opac/svc/overdrive

   1 #!/usr/bin/perl
   2
   3 # script to action OverDrive API calls
   4
   5 # Copyright 2015 Catalyst IT
   6 # This file is part of Koha.
   7 #
   8 # Koha is free software; you can redistribute it and/or modify it
   9 # under the terms of the GNU General Public License as published by
  10 # the Free Software Foundation; either version 3 of the License, or
  11 # (at your option) any later version.
  12 #
  13 # Koha is distributed in the hope that it will be useful, but
  14 # WITHOUT ANY WARRANTY; without even the implied warranty of
  15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16 # GNU General Public License for more details.
  17 #
  18 # You should have received a copy of the GNU General Public License
  19 # along with Koha; if not, see <http://www.gnu.org/licenses>.
  20
  21 use Modern::Perl;
  22 use CGI qw ( -utf8 );
  23 use JSON qw(encode_json);
  24 use C4::Auth qw(checkauth);
  25 use C4::Output;
  26 use Koha::Logger;
  27 use Koha::ExternalContent::OverDrive;
  28
  29 my $logger = Koha::Logger->get({ interface => 'opac' });
  30 our $cgi = new CGI;
  31 my $page_url = $cgi->referer();
  32
  33 my ( $user, $cookie, $sessionID, $flags ) = checkauth( $cgi, 1, {}, 'opac' );
  34 $user && $sessionID or response_bad_request("User not logged in");
  35
  36 my $action = $cgi->param('action') or response_bad_request("No 'action' specified");
  37
  38 my $od = Koha::ExternalContent::OverDrive->new({ koha_session_id => $sessionID });
  39 my %data = (
  40    is_logged_in => JSON::false,
  41 );
  42 local $@;
  43 eval {
  44         {
  45             $action eq 'login' && do {
  46                 $data{login_url} = $od->auth_url($page_url);
  47                 last;
  48             };
  49
  50             if ($od->is_logged_in) {
  51                 $data{is_logged_in} = JSON::true;
  52
  53                 $action eq 'logout' && do {
  54                     $od->forget();
  55                     $data{login_url} = $od->auth_url($page_url);
  56                     $data{is_logged_in} = JSON::false;
  57                     last;
  58                 };
  59
  60                 $action eq 'account' && do {
  61                     $data{account} = $od->patron;
  62                     $data{checkouts} = $od->checkouts;
  63                     $data{holds} = $od->holds;
  64                     last;
  65                 };
  66
  67                 $action eq 'checkout' && do {
  68                     my $id = $cgi->param('id')
  69                       or response_bad_request("No 'id' specified");
  70                     my $format = $cgi->param('format');
  71                     $data{action} = $od->checkout($id, $format);
  72                     $data{checkouts} = $od->checkouts;
  73                     $data{holds} = $od->holds;
  74                     last;
  75                 };
  76
  77                 $action eq 'checkout-format' && do {
  78                     my $id = $cgi->param('id')
  79                       or response_bad_request("No 'id' specified");
  80                     my $format = $cgi->param('format')
  81                       or response_bad_request("No 'format' specified");
  82                     $data{action} = $od->lock_format($id, $format);
  83                     $data{checkouts} = $od->checkouts;
  84                     last;
  85                 };
  86
  87                 $action eq 'download-url' && do {
  88                     my $id = $cgi->param('id')
  89                       or response_bad_request("No 'id' specified");
  90                     my $format = $cgi->param('format')
  91                       or response_bad_request("No 'format' specified");
  92                     $data{action} = $od->checkout_download_url($id, $format, $page_url, $page_url);
  93                     last;
  94                 };
  95
  96                 $action eq 'return' && do {
  97                     my $id = $cgi->param('id')
  98                       or response_bad_request("No 'id' specified");
  99                     local $@;
 100                     $data{action} = eval { $od->return($id) };
 101                     $data{action} = $@ if $@;
 102                     $data{checkouts} = $od->checkouts;
 103                     last;
 104                 };
 105
 106                 $action eq 'place-hold' && do {
 107                     my $id = $cgi->param('id')
 108                       or response_bad_request("No 'id' specified");
 109                     $data{action} = $od->place_hold($id);
 110                     $data{holds} = $od->holds;
 111                     last;
 112                 };
 113
 114                 $action eq 'remove-hold' && do {
 115                     my $id = $cgi->param('id')
 116                       or response_bad_request("No 'id' specified");
 117                     local $@;
 118                     $data{action} = eval { $od->remove_hold($id) };
 119                     $data{action} = $@ if $@;
 120                     $data{holds} = $od->holds;
 121                     last;
 122                 };
 123
 124                 response_bad_request("Invalid 'action': $action");
 125             }
 126         }
 127 };
 128 if ($@) {
 129     if ($od->is_not_authenticated_error("$@")) {
 130         $logger->debug("OverDrive session timeout");
 131         $data{is_logged_in} = JSON::false;
 132     } else {
 133         $logger->error($@);
 134         $data{error} = $od->error_message("$@");
 135     }
 136 }
 137
 138 response(\%data);
 139
 140
 141 sub response_bad_request {
 142     my ($error) = @_;
 143     response({error => $error}, "400 $error");
 144 }
 145 sub response {
 146     my ($data, $status_line) = @_;
 147     $status_line ||= "200 OK";
 148     output_with_http_headers $cgi, undef, encode_json($data), 'json', $status_line;
 149     exit;
 150 }