('/0/item_id' => $item2->itemnumber)
+ ->json_is('/0/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due2 }) )
+ ->json_hasnt('/1');
+
+$t->get_ok( "//$userid:$password@/api/v1/checkouts/" . $issue1->issue_id)
+ ->status_is(200)
+ ->json_is('/patron_id' => $patron_id)
+ ->json_is('/item_id' => $item1->itemnumber)
->json_is('/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) )
->json_hasnt('/1');
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts/" . $issue1->issue_id);
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$userid:$password@/api/v1/checkouts/" . $issue1->issue_id)
->status_is(200)
->json_is('/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) );
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts/" . $issue2->issue_id);
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$userid:$password@/api/v1/checkouts/" . $issue2->issue_id)
->status_is(200)
->json_is('/due_date' => output_pref( { dateformat => "rfc3339", dt => $date_due2 }) );
+my $expected_datedue = $date_due
+ ->set_time_zone('local')
+ ->add(days => 7)
+ ->set(hour => 23, minute => 59, second => 0);
+
+$t->post_ok ( "//$userid:$password@/api/v1/checkouts/" . $issue1->issue_id . "/renewal" )
+ ->status_is(201)
+ ->json_is('/due_date' => output_pref( { dateformat => "rfc3339", dt => $expected_datedue }) )
+ ->header_is(Location => "/api/v1/checkouts/" . $issue1->issue_id . "/renewal");
-$dbh->do('DELETE FROM issuingrules');
-$dbh->do(q{
- INSERT INTO issuingrules (categorycode, branchcode, itemtype, renewalperiod, renewalsallowed)
- VALUES (?, ?, ?, ?, ?)
-}, {}, '*', '*', '*', 7, 1);
+my $renewal = $issue1->renewals->last;
+is( $renewal->renewal_type, 'Manual', 'Manual renewal recorded' );
-my $expected_datedue = DateTime->now->add(days => 14)->set(hour => 23, minute => 59, second => 0);
-$tx = $t->ua->build_tx(PUT => "/api/v1/checkouts/" . $issue1->issue_id);
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
+$t->get_ok ( "//$userid:$password@/api/v1/checkouts/" . $issue1->issue_id . "/renewals" )
->status_is(200)
- ->json_is('/due_date' => output_pref( { dateformat => "rfc3339", dt => $expected_datedue }) );
+ ->json_is('/0/checkout_id' => $issue1->issue_id)
+ ->json_is('/0/interface' => 'api')
+ ->json_is('/0/renewer_id' => $librarian->borrowernumber );
-$tx = $t->ua->build_tx(PUT => "/api/v1/checkouts/" . $issue3->issue_id);
-$tx->req->cookies({name => 'CGISESSID', value => $patron_session->id});
-$t->request_ok($tx)
+$t->post_ok( "//$unauth_userid:$unauth_password@/api/v1/checkouts/" . $issue3->issue_id . "/renewal" )
->status_is(403)
->json_is({ error => "Authorization failure. Missing required permission(s).",
required_permissions => { circulate => "circulate_remaining_permissions" }
- });
+ });
-$tx = $t->ua->build_tx(PUT => "/api/v1/checkouts/" . $issue2->issue_id);
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$userid:$password@/api/v1/checkouts/" . $issue2->issue_id . "/allows_renewal")
->status_is(200)
- ->json_is('/due_date' => output_pref({ dateformat => "rfc3339", dt => $expected_datedue}) );
+ ->json_is({
+ allows_renewal => Mojo::JSON->true,
+ max_renewals => 1,
+ unseen_renewals => 0,
+ current_renewals => 0,
+ error => undef
+ });
-$tx = $t->ua->build_tx(PUT => "/api/v1/checkouts/" . $issue1->issue_id);
-$tx->req->cookies({name => 'CGISESSID', value => $session->id});
-$t->request_ok($tx)
- ->status_is(403)
- ->json_is({ error => 'Renewal not authorized (too_many)' });
+$t->post_ok( "//$userid:$password@/api/v1/checkouts/" . $issue2->issue_id . "/renewal" )
+ ->status_is(201)
+ ->json_is('/due_date' => output_pref({ dateformat => "rfc3339", dt => $expected_datedue}) )
+ ->header_is(Location => "/api/v1/checkouts/" . $issue2->issue_id . "/renewal");
-sub create_biblio {
- my ($title) = @_;
- my $record = new MARC::Record;
- $record->append_fields(
- new MARC::Field('200', ' ', ' ', a => $title),
- );
-
- my ($biblionumber) = C4::Biblio::AddBiblio($record, '');
-
- return $biblionumber;
-}
-
-sub create_item {
- my ($biblionumber, $barcode) = @_;
-
- my $item = {
- barcode => $barcode,
- };
-
- my $itemnumber = C4::Items::AddItem($item, $biblionumber);
+$t->post_ok( "//$userid:$password@/api/v1/checkouts/" . $issue1->issue_id . "/renewal" )
+ ->status_is(403)
+ ->json_is({ error => 'Renewal not authorized (too_many)' });
- return $itemnumber;
-}
+$t->get_ok( "//$userid:$password@/api/v1/checkouts/" . $issue2->issue_id . "/allows_renewal")
+ ->status_is(200)
+ ->json_is({
+ allows_renewal => Mojo::JSON->false,
+ max_renewals => 1,
+ unseen_renewals => 0,
+ current_renewals => 1,
+ error => 'too_many'
+ });