[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #39 from Victor Grousset/tuxayo --- Thanks! :) -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #38 from Tomás Cohen Arazi --- There are no anonymous access public routes in 19.05. So not needed. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Victor Grousset/tuxayo changed: What|Removed |Added CC||vic...@tuxayo.net --- Comment #37 from Victor Grousset/tuxayo --- Missing dependencies for 19.05.x, can't backport. Not sure I understand the details actually. Help need to analyze if someone with a 19.05.x would like this. Keep in mind that it's oldoldstable though so no guarantees. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Aleisha Amohia changed: What|Removed |Added Version(s)|20.05.00|20.05.00, 19.11.07 released in|| Status|Pushed to stable|Pushed to oldstable --- Comment #36 from Aleisha Amohia --- backported to 19.11.x for 19.11.07 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added Depends on||24862 --- Comment #35 from Tomás Cohen Arazi --- Aleisha, in this case it is all patches, including the last patch that specifically targets 19.11.x. Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24862 [Bug 24862] Wrong behaviour on anonymous sessions -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added Attachment #106080|0 |1 is obsolete|| --- Comment #34 from Tomás Cohen Arazi --- Created attachment 106081 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=106081&action=edit [19.11.x] Bug 25045: (follow-up) Fix typo adding the RESTPublicAnonymousRequests syspref -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added Attachment #103773|0 |1 is obsolete|| -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #33 from Tomás Cohen Arazi --- Created attachment 106080 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=106080&action=edit [19.11.x] Bug 25045: (follow-up) Fix typo adding the RESTPublicAnonymousRequests syspref -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added Attachment #103749|0 |1 is obsolete|| -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #32 from Tomás Cohen Arazi --- (In reply to Aleisha Amohia from comment #31) > I have tried to apply but tests fail on my devbox for 19.11.x. > > $ prove -v t/db_dependent/api/v1/auth_authenticate_api_request.t > t/db_dependent/api/v1/auth_authenticate_api_request.t .. > 1..3 > # Subtest: token-based tests > 1..10 > [2020-06-19 09:33:05.84026] [12653] [debug] POST "/api/v1/oauth/token" > (5ef232ce) > [2020-06-19 09:33:05.84638] [12653] [debug] Routing to controller > "Koha::REST::V1::Auth" and action "under" > [2020-06-19 09:33:05.84791] [12653] [debug] Routing to controller > "Koha::REST::V1::OAuth" and action "token" > [2020-06-19 09:33:05.86256] [12653] [debug] 200 OK (0.022287s, 44.869/s) > ok 1 - POST /api/v1/oauth/token > ok 2 - 200 OK > ok 3 - exact match for JSON Pointer "/expires_in" > ok 4 - exact match for JSON Pointer "/token_type" > ok 5 - has value for JSON Pointer "/access_token" > [2020-06-19 09:33:05.86597] [12653] [debug] GET "/api/v1/patrons" (01e901a8) > [2020-06-19 09:33:05.86677] [12653] [debug] Routing to controller > "Koha::REST::V1::Auth" and action "under" > [2020-06-19 09:33:05.88419] [12653] [debug] Routing to controller > "Koha::REST::V1::Patrons" and action "list" > [2020-06-19 09:33:06.11926] [12653] [debug] 200 OK (0.253264s, 3.948/s) > ok 6 - GET /api/v1/patrons > ok 7 - 200 OK > ok 8 - The 'koha.user' object is defined in the stash > ok 9 - Stashed koha.user object type is Koha::Patron > ok 10 - The stashed user is the right one > ok 1 - token-based tests > # Subtest: cookie-based tests > 1..5 > [2020-06-19 09:33:06.29506] [12653] [debug] GET "/api/v1/patrons" (4f027938) > [2020-06-19 09:33:06.29565] [12653] [debug] Routing to controller > "Koha::REST::V1::Auth" and action "under" > [2020-06-19 09:33:06.29736] [12653] [debug] 503 Service Unavailable > (0.00229s, 436.681/s) > ok 1 - GET /api/v1/patrons > not ok 2 - 200 OK > > # Failed test '200 OK' > # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 112. > # got: '503' > # expected: '200' > not ok 3 - The 'koha.user' object is defined in the stash > > # Failed test 'The 'koha.user' object is defined in the stash' > # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 115. > # Looks like you planned 5 tests but ran 3. > # Looks like you failed 2 tests of 3 run. > not ok 2 - cookie-based tests > > # Failed test 'cookie-based