[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Jun 18 23:34:44 CEST 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045
--- Comment #31 from Aleisha Amohia <aleisha at catalyst.net.nz> ---
I have tried to apply but tests fail on my devbox for 19.11.x.
$ prove -v t/db_dependent/api/v1/auth_authenticate_api_request.t
t/db_dependent/api/v1/auth_authenticate_api_request.t ..
1..3
# Subtest: token-based tests
1..10
[2020-06-19 09:33:05.84026] [12653] [debug] POST "/api/v1/oauth/token"
(5ef232ce)
[2020-06-19 09:33:05.84638] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:05.84791] [12653] [debug] Routing to controller
"Koha::REST::V1::OAuth" and action "token"
[2020-06-19 09:33:05.86256] [12653] [debug] 200 OK (0.022287s, 44.869/s)
ok 1 - POST /api/v1/oauth/token
ok 2 - 200 OK
ok 3 - exact match for JSON Pointer "/expires_in"
ok 4 - exact match for JSON Pointer "/token_type"
ok 5 - has value for JSON Pointer "/access_token"
[2020-06-19 09:33:05.86597] [12653] [debug] GET "/api/v1/patrons" (01e901a8)
[2020-06-19 09:33:05.86677] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:05.88419] [12653] [debug] Routing to controller
"Koha::REST::V1::Patrons" and action "list"
[2020-06-19 09:33:06.11926] [12653] [debug] 200 OK (0.253264s, 3.948/s)
ok 6 - GET /api/v1/patrons
ok 7 - 200 OK
ok 8 - The 'koha.user' object is defined in the stash
ok 9 - Stashed koha.user object type is Koha::Patron
ok 10 - The stashed user is the right one
ok 1 - token-based tests
# Subtest: cookie-based tests
1..5
[2020-06-19 09:33:06.29506] [12653] [debug] GET "/api/v1/patrons" (4f027938)
[2020-06-19 09:33:06.29565] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:06.29736] [12653] [debug] 503 Service Unavailable (0.00229s,
436.681/s)
ok 1 - GET /api/v1/patrons
not ok 2 - 200 OK
# Failed test '200 OK'
# at t/db_dependent/api/v1/auth_authenticate_api_request.t line 112.
# got: '503'
# expected: '200'
not ok 3 - The 'koha.user' object is defined in the stash
# Failed test 'The 'koha.user' object is defined in the stash'
# at t/db_dependent/api/v1/auth_authenticate_api_request.t line 115.
# Looks like you planned 5 tests but ran 3.
# Looks like you failed 2 tests of 3 run.
not ok 2 - cookie-based tests
# Failed test 'cookie-based tests'
# at t/db_dependent/api/v1/auth_authenticate_api_request.t line 120.
# Subtest: anonymous requests to public API
1..4
[2020-06-19 09:33:06.54596] [12653] [debug] GET "/api/v1/public/biblios/3"
(1a0aa1cd)
[2020-06-19 09:33:06.54737] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:06.54867] [12653] [debug] 503 Service Unavailable (0.002694s,
371.195/s)
ok 1 - GET /api/v1/public/biblios/3
not ok 2 - Unauthorized anonymous attempt to access a resource
# Failed test 'Unauthorized anonymous attempt to access a resource'
# at t/db_dependent/api/v1/auth_authenticate_api_request.t line 143.
# got: '503'
# expected: '401'
[2020-06-19 09:33:06.55176] [12653] [debug] GET "/api/v1/public/biblios/3"
(ece5c188)
[2020-06-19 09:33:06.55231] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:06.55343] [12653] [debug] 503 Service Unavailable (0.001661s,
602.047/s)
ok 3 - GET /api/v1/public/biblios/3
not ok 4 - Successfull anonymous access to a resource
# Failed test 'Successfull anonymous access to a resource'
# at t/db_dependent/api/v1/auth_authenticate_api_request.t line 149.
# got: '503'
# expected: '200'
# Looks like you failed 2 tests of 4.
not ok 3 - anonymous requests to public API
# Failed test 'anonymous requests to public API'
# at t/db_dependent/api/v1/auth_authenticate_api_request.t line 153.
# Looks like you failed 2 tests of 3.
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests
Test Summary Report
-------------------
t/db_dependent/api/v1/auth_authenticate_api_request.t (Wstat: 512 Tests: 3
Failed: 2)
Failed tests: 2-3
Non-zero exit status: 2
Files=1, Tests=3, 8 wallclock secs ( 0.02 usr 0.01 sys + 3.77 cusr 1.14
csys = 4.94 CPU)
Result: FAIL
Please fix up and I will backport!
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list