3 # This file is part of Koha.
5 # Koha is free software; you can redistribute it and/or modify it under the
6 # terms of the GNU General Public License as published by the Free Software
7 # Foundation; either version 3 of the License, or (at your option) any later
10 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
11 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
12 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License along
15 # with Koha; if not, write to the Free Software Foundation, Inc.,
16 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 use Test::More tests => 54;
24 use t::lib::TestBuilder;
35 my $schema = Koha::Database->schema;
36 my $builder = t::lib::TestBuilder->new;
38 $schema->storage->txn_begin;
40 t::lib::Mocks::mock_preference( 'SessionStorage', 'tmp' );
42 $ENV{REMOTE_ADDR} = '127.0.0.1';
43 my $t = Test::Mojo->new('Koha::REST::V1');
46 my $dbh = C4::Context->dbh;
48 $dbh->do('DELETE FROM issues');
49 $dbh->do('DELETE FROM items');
50 $dbh->do('DELETE FROM issuingrules');
51 my $loggedinuser = $builder->build({ source => 'Borrower' });
54 INSERT INTO user_permissions (borrowernumber, module_bit, code)
55 VALUES (?, 1, 'circulate_remaining_permissions')
56 }, undef, $loggedinuser->{borrowernumber});
58 my $session = C4::Auth::get_session('');
59 $session->param('number', $loggedinuser->{ borrowernumber });
60 $session->param('id', $loggedinuser->{ userid });
61 $session->param('ip', '127.0.0.1');
62 $session->param('lasttime', time());
65 my $patron = $builder->build({ source => 'Borrower', value => { flags => 0 } });
66 my $borrowernumber = $patron->{borrowernumber};
67 my $patron_session = C4::Auth::get_session('');
68 $patron_session->param('number', $borrowernumber);
69 $patron_session->param('id', $patron->{ userid });
70 $patron_session->param('ip', '127.0.0.1');
71 $patron_session->param('lasttime', time());
72 $patron_session->flush;
74 my $branchcode = $builder->build({ source => 'Branch' })->{ branchcode };
75 my $module = new Test::MockModule('C4::Context');
76 $module->mock('userenv', sub { { branch => $branchcode } });
78 $tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=$borrowernumber");
79 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
84 my $notexisting_borrowernumber = $borrowernumber + 1;
85 $tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=$notexisting_borrowernumber");
86 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
91 my $biblionumber = $builder->build_sample_biblio({ title => 'RESTful Web APIs'})->biblionumber;
92 my $itemnumber1 = $builder->build_sample_item({ biblionumber => $biblionumber, barcode => 'TEST000001'})->itemnumber;
93 my $itemnumber2 = $builder->build_sample_item({ biblionumber => $biblionumber, barcode => 'TEST000002'})->itemnumber;
94 my $itemnumber3 = $builder->build_sample_item({ biblionumber => $biblionumber, barcode => 'TEST000003'})->itemnumber;
96 my $date_due = DateTime->now->add(weeks => 2);
97 my $issue1 = C4::Circulation::AddIssue($patron, 'TEST000001', $date_due);
98 my $date_due1 = Koha::DateUtils::dt_from_string( $issue1->date_due );
99 my $issue2 = C4::Circulation::AddIssue($patron, 'TEST000002', $date_due);
100 my $date_due2 = Koha::DateUtils::dt_from_string( $issue2->date_due );
101 my $issue3 = C4::Circulation::AddIssue($loggedinuser, 'TEST000003', $date_due);
102 my $date_due3 = Koha::DateUtils::dt_from_string( $issue3->date_due );
104 $tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=$borrowernumber");
105 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
108 ->json_is('/0/patron_id' => $borrowernumber)
109 ->json_is('/0/item_id' => $itemnumber1)
110 ->json_is('/0/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) )
111 ->json_is('/1/patron_id' => $borrowernumber)
112 ->json_is('/1/item_id' => $itemnumber2)
113 ->json_is('/1/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due2 }) )
116 $tx = $t->ua->build_tx(GET => "/api/v1/checkouts/".$issue3->issue_id);
117 $tx->req->cookies({name => 'CGISESSID', value => $patron_session->id});
120 ->json_is({ error => "Authorization failure. Missing required permission(s).",
121 required_permissions => { circulate => "circulate_remaining_permissions" }
124 $tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=".$loggedinuser->{borrowernumber});
125 $tx->req->cookies({name => 'CGISESSID', value => $patron_session->id});
128 ->json_is({ error => "Authorization failure. Missing required permission(s).",
129 required_permissions => { circulate => "circulate_remaining_permissions" }
132 $tx = $t->ua->build_tx(GET => "/api/v1/checkouts?patron_id=$borrowernumber");
133 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
136 ->json_is('/0/patron_id' => $borrowernumber)
137 ->json_is('/0/item_id' => $itemnumber1)
138 ->json_is('/0/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) )
139 ->json_is('/1/patron_id' => $borrowernumber)
140 ->json_is('/1/item_id' => $itemnumber2)
141 ->json_is('/1/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due2 }) )
144 $tx = $t->ua->build_tx(GET => "/api/v1/checkouts/" . $issue1->issue_id);
145 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
148 ->json_is('/patron_id' => $borrowernumber)
149 ->json_is('/item_id' => $itemnumber1)
150 ->json_is('/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) )
153 $tx = $t->ua->build_tx(GET => "/api/v1/checkouts/" . $issue1->issue_id);
154 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
157 ->json_is('/due_date' => output_pref({ dateformat => "rfc3339", dt => $date_due1 }) );
159 $tx = $t->ua->build_tx(GET => "/api/v1/checkouts/" . $issue2->issue_id);
160 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
163 ->json_is('/due_date' => output_pref( { dateformat => "rfc3339", dt => $date_due2 }) );
166 $dbh->do('DELETE FROM issuingrules');
168 INSERT INTO issuingrules (categorycode, branchcode, itemtype, renewalperiod, renewalsallowed)
169 VALUES (?, ?, ?, ?, ?)
170 }, {}, '*', '*', '*', 7, 1);
172 my $expected_datedue = DateTime->now->add(days => 14)->set(hour => 23, minute => 59, second => 0);
173 $tx = $t->ua->build_tx(PUT => "/api/v1/checkouts/" . $issue1->issue_id);
174 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
177 ->json_is('/due_date' => output_pref( { dateformat => "rfc3339", dt => $expected_datedue }) );
179 $tx = $t->ua->build_tx(PUT => "/api/v1/checkouts/" . $issue3->issue_id);
180 $tx->req->cookies({name => 'CGISESSID', value => $patron_session->id});
183 ->json_is({ error => "Authorization failure. Missing required permission(s).",
184 required_permissions => { circulate => "circulate_remaining_permissions" }
187 $tx = $t->ua->build_tx(PUT => "/api/v1/checkouts/" . $issue2->issue_id);
188 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
191 ->json_is('/due_date' => output_pref({ dateformat => "rfc3339", dt => $expected_datedue}) );
193 $tx = $t->ua->build_tx(PUT => "/api/v1/checkouts/" . $issue1->issue_id);
194 $tx->req->cookies({name => 'CGISESSID', value => $session->id});
197 ->json_is({ error => 'Renewal not authorized (too_many)' });