tests' > # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 120. > # Subtest: anonymous requests to public API > 1..4 > [2020-06-19 09:33:06.54596] [12653] [debug] GET "/api/v1/public/biblios/3" > (1a0aa1cd) > [2020-06-19 09:33:06.54737] [12653] [debug] Routing to controller > "Koha::REST::V1::Auth" and action "under" > [2020-06-19 09:33:06.54867] [12653] [debug] 503 Service Unavailable > (0.002694s, 371.195/s) > ok 1 - GET /api/v1/public/biblios/3 > not ok 2 - Unauthorized anonymous attempt to access a resource > > # Failed test 'Unauthorized anonymous attempt to access a resource' > # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 143. > # got: '503' > # expected: '401' > [2020-06-19 09:33:06.55176] [12653] [debug] GET "/api/v1/public/biblios/3" > (ece5c188) > [2020-06-19 09:33:06.55231] [12653] [debug] Routing to controller > "Koha::REST::V1::Auth" and action "under" > [2020-06-19 09:33:06.55343] [12653] [debug] 503 Service Unavailable > (0.001661s, 602.047/s) > ok 3 - GET /api/v1/public/biblios/3 > not ok 4 - Successfull anonymous access to a resource > > # Failed test 'Successfull anonymous access to a resource' > # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 149. > # got: '503' > # expected: '200' > # Looks like you failed 2 tests of 4. > not ok 3 - anonymous requests to public API > > # Failed test 'anonymous requests to public API' > # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 153. > # Looks like you failed 2 tests of 3. > Dubious, test returned 2 (wstat 512, 0x200) > Failed 2/3 subtests > > Test Summary Report > --- > t/db_dependent/api/v1/auth_authenticate_api_request.t (Wstat: 512 Tests: 3 > Failed: 2) > Failed tests: 2-3 > Non-zero exit status: 2 > Files=1, Tests=3, 8 wallclock secs ( 0.02 usr 0.01 sys + 3.77 cusr 1.14 > csys = 4.94 CPU) > Result: FAIL > > Please fix up and I will backport! I'll do it tomorrow -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #31 from Aleisha Amohia --- I have tried to apply but tests fail on my devbox for 19.11.x. $ prove -v t/db_dependent/api/v1/auth_authenticate_api_request.t t/db_dependent/api/v1/auth_authenticate_api_request.t .. 1..3 # Subtest: token-based tests 1..10 [2020-06-19 09:33:05.84026] [12653] [debug] POST "/api/v1/oauth/token" (5ef232ce) [2020-06-19 09:33:05.84638] [12653] [debug] Routing to controller "Koha::REST::V1::Auth" and action "under" [2020-06-19 09:33:05.84791] [12653] [debug] Routing to controller "Koha::REST::V1::OAuth" and action "token" [2020-06-19 09:33:05.86256] [12653] [debug] 200 OK (0.022287s, 44.869/s) ok 1 - POST /api/v1/oauth/token ok 2 - 200 OK ok 3 - exact match for JSON Pointer "/expires_in" ok 4 - exact match for JSON Pointer "/token_type" ok 5 - has value for JSON Pointer "/access_token" [2020-06-19 09:33:05.86597] [12653] [debug] GET "/api/v1/patrons" (01e901a8) [2020-06-19 09:33:05.86677] [12653] [debug] Routing to controller "Koha::REST::V1::Auth" and action "under" [2020-06-19 09:33:05.88419] [12653] [debug] Routing to controller "Koha::REST::V1::Patrons" and action "list" [2020-06-19 09:33:06.11926] [12653] [debug] 200 OK (0.253264s, 3.948/s) ok 6 - GET /api/v1/patrons ok 7 - 200 OK ok 8 - The 'koha.user' object is defined in the stash ok 9 - Stashed koha.user object type is Koha::Patron ok 10 - The stashed user is the right one ok 1 - token-based tests # Subtest: cookie-based tests 1..5 [2020-06-19 09:33:06.29506] [12653] [debug] GET "/api/v1/patrons" (4f027938) [2020-06-19 09:33:06.29565] [12653] [debug] Routing to controller "Koha::REST::V1::Auth" and action "under" [2020-06-19 09:33:06.29736] [12653] [debug] 503 Service Unavailable (0.00229s, 436.681/s) ok 1 - GET /api/v1/patrons not ok 2 - 200 OK # Failed test '200 OK' # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 112. # got: '503' # expected: '200' not ok 3 - The 'koha.user' object is defined in the stash # Failed test 'The 'koha.user' object is defined in the stash' # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 115. # Looks like you planned 5 tests but ran 3. # Looks like you failed 2 tests of 3 run. not ok 2 - cookie-based tests # Failed test 'cookie-based tests' # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 120. # Subtest: anonymous requests to public API 1..4 [2020-06-19 09:33:06.54596] [12653] [debug] GET "/api/v1/public/biblios/3" (1a0aa1cd) [2020-06-19 09:33:06.54737] [12653] [debug] Routing to controller "Koha::REST::V1::Auth" and action "under" [2020-06-19 09:33:06.54867] [12653] [debug] 503 Service Unavailable (0.002694s, 371.195/s) ok 1 - GET /api/v1/public/biblios/3 not ok 2 - Unauthorized anonymous attempt to access a resource # Failed test 'Unauthorized anonymous attempt to access a resource' # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 143. # got: '503' # expected: '401' [2020-06-19 09:33:06.55176] [12653] [debug] GET "/api/v1/public/biblios/3" (ece5c188) [2020-06-19 09:33:06.55231] [12653] [debug] Routing to controller "Koha::REST::V1::Auth" and action "under" [2020-06-19 09:33:06.55343] [12653] [debug] 503 Service Unavailable (0.001661s, 602.047/s) ok 3 - GET /api/v1/public/biblios/3 not ok 4 - Successfull anonymous access to a resource # Failed test 'Successfull anonymous access to a resource' # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 149. # got: '503' # expected: '200' # Looks like you failed 2 tests of 4. not ok 3 - anonymous requests to public API # Failed test 'anonymous requests to public API' # at t/db_dependent/api/v1/auth_authenticate_api_request.t line 153. # Looks like you failed 2 tests of 3. Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests Test Summary Report --- t/db_dependent/api/v1/auth_authenticate_api_request.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 2-3 Non-zero exit status: 2 Files=1, Tests=3, 8 wallclock secs ( 0.02 usr 0.01 sys + 3.77 cusr 1.14 csys = 4.94 CPU) Result: FAIL Please fix up and I will backport! -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #30 from David Cook --- (In reply to Tomás Cohen Arazi from comment #29) > (In reply to David Cook from comment #27) > > Bug 24909 has been pushed now, so in theory this could be pushed too, > > although personally I'm not a huge fan of pushing database updates to stable > > releases... > > This one is basically a syspref. Database structure changes are the > problematic ones. That's a good point! I admit that I didn't drill down into the patches to examine. I just saw the updatedatabase.pl in the description and got anxious. I run a lot of 19.11 instances, and I would love to see this backported. I withdraw my earlier objection. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #29 from Tomás Cohen Arazi --- (In reply to David Cook from comment #27) > Bug 24909 has been pushed now, so in theory this could be pushed too, > although personally I'm not a huge fan of pushing database updates to stable > releases... This one is basically a syspref. Database structure changes are the problematic ones. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Aleisha Amohia changed: What|Removed |Added Status|Pushed to master|Pushed to stable CC||alei...@catalyst.net.nz --- Comment #28 from Aleisha Amohia --- won't be backporting this to 19.11.x due to the db update. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 David Cook changed: What|Removed |Added CC||dc...@prosentient.com.au --- Comment #27 from David Cook --- Bug 24909 has been pushed now, so in theory this could be pushed too, although personally I'm not a huge fan of pushing database updates to stable releases... -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Martin Renvoize changed: What|Removed |Added Severity|normal |enhancement Text to go in the||This enhancement allows release notes||libraries to distinctly ||disable the OPAC but allow ||the public facing API's to ||be enabled. || ||**New system ||preference**: ||`RESTPublicAnonymousRequest ||s` defaults to enabled. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Jonathan Druart changed: What|Removed |Added Blocks||25484 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25484 [Bug 25484] Public routes added by plugins are no longer accessible -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #26 from Joy Nelson --- missing dependencies, not backported -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Joy Nelson changed: What|Removed |Added CC||j...