t/db_dependent/api/v1/acquisitions_orders.t

   1 #!/usr/bin/env perl
   2
   3 # This file is part of Koha.
   4 #
   5 # Koha is free software; you can redistribute it and/or modify it
   6 # under the terms of the GNU General Public License as published by
   7 # the Free Software Foundation; either version 3 of the License, or
   8 # (at your option) any later version.
   9 #
  10 # Koha is distributed in the hope that it will be useful, but
  11 # WITHOUT ANY WARRANTY; without even the implied warranty of
  12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13 # GNU General Public License for more details.
  14 #
  15 # You should have received a copy of the GNU General Public License
  16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
  17
  18 use Modern::Perl;
  19
  20 use Test::More tests => 5;
  21 use Test::Mojo;
  22 use Test::Warn;
  23
  24 use t::lib::TestBuilder;
  25 use t::lib::Mocks;
  26
  27 use Koha::Acquisition::Orders;
  28 use Koha::Database;
  29
  30 my $schema  = Koha::Database->new->schema;
  31 my $builder = t::lib::TestBuilder->new;
  32
  33 t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
  34
  35 my $t = Test::Mojo->new('Koha::REST::V1');
  36
  37 subtest 'list() tests' => sub {
  38     plan tests => 8;
  39
  40     $schema->storage->txn_begin;
  41
  42     my $patron = $builder->build_object({
  43         class => 'Koha::Patrons',
  44         value => { flags => 1 }
  45     });
  46     my $password = 'thePassword123';
  47     $patron->set_password({ password => $password, skip_validation => 1 });
  48     my $userid = $patron->userid;
  49
  50     my $basket = $builder->build_object({ class => 'Koha::Acquisition::Baskets' });
  51     # Create test context
  52     my $order = $builder->build_object(
  53         {
  54             class => 'Koha::Acquisition::Orders',
  55             value => { basketno => $basket->basketno, orderstatus => 'new' }
  56         }
  57     );
  58     my $another_order = $order->unblessed; # create a copy of $order but make
  59     delete $another_order->{ordernumber};  # sure ordernumber will be regenerated
  60     $another_order = $builder->build_object({ class => 'Koha::Acquisition::Orders', value => $another_order });
  61
  62     ## Authorized user tests
  63     my $count_of_orders = Koha::Acquisition::Orders->search->count;
  64     # Make sure we are returned with the correct amount of orders
  65     $t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders" )
  66       ->status_is( 200, 'SWAGGER3.2.2' )
  67       ->json_has('/'.($count_of_orders-1).'/order_id')
  68       ->json_hasnt('/'.($count_of_orders).'/order_id');
  69
  70     subtest 'query parameters' => sub {
  71
  72         my $fields = {
  73             biblio_id => 'biblionumber',
  74             basket_id => 'basketno',
  75             fund_id   => 'budget_id',
  76         };
  77
  78         my $size = keys %{$fields};
  79
  80         plan tests => $size * (2 + 2 * $size);
  81
  82         foreach my $field ( keys %{$fields} ) {
  83             my $model_field = $fields->{ $field };
  84             my $result = $t->get_ok("//$userid:$password@/api/v1/acquisitions/orders?$field=" . $order->$model_field)
  85               ->status_is(200);
  86
  87             foreach my $key ( keys %{$fields} ) {
  88               my $key_field = $fields->{ $key };
  89               # Check the result order first since it's not predefined.
