[Koha-bugs] [Bug 27358] Add GET /public/biblios/:biblio_id/items
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Feb 2 10:29:42 CET 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27358
Martin Renvoize <martin.renvoize at ptfs-europe.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #114935|0 |1
is obsolete| |
--- Comment #11 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
Created attachment 116187
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=116187&action=edit
Bug 27358: Add a generic way to handle API privileged access attributes
deny-list
This patch introduces a way for Koha::Object(s)->to_api to filter out
attributes that require privileged access. It is done in a way that the
'public' parameter is recursively passed to nested objects in recursive
to_api() calls.
This way, Koha::Object-based classes can determine how they will render
depending on this parameter. For example, for implementing a
route for fetching an item looks like:
GET /items
The controller will look like:
my $item = Koha::Items->find( $c->validation->param('item_id') );
return $c->render(
status => 200,
openapi => $item->to_api
);
Implementing an unprivileged (public) route would look like:
GET /public/items/:item_id
The controller will look like:
my $item = Koha::Items->find( $c->validation->param('item_id') );
return $c->render(
status => 200,
openapi => $item->to_api({ public => 1 })
);
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Object*.t
=> SUCCESS: Tests pass (i.e. current behaviour is kept, new behaviour
passes the tests)
3. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list