[Koha-bugs] [Bug 28948] Add a /public counterpart for the libraries REST endpoints
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Sep 3 17:08:43 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28948
--- Comment #2 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
Created attachment 124479
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=124479&action=edit
Bug 28948: Add a generic way to handle API privileged access attributes
deny-list
This patch introduces a way for Koha::Object(s)->to_api to filter out
attributes that require privileged access. It is done in a way that the
'public' parameter is recursively passed to nested objects in recursive
to_api() calls.
This way, Koha::Object-based classes can determine how they will render
depending on this parameter. For example, for implementing a
route for fetching an library looks like:
GET /libraries
The controller will look like:
my $library = Koha::Libraries->find( $c->validation->param('library_id') );
return $c->render(
status => 200,
openapi => $library->to_api
);
Implementing an unprivileged (public) route would look like:
GET /public/libraries/:library_id
The controller will look like:
my $library = Koha::Libraries->find( $c->validation->param('library_id') );
return $c->render(
status => 200,
openapi => $library->to_api({ public => 1 })
);
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Object*.t
=> SUCCESS: Tests pass (i.e. current behaviour is kept, new behaviour
passes the tests)
3. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list