subject:"\[Koha\-bugs\] \[Bug 25045\] Add a way to restrict anonymous access to public routes \(OpacPublic behaviour\)"

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-07-03 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #39 from Victor Grousset/tuxayo  ---
Thanks! :)

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-07-03 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #38 from Tomás Cohen Arazi  ---
There are no anonymous access public routes in 19.05. So not needed.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-07-03 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Victor Grousset/tuxayo  changed:

   What|Removed |Added

 CC||vic...@tuxayo.net

--- Comment #37 from Victor Grousset/tuxayo  ---
Missing dependencies for 19.05.x, can't backport.

Not sure I understand the details actually. Help need to analyze if someone
with a 19.05.x would like this. Keep in mind that it's oldoldstable though so
no guarantees.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Aleisha Amohia  changed:

   What|Removed |Added

 Version(s)|20.05.00|20.05.00, 19.11.07
released in||
 Status|Pushed to stable|Pushed to oldstable

--- Comment #36 from Aleisha Amohia  ---
backported to 19.11.x for 19.11.07

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Depends on||24862

--- Comment #35 from Tomás Cohen Arazi  ---
Aleisha, in this case it is all patches, including the last patch that
specifically targets 19.11.x.


Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24862
[Bug 24862] Wrong behaviour on anonymous sessions
-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Attachment #106080|0   |1
is obsolete||

--- Comment #34 from Tomás Cohen Arazi  ---
Created attachment 106081
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=106081&action=edit
[19.11.x] Bug 25045: (follow-up) Fix typo adding the
RESTPublicAnonymousRequests syspref

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Attachment #103773|0   |1
is obsolete||

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #33 from Tomás Cohen Arazi  ---
Created attachment 106080
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=106080&action=edit
[19.11.x] Bug 25045: (follow-up) Fix typo adding the
RESTPublicAnonymousRequests syspref

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Attachment #103749|0   |1
is obsolete||

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-18 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #32 from Tomás Cohen Arazi  ---
(In reply to Aleisha Amohia from comment #31)
> I have tried to apply but tests fail on my devbox for 19.11.x.
> 
> $ prove -v t/db_dependent/api/v1/auth_authenticate_api_request.t 
> t/db_dependent/api/v1/auth_authenticate_api_request.t .. 
> 1..3
> # Subtest: token-based tests
> 1..10
> [2020-06-19 09:33:05.84026] [12653] [debug] POST "/api/v1/oauth/token"
> (5ef232ce)
> [2020-06-19 09:33:05.84638] [12653] [debug] Routing to controller
> "Koha::REST::V1::Auth" and action "under"
> [2020-06-19 09:33:05.84791] [12653] [debug] Routing to controller
> "Koha::REST::V1::OAuth" and action "token"
> [2020-06-19 09:33:05.86256] [12653] [debug] 200 OK (0.022287s, 44.869/s)
> ok 1 - POST /api/v1/oauth/token
> ok 2 - 200 OK
> ok 3 - exact match for JSON Pointer "/expires_in"
> ok 4 - exact match for JSON Pointer "/token_type"
> ok 5 - has value for JSON Pointer "/access_token"
> [2020-06-19 09:33:05.86597] [12653] [debug] GET "/api/v1/patrons" (01e901a8)
> [2020-06-19 09:33:05.86677] [12653] [debug] Routing to controller
> "Koha::REST::V1::Auth" and action "under"
> [2020-06-19 09:33:05.88419] [12653] [debug] Routing to controller
> "Koha::REST::V1::Patrons" and action "list"
> [2020-06-19 09:33:06.11926] [12653] [debug] 200 OK (0.253264s, 3.948/s)
> ok 6 - GET /api/v1/patrons
> ok 7 - 200 OK
> ok 8 - The 'koha.user' object is defined in the stash
> ok 9 - Stashed koha.user object type is Koha::Patron
> ok 10 - The stashed user is the right one
> ok 1 - token-based tests
> # Subtest: cookie-based tests
> 1..5
> [2020-06-19 09:33:06.29506] [12653] [debug] GET "/api/v1/patrons" (4f027938)
> [2020-06-19 09:33:06.29565] [12653] [debug] Routing to controller
> "Koha::REST::V1::Auth" and action "under"
> [2020-06-19 09:33:06.29736] [12653] [debug] 503 Service Unavailable
> (0.00229s, 436.681/s)
> ok 1 - GET /api/v1/patrons
> not ok 2 - 200 OK
> 
> #   Failed test '200 OK'
> #   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 112.
> #  got: '503'
> # expected: '200'
> not ok 3 - The 'koha.user' object is defined in the stash
> 
> #   Failed test 'The 'koha.user' object is defined in the stash'
> #   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 115.
> # Looks like you planned 5 tests but ran 3.
> # Looks like you failed 2 tests of 3 run.
> not ok 2 - cookie-based tests
> 
> #   Failed test 'cookie-based tests'
> #   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 120.
> # Subtest: anonymous requests to public API
> 1..4
> [2020-06-19 09:33:06.54596] [12653] [debug] GET "/api/v1/public/biblios/3"
> (1a0aa1cd)
> [2020-06-19 09:33:06.54737] [12653] [debug] Routing to controller
> "Koha::REST::V1::Auth" and action "under"
> [2020-06-19 09:33:06.54867] [12653] [debug] 503 Service Unavailable
> (0.002694s, 371.195/s)
> ok 1 - GET /api/v1/public/biblios/3
> not ok 2 - Unauthorized anonymous attempt to access a resource
> 
> #   Failed test 'Unauthorized anonymous attempt to access a resource'
> #   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 143.
> #  got: '503'
> # expected: '401'
> [2020-06-19 09:33:06.55176] [12653] [debug] GET "/api/v1/public/biblios/3"
> (ece5c188)
> [2020-06-19 09:33:06.55231] [12653] [debug] Routing to controller
> "Koha::REST::V1::Auth" and action "under"
> [2020-06-19 09:33:06.55343] [12653] [debug] 503 Service Unavailable
> (0.001661s, 602.047/s)
> ok 3 - GET /api/v1/public/biblios/3
> not ok 4 - Successfull anonymous access to a resource
> 
> #   Failed test 'Successfull anonymous access to a resource'
> #   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 149.
> #  got: '503'
> # expected: '200'
> # Looks like you failed 2 tests of 4.
> not ok 3 - anonymous requests to public API
> 
> #   Failed test 'anonymous requests to public API'
> #   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 153.
> # Looks like you failed 2 tests of 3.
> Dubious, test returned 2 (wstat 512, 0x200)
> Failed 2/3 subtests 
> 
> Test Summary Report
> ---
> t/db_dependent/api/v1/auth_authenticate_api_request.t (Wstat: 512 Tests: 3
> Failed: 2)
>   Failed tests:  2-3
>   Non-zero exit status: 2
> Files=1, Tests=3,  8 wallclock secs ( 0.02 usr  0.01 sys +  3.77 cusr  1.14
> csys =  4.94 CPU)
> Result: FAIL
> 
> Please fix up and I will backport!