  90               if ($result->tx->res->json->[0]->{$key} eq $order->$key_field) {
  91                 $result->json_is( "/0/$key", $order->$key_field );
  92                 $result->json_is( "/1/$key", $another_order->$key_field );
  93               } else {
  94                 $result->json_is( "/0/$key", $another_order->$key_field );
  95                 $result->json_is( "/1/$key", $order->$key_field );
  96               }
  97             }
  98         }
  99     };
 100
 101     # Warn on unsupported query parameter
 102     $t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders?order_blah=blah" )
 103       ->status_is(400)
 104       ->json_is( [{ path => '/query/order_blah', message => 'Malformed query string'}] );
 105
 106     $schema->storage->txn_rollback;
 107 };
 108
 109 subtest 'get() tests' => sub {
 110
 111     plan tests => 6;
 112
 113     $schema->storage->txn_begin;
 114
 115     my $order = $builder->build_object(
 116         {
 117             class => 'Koha::Acquisition::Orders',
 118             value => { orderstatus => 'new' }
 119         }
 120     );
 121     my $patron = $builder->build_object({
 122         class => 'Koha::Patrons',
 123         value => { flags => 2048 }
 124     });
 125     my $password = 'thePassword123';
 126     $patron->set_password({ password => $password, skip_validation => 1 });
 127     my $userid = $patron->userid;
 128
 129     $t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
 130       ->status_is( 200, 'SWAGGER3.2.2' )
 131       ->json_is( '' => $order->to_api, 'SWAGGER3.3.2' );
 132
 133     my $non_existent_order_id = $order->ordernumber;
 134     $order->delete;
 135
 136     $t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders/" . $non_existent_order_id )
 137       ->status_is(404)
 138       ->json_is( '/error' => 'Order not found' );
 139
 140     # FIXME This does not work on all the OS we support
 141     ## Regression tests for bug 25513
 142     ## Pick a high value that could be transformed into exponential
 143     ## representation and not considered a number by buggy DBD::mysql versions
 144     #$order = $builder->build_object(
 145     #    {
 146     #        class => 'Koha::Acquisition::Orders',
 147     #        value => {
 148     #            orderstatus => 'new',
 149     #            ecost_tax_excluded => 9963405519357589504,
 150     #            unitprice => 10177559957753600000
 151     #        }
 152     #    }
 153     #);
 154     #
 155     #$t->get_ok( "//$userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
 156     #  ->json_is( '' => $order->to_api, 'Number representation should be consistent' );
 157
 158     $schema->storage->txn_rollback;
 159 };
 160
 161 subtest 'add() tests' => sub {
 162
 163     plan tests => 17;
 164
 165     $schema->storage->txn_begin;
 166
 167     my $authorized_patron = $builder->build_object({
 168         class => 'Koha::Patrons',
 169         value => { flags => 1 }
 170     });
 171     my $password = 'thePassword123';
 172     $authorized_patron->set_password({ password => $password, skip_validation => 1 });
 173     my $auth_userid = $authorized_patron->userid;
 174
 175     my $unauthorized_patron = $builder->build_object({
 176         class => 'Koha::Patrons',
 177         value => { flags => 4 }
 178     });
 179     $unauthorized_patron->set_password({ password => $password, skip_validation => 1 });
 180     my $unauth_userid = $unauthorized_patron->userid;
 181
 182     my $order_obj = $builder->build_object(
 183         {
 184             class => 'Koha::Acquisition::Orders',
 185             value => {
 186                 orderstatus => 'new',
 187                 unitprice   => 10,
 188                 replacementprice => 10,
 189                 quantity    => 2,
 190                 quantityreceived => 0,
 191                 datecancellationprinted => undef,
 192                 order_internalnote => 'This is a dummy note for testing'
 193             }
 194         }
 195     );
 196     my $order = $order_obj->to_api;
 197     $order_obj->delete;
 198     delete $order->{ordernumber};
 199     $order->{uncertain_price} = Mojo::JSON->false;
 200
 201     # Unauthorized attempt to write
 202     $t->post_ok( "//$unauth_userid:$password@/api/v1/acquisitions/orders" => json => $order )
 203       ->status_is(403);
 204
 205     # Authorized attempt to write invalid data
 206     my $order_with_invalid_field = { %$order };
 207     $order_with_invalid_field->{'orderinvalid'} = 'Order invalid';
 208
 209     $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders" => json => $order_with_invalid_field )
 210       ->status_is(400)
 211       ->json_is(
 212         "/errors" => [
 213             {
 214                 message => "Properties not allowed: orderinvalid.",
 215                 path    => "/body"
 216             }
 217         ]
 218     );
 219
 220     # Authorized attempt to write
 221     $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders" => json => $order )
 222       ->status_is( 201, 'SWAGGER3.2.1' )
 223       ->json_is( '/internal_note' => $order->{internal_note}, 'SWAGGER3.3.1' )
 224       ->header_like( Location => qr/\/api\/v1\/acquisitions\/orders\/\d*/, 'SWAGGER3.4.1' );
 225
 226     # save the order_id
 227     my $order_id = $order->{order_id};
 228     # Authorized attempt to create with null id
 229     $order->{order_id} = undef;
 230
 231     $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders" => json => $order )
 232       ->status_is(400)
 233       ->json_has('/errors');
 234
 235     # Authorized attempt to create with existing id
 236     $order->{order_id} = $order_id;
 237
 238     warning_like {
 239         $t->post_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders" => json => $order )
 240           ->status_is(409)
 241           ->json_has( '/error' => "Fails when trying to add an existing order_id")
 242           ->json_like( '/conflict' => qr/(aqorders\.)?PRIMARY/ ); }
 243         qr/DBD::mysql::st execute failed: Duplicate entry '(.*)' for key '(aqorders\.)?PRIMARY'/;
 244
 245     $schema->storage->txn_rollback;
 246 };
 247
 248 subtest 'update() tests' => sub {
 249     plan tests => 13;
 250
 251     $schema->storage->txn_begin;
 252
 253     my $authorized_patron = $builder->build_object({
 254         class => 'Koha::Patrons',
 255         value => { flags => 1 }
 256     });
 257     my $password = 'thePassword123';
 258     $authorized_patron->set_password({ password => $password, skip_validation => 1 });
 259     my $auth_userid = $authorized_patron->userid;
 260
 261     my $unauthorized_patron = $builder->build_object({
 262         class => 'Koha::Patrons',
 263         value => { flags => 4 }
 264     });
 265     $unauthorized_patron->set_password({ password => $password, skip_validation => 1 });
 266     my $unauth_userid = $unauthorized_patron->userid;
 267
 268     my $library    = $builder->build_object({ class => 'Koha::Libraries' });
 269     my $library_id = $library->branchcode;
 270
 271     # Unauthorized attempt to update
 272     $t->put_ok( "//$unauth_userid:$password@/api/v1/libraries/$library_id"
 273                     => json => { name => 'New unauthorized name change' } )
 274       ->status_is(403);
 275
 276     # Attempt partial update on a PUT
 277     my $library_with_missing_field = {
 278         address1 => "New library address",
 279     };
 280
 281     my $result = $t->put_ok( "//$auth_userid:$password@/api/v1/libraries/$library_id" => json => $library_with_missing_field )
 282       ->status_is(400);
 283     # Check the result order first since it's not predefined.
