[Koha-bugs] [Bug 35053] When placing a hold via the REST API if both biblio_id and item_id are passed the hold is placed on the item, but rules checked for the record
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Oct 17 14:12:05 CEST 2023
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35053
--- Comment #2 from Tomás Cohen Arazi <tomascohen at gmail.com> ---
Created attachment 157232
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=157232&action=edit
Bug 35053: Make sure request is checked as an item-level request if item_id
passed
This patch makes the validation code have the `$item` variable defined
when checking holdability, in the case both `item_id` and `biblio_id`
params are passed.
Otherwise, if the requested item is not holdable, but a biblio-level
hold *could* be placed, the item-level hold is placed.
This is highlighted by the regression tests.
To test:
1. Apply the regression tests patch
2. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Tests don't pass. A request that should be rejected is allowed
because biblio-level hold is allowed.
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! Item-level rules are checked and thus the
request rejected (code 403)
5. Sign off :-D
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list