I'll do it tomorrow

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-18 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #31 from Aleisha Amohia  ---
I have tried to apply but tests fail on my devbox for 19.11.x.

$ prove -v t/db_dependent/api/v1/auth_authenticate_api_request.t 
t/db_dependent/api/v1/auth_authenticate_api_request.t .. 
1..3
# Subtest: token-based tests
1..10
[2020-06-19 09:33:05.84026] [12653] [debug] POST "/api/v1/oauth/token"
(5ef232ce)
[2020-06-19 09:33:05.84638] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:05.84791] [12653] [debug] Routing to controller
"Koha::REST::V1::OAuth" and action "token"
[2020-06-19 09:33:05.86256] [12653] [debug] 200 OK (0.022287s, 44.869/s)
ok 1 - POST /api/v1/oauth/token
ok 2 - 200 OK
ok 3 - exact match for JSON Pointer "/expires_in"
ok 4 - exact match for JSON Pointer "/token_type"
ok 5 - has value for JSON Pointer "/access_token"
[2020-06-19 09:33:05.86597] [12653] [debug] GET "/api/v1/patrons" (01e901a8)
[2020-06-19 09:33:05.86677] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:05.88419] [12653] [debug] Routing to controller
"Koha::REST::V1::Patrons" and action "list"
[2020-06-19 09:33:06.11926] [12653] [debug] 200 OK (0.253264s, 3.948/s)
ok 6 - GET /api/v1/patrons
ok 7 - 200 OK
ok 8 - The 'koha.user' object is defined in the stash
ok 9 - Stashed koha.user object type is Koha::Patron
ok 10 - The stashed user is the right one
ok 1 - token-based tests
# Subtest: cookie-based tests
1..5
[2020-06-19 09:33:06.29506] [12653] [debug] GET "/api/v1/patrons" (4f027938)
[2020-06-19 09:33:06.29565] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:06.29736] [12653] [debug] 503 Service Unavailable (0.00229s,
436.681/s)
ok 1 - GET /api/v1/patrons
not ok 2 - 200 OK

#   Failed test '200 OK'
#   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 112.
#  got: '503'
# expected: '200'
not ok 3 - The 'koha.user' object is defined in the stash

#   Failed test 'The 'koha.user' object is defined in the stash'
#   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 115.
# Looks like you planned 5 tests but ran 3.
# Looks like you failed 2 tests of 3 run.
not ok 2 - cookie-based tests