@bywatersolutions.com --- Comment #25 from Joy Nelson --- not backported to 19.11.x -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added Blocks||25327 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25327 [Bug 25327] Cannot access API spec -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #24 from Martin Renvoize --- Created attachment 103773 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103773&action=edit Bug 25045: (RM follow-up) Correction to updatedatebase.pl Signed-off-by: Martin Renvoize -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #23 from Martin Renvoize --- Nice work everyone! Pushed to master for 20.05 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #22 from Martin Renvoize --- Created attachment 103749 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103749&action=edit Bug 25045: (RM follow-up) Add the RESTPublicAnonymousRequests syspref The atomic update alos included a quoting mistake Signed-off-by: Martin Renvoize -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #21 from Jonathan Druart --- Created attachment 103748 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103748&action=edit Bug 25045: (follow-up) Add the RESTPublicAnonymousRequests syspref -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #20 from Martin Renvoize --- Nice work everyone! Pushed to master for 20.05 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Martin Renvoize changed: What|Removed |Added Version(s)||20.05.00 released in|| Status|Passed QA |Pushed to master -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added QA Contact|testo...@bugs.koha-communit |jonathan.dru...@bugs.koha-c |y.org |ommunity.org -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #19 from Jonathan Druart --- Created attachment 103678 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103678&action=edit Bug 25045: (follow-up) Add a note to OpacPublic This patch tweaks the OpacPublic system preference description so users don't expect, incorrectly, this syspref to disable the public API anonymous access. Signed-off-by: Kyle M Hall Signed-off-by: Jonathan Druart Bug 25045: (QA follow-up) Fix note display on OpacPublic description Signed-off-by: Tomas Cohen Arazi Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #17 from Jonathan Druart --- Created attachment 103676 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103676&action=edit Bug 25045: Unit tests Signed-off-by: Kyle M Hall Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #18 from Jonathan Druart --- Created attachment 103677 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103677&action=edit Bug 25045: Allow restricting anonymous requests on the public API This patch introduces a check on the authenticate_api_request method for the RESTPublicAnonymousRequests system preference. If disabled, anonymous requests get rejected. The idea is to replicate the homologous OpacPublic system preference behaviour. To test: 1. Apply the Unit tests patch 2. Run: $ kshell k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t => FAIL: Tests fail, 200 is answered instead of 401 on the route. 3. Apply this patch 4. Repeat 2. => SUCCESS: Tests pass! 5. Sign off :-D Signed-off-by: Kyle M Hall Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Jonathan Druart changed: What|Removed |Added Attachment #103651|0 |1 is obsolete|| Attachment #103652|0 |1 is obsolete|| Attachment #103653|0 |1 is obsolete|| Attachment #103654|0 |1 is obsolete|| Attachment #103655|0 |1 is obsolete|| --- Comment #16 from Jonathan Druart --- Created attachment 103675 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103675&action=edit Bug 25045: Add the RESTPublicAnonymousRequests syspref Signed-off-by: Kyle M Hall Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Jonathan Druart changed: What|Removed |Added Status|Signed Off |Passed QA -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #15 from Tomás Cohen Arazi --- Created attachment 103655 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103655&action=edit Bug 25045: (QA follow-up) Fix note display on OpacPublic description Signed-off-by: Tomas Cohen Arazi -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #14 from Kyle M Hall --- Created attachment 103654 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103654&action=edit Bug 25045: (follow-up) Add a note to OpacPublic This patch tweaks the OpacPublic system preference description so users don't expect, incorrectly, this syspref to disable the public API anonymous access. Signed-off-by: Kyle M Hall -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Kyle M Hall changed: What|Removed |Added Status|Needs Signoff |Signed Off CC||k...