https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41514
David Nind <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #194462|0 |1 is obsolete| | --- Comment #2 from David Nind <[email protected]> --- Created attachment 194476 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=194476&action=edit Bug 41514: Enforce lead/trail periods server-side in booking API Previously, lead and trail period validation for bookings was only enforced in the UI (place_booking.js), allowing third-party API consumers to create bookings that violated the configured buffer zones. This patch adds server-side enforcement in the two check_booking() methods and the Booking->store() call: - Koha::Item::check_booking(): accepts an optional branchcode param, fetches bookings_lead_period and bookings_trail_period circ rules for the item's effective itemtype, expands the overlap query so that effective periods (core ± lead/trail) are checked rather than just core date ranges. Also expands the checkout-due-date check so that items must be returned at least lead_days before the booking start. - Koha::Biblio::check_booking(): same expansion using the global (itemtype-agnostic) rule as an approximation for biblios that have items of mixed types. The item-level check provides the definitive per-item validation. - Koha::Booking::store(): passes pickup_library_id as branchcode to both check_booking() calls so that branch-specific rules are used. Tests added to t/db_dependent/Koha/Booking.t covering: - booking ending in existing booking's lead period → clash - booking ending before effective period → OK - booking starting in existing booking's trail period → clash - new booking's lead period overlapping existing trail period → clash - booking starting after full effective period ends → OK - checkout due within lead period → clash - checkout due before lead period → OK Signed-off-by: David Nind <[email protected]> -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
