Bug 17003: Adapt to OpenAPI

Test plan:
prove t/db_dependent/api/v1/checkouts.t

Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Johanna Raisa <johanna.raisa@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

diff --git a/Koha/REST/V1/Checkouts.pm b/Koha/REST/V1/Checkouts.pm
index a459743..b1bc863 100644 (file)
--- a/Koha/REST/V1/Checkouts.pm
+++ b/Koha/REST/V1/Checkouts.pm
@@ -129,37 +129,27 @@ sub renew {
 }
 
 sub renewability {
-    my ($c, $args, $cb) = @_;
-
-    my $user = $c->stash('koha.user');
-
-    my $OpacRenewalAllowed;
-    if ($user->borrowernumber == $borrowernumber) {
-        $OpacRenewalAllowed = C4::Context->preference('OpacRenewalAllowed');
-    }
-
-    unless ($user && ($OpacRenewalAllowed
-            || haspermission($user->userid, { circulate => "circulate_remaining_permissions" }))) {
-        return $c->$cb({error => "You don't have the required permission"}, 403);
-    }
+    my $c = shift->openapi->valid_input or return;
 
-    my $checkout_id = $args->{checkout_id};
-    my $checkout = Koha::Issues->find($checkout_id);
+    my $checkout_id = $c->validation->param('checkout_id');
+    my $checkout = Koha::Checkouts->find( $checkout_id );
 
-    if (!$checkout) {
-        return $c->$cb({
-            error => "Checkout doesn't exist"
-        }, 404);
+    unless ($checkout) {
+        return $c->render(
+            status => 404,
+            openapi => { error => "Checkout doesn't exist" }
+        );
     }
 
-    my $borrowernumber = $checkout->borrowernumber;
-    my $itemnumber = $checkout->itemnumber;
-
     my ($can_renew, $error) = C4::Circulation::CanBookBeRenewed(
-        $borrowernumber, $itemnumber);
+        $checkout->borrowernumber, $checkout->itemnumber);
 
-    return $c->$cb({ renewable => Mojo::JSON->true, error => undef }, 200) if $can_renew;
-    return $c->$cb({ renewable => Mojo::JSON->false, error => $error }, 200);
+    my $renewable = Mojo::JSON->false;
+    $renewable = Mojo::JSON->true if $can_renew;
+    return $c->render(
+        status => 200,
+        openapi => { renewable => $renewable, error => $error }
+    );
 }
 
 =head3 _to_api

diff --git a/api/v1/swagger/paths/checkouts.json b/api/v1/swagger/paths/checkouts.json
index 76e7151..342aa5a 100644 (file)
--- a/api/v1/swagger/paths/checkouts.json
+++ b/api/v1/swagger/paths/checkouts.json
@@ -99,6 +99,7 @@
   },
   "/checkouts/{checkout_id}/renewability": {
     "get": {
+      "x-mojo-to": "Checkout#renewability",
       "operationId": "renewabilityCheckout",
       "tags": ["patrons", "checkouts"],
       "parameters": [{
@@ -120,8 +121,6 @@
         }
       },
       "x-koha-authorization": {
-        "allow-owner": true,
-        "allow-guarantor": true,
         "permissions": {
           "circulate": "circulate_remaining_permissions"
         }

diff --git a/t/db_dependent/api/v1/checkouts.t b/t/db_dependent/api/v1/checkouts.t
index e4c0f21..5c92694 100644 (file)
--- a/t/db_dependent/api/v1/checkouts.t
+++ b/t/db_dependent/api/v1/checkouts.t
@@ -169,9 +169,7 @@ $t->post_ok( "//$unauth_userid:$unauth_password@/api/v1/checkouts/" . $issue3->i
               required_permissions => { circulate => "circulate_remaining_permissions" }
             });
 
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts/" . $issue2->issue_id . "/renewability");
-$tx->req->cookies({name => 'CGISESSID', value => $patron_session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$userid:$password@/api/v1/checkouts/" . $issue2->issue_id . "/renewability")
   ->status_is(200)
   ->json_is({ renewable => Mojo::JSON->true, error => undef });
 
@@ -185,8 +183,6 @@ $t->post_ok( "//$userid:$password@/api/v1/checkouts/" . $issue1->issue_id . "/re
   ->status_is(403)
   ->json_is({ error => 'Renewal not authorized (too_many)' });
 
-$tx = $t->ua->build_tx(GET => "/api/v1/checkouts/" . $issue2->issue_id . "/renewability");
-$tx->req->cookies({name => 'CGISESSID', value => $patron_session->id});
-$t->request_ok($tx)
+$t->get_ok( "//$userid:$password@/api/v1/checkouts/" . $issue2->issue_id . "/renewability")
   ->status_is(200)
   ->json_is({ renewable => Mojo::JSON->false, error => 'too_many' });