#   Failed test 'cookie-based tests'
#   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 120.
# Subtest: anonymous requests to public API
1..4
[2020-06-19 09:33:06.54596] [12653] [debug] GET "/api/v1/public/biblios/3"
(1a0aa1cd)
[2020-06-19 09:33:06.54737] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:06.54867] [12653] [debug] 503 Service Unavailable (0.002694s,
371.195/s)
ok 1 - GET /api/v1/public/biblios/3
not ok 2 - Unauthorized anonymous attempt to access a resource

#   Failed test 'Unauthorized anonymous attempt to access a resource'
#   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 143.
#  got: '503'
# expected: '401'
[2020-06-19 09:33:06.55176] [12653] [debug] GET "/api/v1/public/biblios/3"
(ece5c188)
[2020-06-19 09:33:06.55231] [12653] [debug] Routing to controller
"Koha::REST::V1::Auth" and action "under"
[2020-06-19 09:33:06.55343] [12653] [debug] 503 Service Unavailable (0.001661s,
602.047/s)
ok 3 - GET /api/v1/public/biblios/3
not ok 4 - Successfull anonymous access to a resource

#   Failed test 'Successfull anonymous access to a resource'
#   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 149.
#  got: '503'
# expected: '200'
# Looks like you failed 2 tests of 4.
not ok 3 - anonymous requests to public API

#   Failed test 'anonymous requests to public API'
#   at t/db_dependent/api/v1/auth_authenticate_api_request.t line 153.
# Looks like you failed 2 tests of 3.
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 

Test Summary Report
---
t/db_dependent/api/v1/auth_authenticate_api_request.t (Wstat: 512 Tests: 3
Failed: 2)
  Failed tests:  2-3
  Non-zero exit status: 2
Files=1, Tests=3,  8 wallclock secs ( 0.02 usr  0.01 sys +  3.77 cusr  1.14
csys =  4.94 CPU)
Result: FAIL

Please fix up and I will backport!

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #30 from David Cook  ---
(In reply to Tomás Cohen Arazi from comment #29)
> (In reply to David Cook from comment #27)
> > Bug 24909 has been pushed now, so in theory this could be pushed too,
> > although personally I'm not a huge fan of pushing database updates to stable
> > releases...
> 
> This one is basically a syspref. Database structure changes are the
> problematic ones.

That's a good point! I admit that I didn't drill down into the patches to
examine. I just saw the updatedatabase.pl in the description and got anxious. 

I run a lot of 19.11 instances, and I would love to see this backported. 

I withdraw my earlier objection.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #29 from Tomás Cohen Arazi  ---
(In reply to David Cook from comment #27)
> Bug 24909 has been pushed now, so in theory this could be pushed too,
> although personally I'm not a huge fan of pushing database updates to stable
> releases...

This one is basically a syspref. Database structure changes are the problematic
ones.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Aleisha Amohia  changed:

   What|Removed |Added

 Status|Pushed to master|Pushed to stable
 CC||alei...@catalyst.net.nz

--- Comment #28 from Aleisha Amohia  ---
won't be backporting this to 19.11.x due to the db update.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-06-16 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

David Cook  changed:

   What|Removed |Added

 CC||dc...@prosentient.com.au

--- Comment #27 from David Cook  ---
Bug 24909 has been pushed now, so in theory this could be pushed too, although
personally I'm not a huge fan of pushing database updates to stable releases...

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-05-22 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Martin Renvoize  changed:

   What|Removed |Added

   Severity|normal  |enhancement
  Text to go in the||This enhancement allows
  release notes||libraries to distinctly
   ||disable the OPAC but allow
   ||the public facing API's to
   ||be enabled.
   ||
   ||**New system
   ||preference**:
   ||`RESTPublicAnonymousRequest
   ||s` defaults to enabled.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-05-13 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Jonathan Druart  changed:

   What|Removed |Added

 Blocks||25484


Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25484
[Bug 25484] Public routes added by plugins are no longer accessible
-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-05-08 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #26 from Joy Nelson  ---
missing dependencies, not backported

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-05-05 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Joy Nelson  changed:

   What|Removed |Added

 CC||j...@bywatersolutions.com

--- Comment #25 from Joy Nelson  ---
not backported to 19.11.x

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-30 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Blocks||25327


Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25327
[Bug 25327] Cannot access API spec
-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-27 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #24 from Martin Renvoize  ---
Created attachment 103773
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103773&action=edit
Bug 25045: (RM follow-up) Correction to updatedatebase.pl

Signed-off-by: Martin Renvoize 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-27 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #23 from Martin Renvoize  ---
Nice work everyone!

