https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39600 --- Comment #35 from Tomás Cohen Arazi (tcohen) <tomascohen@gmail.com> --- Created attachment 181442 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=181442&action=edit Bug 39600: Rewrite API controllers This patch splits the controller in two: * A controller for staff users use * An unprivileged access controller A new endpoint is added for publi access: * `/public/patrons/:patron_id/ill/requests` The public one makes use of the state-of-the-art in Koha for public endpoints, using the `$c->auth->public` validation helper and leaving the (newly added) public path spec with no special permissions requirements. The staff-oriented endpoint gets the right permissions added (at least those used in the main `/ill/requests` endpoint. To test: 1. Apply this patch 2. Run: $ ktd --shell k$ yarn api:bundle k$ prove t/db_dependent/api/v1/ill_requests.t => SUCCESS: Tests pass! 3. Sign off :-D Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.