 284     if ($result->tx->res->json->{errors}->[0]->{path} eq '/body/name') {
 285       $result->json_is(
 286         "/errors",
 287         [
 288           {message => "Missing property.", path => "/body/name"},
 289           {message => "Missing property.", path => "/body/library_id"}
 290         ]
 291       );
 292     } else {
 293       $result->json_is(
 294         "/errors",
 295         [
 296           {message => "Missing property.", path => "/body/library_id"},
 297           {message => "Missing property.", path => "/body/name"}
 298         ]
 299       );
 300     }
 301
 302     my $deleted_library = $builder->build_object( { class => 'Koha::Libraries' } );
 303     my $library_with_updated_field = $deleted_library->to_api;
 304     $library_with_updated_field->{library_id} = $library_id;
 305     $deleted_library->delete;
 306
 307     $t->put_ok( "//$auth_userid:$password@/api/v1/libraries/$library_id" => json => $library_with_updated_field )
 308       ->status_is(200, 'SWAGGER3.2.1')
 309       ->json_is( '' => $library_with_updated_field, 'SWAGGER3.3.3' );
 310
 311     # Authorized attempt to write invalid data
 312     my $library_with_invalid_field = { %$library_with_updated_field };
 313     $library_with_invalid_field->{'branchinvalid'} = 'Library invalid';
 314
 315     $t->put_ok( "//$auth_userid:$password@/api/v1/libraries/$library_id" => json => $library_with_invalid_field )
 316       ->status_is(400)
 317       ->json_is(
 318         "/errors" => [
 319             {
 320                 message => "Properties not allowed: branchinvalid.",
 321                 path    => "/body"
 322             }
 323         ]
 324     );
 325
 326     my $non_existent_code = 'nope'.int(rand(10000));
 327     $t->put_ok("//$auth_userid:$password@/api/v1/libraries/$non_existent_code" => json => $library_with_updated_field)
 328       ->status_is(404);
 329
 330     $schema->storage->txn_rollback;
 331 };
 332
 333 subtest 'delete() tests' => sub {
 334     plan tests => 7;
 335
 336     $schema->storage->txn_begin;
 337
 338     my $authorized_patron = $builder->build_object({
 339         class => 'Koha::Patrons',
 340         value => { flags => 1 }
 341     });
 342     my $password = 'thePassword123';
 343     $authorized_patron->set_password({ password => $password, skip_validation => 1 });
 344     my $auth_userid = $authorized_patron->userid;
 345
 346     my $unauthorized_patron = $builder->build_object({
 347         class => 'Koha::Patrons',
 348         value => { flags => 4 }
 349     });
 350     $unauthorized_patron->set_password({ password => $password, skip_validation => 1 });
 351     my $unauth_userid = $unauthorized_patron->userid;
 352
 353     my $order = $builder->build_object( { class => 'Koha::Acquisition::Orders' } );
 354
 355     # Unauthorized attempt to delete
 356     $t->delete_ok( "//$unauth_userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
 357       ->status_is(403);
 358
 359     $t->delete_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
 360       ->status_is(204, 'SWAGGER3.2.4')
 361       ->content_is('', 'SWAGGER3.3.4');
 362
 363     $t->delete_ok( "//$auth_userid:$password@/api/v1/acquisitions/orders/" . $order->ordernumber )
 364       ->status_is(404);
 365
 366     $schema->storage->txn_rollback;
 367 };