@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Kyle M Hall changed: What|Removed |Added Attachment #102846|0 |1 is obsolete|| Attachment #102847|0 |1 is obsolete|| Attachment #102848|0 |1 is obsolete|| Attachment #102849|0 |1 is obsolete|| --- Comment #11 from Kyle M Hall --- Created attachment 103651 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103651&action=edit Bug 25045: Add the RESTPublicAnonymousRequests syspref Signed-off-by: Kyle M Hall -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #13 from Kyle M Hall --- Created attachment 103653 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103653&action=edit Bug 25045: Allow restricting anonymous requests on the public API This patch introduces a check on the authenticate_api_request method for the RESTPublicAnonymousRequests system preference. If disabled, anonymous requests get rejected. The idea is to replicate the homologous OpacPublic system preference behaviour. To test: 1. Apply the Unit tests patch 2. Run: $ kshell k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t => FAIL: Tests fail, 200 is answered instead of 401 on the route. 3. Apply this patch 4. Repeat 2. => SUCCESS: Tests pass! 5. Sign off :-D Signed-off-by: Kyle M Hall -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #12 from Kyle M Hall --- Created attachment 103652 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103652&action=edit Bug 25045: Unit tests Signed-off-by: Kyle M Hall -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added Summary|REST API public route |Add a way to restrict |accessible if OpacPublic is |anonymous access to public |off |routes (OpacPublic ||behaviour) See Also|https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=24909 | Depends on||24909 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24909 [Bug 24909] Add unprivileged route to get a bibliographic record -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added Status|NEW |ASSIGNED -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #8 from Jonathan Druart --- Maybe that does not make sense but, don't you think we should make is_public mandatory in authenticate_api_request? That would prevent a future call to forget it. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #7 from Tomás Cohen Arazi --- Any feedback on the wording is greatly appreciated. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #4 from Tomás Cohen Arazi --- Created attachment 102847 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=102847&action=edit Bug 25045: Unit tests -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #9 from Jonathan Druart --- (In reply to Jonathan Druart from comment #8) > Maybe that does not make sense but, don't you think we should make is_public > mandatory in authenticate_api_request? > > That would prevent a future call to forget it. Scratch that, it does not make sense. There won't be bad side-effects if it's not passed. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added CC||agustinmoy...@theke.io, ||jonathan.dru...@bugs.koha-c ||ommunity.org, ||katrin.fisc...@bsz-bw.de, ||martin.renvoize@ptfs-europe ||.com, ||n...@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #5 from Tomás Cohen Arazi --- Created attachment 102848 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=102848&action=edit Bug 25045: Allow restricting anonymous requests on the public API This patch introduces a check on the authenticate_api_request method for the RESTPublicAnonymousRequests system preference. If disabled, anonymous requests get rejected. The idea is to replicate the homologous OpacPublic system preference behaviour. To test: 1. Apply the Unit tests patch 2. Run: $ kshell k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t => FAIL: Tests fail, 200 is answered instead of 401 on the route. 3. Apply this patch 4. Repeat 2. => SUCCESS: Tests pass! 5. Sign off :-D -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #6 from Tomás Cohen Arazi --- Created attachment 102849 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=102849&action=edit Bug 25045: (follow-up) Add a note to OpacPublic This patch tweaks the OpacPublic system preference description so users don't expect, incorrectly, this syspref to disable the public API anonymous access. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #3 from Tomás Cohen Arazi --- Created attachment 102846 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=102846&action=edit Bug 25045: Add the RESTPublicAnonymousRequests syspref -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 Tomás Cohen Arazi changed: What|Removed |Added Patch complexity|--- |Small patch Status|ASSIGNED|Needs Signoff -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045 --- Comment #10 from Jonathan Druart --- The "Note" does not appear in the syspref's description. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/