[Koha-bugs] [Bug 17390] Add REST API endpoint for Authorised Values

Sat Jun 13 13:39:08 CEST 2020

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17390

--- Comment #14 from Tomás Cohen Arazi <tomascohen at gmail.com> ---
(In reply to Jonathan Druart from comment #12)
> > f. POST /authorised_value_categories/:authorised_value_category_id/values
> 
> This route reads wrong to me.
> How is that different than adding a patron with a given category?

Fair enough.

> Or with funds, the route is GET /acquisitions/funds, should not it be
> /acquisitions/budgets/:budget_id:/funds in that case?

I belive it really depends on how you're gonna use it and what granularity you
want for requiring permissions or limitations on the route.
What I was pointing is the same that happened to the hold history bug: instead
of a single search you need to fetch all results and deal with limitations on
each of them, so I warned you about the 'global' route for fetching authorised
values: it looks simple, but in the end only superlibrarians should be able to
use it.

As for POST you can safely use your code (and the global route) as I belive you
can make any required checks in a really compact code in the controller. My aim
was not to block you but suggest you constraint your target to what you really
need instead of a whole complete API for authorised values so you don't get
frustrated.

So you can strip the more complex and debatable use cases and already have the
route you need. Go ahead!

> Also note that there is no "authorised_value_category_id", but category_name
> is the PK of the authorised_value_categories table. Should we add one or you
> meant category_name?

We reached and agreement that ID's are appended _id for consistency. So I
invented the name to make a point following the guidelines. That's why the RFC
needs to be voted.

We can sort this out easily with a conversation with Martin and a dev meeting.

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.