[Koha-bugs] [Bug 19133] REST API: Password recovery

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Thu Aug 24 16:02:35 CEST 2017


https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19133

--- Comment #3 from Lari Taskula <lari.taskula at jns.fi> ---
Created attachment 66419
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=66419&action=edit
Bug 19133-2: Allow third party services to send password recovery emails
instead of Koha

Adds a new parameter "skip_mail" to POST /api/v1/patrons/password/recovery.
This
allows third party services to avoid Koha enqueueing recovery email to message
queue. Instead, letter content and the link containing uuid is returned.
Requires
permission to do so.

Adds a new permission borrowers.get_password_reset_uuid that allows the above.

To test:
1. Apply patch and run updatedatabase.pl
2. prove t/db_dependent/api/v1/passwordrecovery.t
3. Add yourself borrowers.get_password_reset_uuid permission
4. Send POST request to /api/v1/patrons/password/recovery containing a JSON
body
   { "email": "patrons at email.com", "userid": "patrons userid", "custom_link":
     "https://allowed/reset.pl?token={uuid}", "skip_mail": true }
   (Make sure custom link is allowed by the system preference introduced in
    previous patch)
5. Check that the message contents and other related data is returned
6. Check borrower_password_recovery table - there should be a new entry for you
7. Check message_queue table - this message should not be enqueued

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list