| commit | 28fb7b4f83b84069954fd6baf7e1e762c67ee75c | |
| author | Tomas Cohen Arazi <tomascohen@theke.io> | |
| Mon, 4 May 2020 18:43:18 +0000 (4 15:43 -0300) | ||
| committer | Aleisha Amohia <aleishaamohia@hotmail.com> | |
| Mon, 22 Jun 2020 02:25:17 +0000 (22 14:25 +1200) | ||
| tree | f433b42528319d2bfaed0a2e770d49ffc24e2dca | treesnapshot (tar.gz zip) |
| parent | cd950f634113d1cfffd0a6431ad9d121da5b4b0f | commitdiff |
Bug 25327: Do not call authenticate_api_request to render the spec
The original code for Koha::REST::V1::Auth::under called
authenticate_api_request when requesting the API spec. This didn't make
sense, and recent changes on what conditions are tested for public
routes, broke the route.
We could add another condition, but it really doesn't make sense to call
authenticate_api_request if it should be publicly available in any
configuration, as discussed on the bug.
This patch adds a trivial check and the requested route, and lets the
request through in any case in 'under'.
To test:
1. Point your browser to:
http://kohadev.myDNSname.org:8080/api/v1/
http://kohadev.myDNSname.org:8080/api/v1/.html
=> FAIL: In both cases you get an authorization error.
2. Apply the regression tests patch
3. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth.t
=> FAIL: The tests reflect the situation, and fail
4. Apply this patch
5. Repeat 1 and 3
=> SUCCESS: All good!
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
The original code for Koha::REST::V1::Auth::under called
authenticate_api_request when requesting the API spec. This didn't make
sense, and recent changes on what conditions are tested for public
routes, broke the route.
We could add another condition, but it really doesn't make sense to call
authenticate_api_request if it should be publicly available in any
configuration, as discussed on the bug.
This patch adds a trivial check and the requested route, and lets the
request through in any case in 'under'.
To test:
1. Point your browser to:
http://kohadev.myDNSname.org:8080/api/v1/
http://kohadev.myDNSname.org:8080/api/v1/.html
=> FAIL: In both cases you get an authorization error.
2. Apply the regression tests patch
3. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth.t
=> FAIL: The tests reflect the situation, and fail
4. Apply this patch
5. Repeat 1 and 3
=> SUCCESS: All good!
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
| Koha/REST/V1/Auth.pm | diffblobblamehistory |