Pushed to master for 20.05

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-27 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #22 from Martin Renvoize  ---
Created attachment 103749
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103749&action=edit
Bug 25045: (RM follow-up) Add the RESTPublicAnonymousRequests syspref

The atomic update alos included a quoting mistake

Signed-off-by: Martin Renvoize 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-27 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #21 from Jonathan Druart  
---
Created attachment 103748
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103748&action=edit
Bug 25045: (follow-up) Add the RESTPublicAnonymousRequests syspref

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-27 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #20 from Martin Renvoize  ---
Nice work everyone!

Pushed to master for 20.05

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-27 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Martin Renvoize  changed:

   What|Removed |Added

 Version(s)||20.05.00
released in||
 Status|Passed QA   |Pushed to master

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

 QA Contact|testo...@bugs.koha-communit |jonathan.dru...@bugs.koha-c
   |y.org   |ommunity.org

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #19 from Jonathan Druart  
---
Created attachment 103678
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103678&action=edit
Bug 25045: (follow-up) Add a note to OpacPublic

This patch tweaks the OpacPublic system preference description so users
don't expect, incorrectly, this syspref to disable the public API
anonymous access.

Signed-off-by: Kyle M Hall 

Signed-off-by: Jonathan Druart 

Bug 25045: (QA follow-up) Fix note display on OpacPublic description

Signed-off-by: Tomas Cohen Arazi 

Signed-off-by: Jonathan Druart 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #17 from Jonathan Druart  
---
Created attachment 103676
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103676&action=edit
Bug 25045: Unit tests

Signed-off-by: Kyle M Hall 

Signed-off-by: Jonathan Druart 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #18 from Jonathan Druart  
---
Created attachment 103677
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103677&action=edit
Bug 25045: Allow restricting anonymous requests on the public API

This patch introduces a check on the authenticate_api_request method for
the RESTPublicAnonymousRequests system preference. If disabled,
anonymous  requests get rejected.

The idea is to replicate the homologous OpacPublic system preference
behaviour.

To test:
1. Apply the Unit tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail, 200 is answered instead of 401 on the route.
3. Apply this patch
4. Repeat 2.
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Kyle M Hall 

Signed-off-by: Jonathan Druart 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Jonathan Druart  changed:

   What|Removed |Added

 Attachment #103651|0   |1
is obsolete||
 Attachment #103652|0   |1
is obsolete||
 Attachment #103653|0   |1
is obsolete||
 Attachment #103654|0   |1
is obsolete||
 Attachment #103655|0   |1
is obsolete||

--- Comment #16 from Jonathan Druart  
---
Created attachment 103675
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103675&action=edit
Bug 25045: Add the RESTPublicAnonymousRequests syspref

Signed-off-by: Kyle M Hall 

Signed-off-by: Jonathan Druart 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Jonathan Druart  changed:

   What|Removed |Added

 Status|Signed Off  |Passed QA

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #15 from Tomás Cohen Arazi  ---
Created attachment 103655
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103655&action=edit
Bug 25045: (QA follow-up) Fix note display on OpacPublic description

Signed-off-by: Tomas Cohen Arazi 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #14 from Kyle M Hall  ---
Created attachment 103654
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103654&action=edit
Bug 25045: (follow-up) Add a note to OpacPublic

This patch tweaks the OpacPublic system preference description so users
don't expect, incorrectly, this syspref to disable the public API
anonymous access.

Signed-off-by: Kyle M Hall 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Kyle M Hall  changed:

   What|Removed |Added

 Status|Needs Signoff   |Signed Off
 CC||k...@bywatersolutions.com

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Kyle M Hall  changed:

   What|Removed |Added

 Attachment #102846|0   |1
is obsolete||
 Attachment #102847|0   |1
is obsolete||
 Attachment #102848|0   |1
is obsolete||
 Attachment #102849|0   |1
is obsolete||

--- Comment #11 from Kyle M Hall  ---
Created attachment 103651
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103651&action=edit
Bug 25045: Add the RESTPublicAnonymousRequests syspref

Signed-off-by: Kyle M Hall 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #13 from Kyle M Hall  ---
Created attachment 103653
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103653&action=edit
Bug 25045: Allow restricting anonymous requests on the public API

This patch introduces a check on the authenticate_api_request method for
the RESTPublicAnonymousRequests system preference. If disabled,
anonymous  requests get rejected.

The idea is to replicate the homologous OpacPublic system preference
behaviour.

To test:
1. Apply the Unit tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail, 200 is answered instead of 401 on the route.
3. Apply this patch
4. Repeat 2.
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Kyle M Hall 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #12 from Kyle M Hall  ---
Created attachment 103652
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=103652&action=edit
Bug 25045: Unit tests

Signed-off-by: Kyle M Hall 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

Summary|REST API public route   |Add a way to restrict
   |accessible if OpacPublic is |anonymous access to public
   |off |routes (OpacPublic
   ||behaviour)
   See Also|https://bugs.koha-community |
   |.org/bugzilla3/show_bug.cgi |
   |?id=24909   |
 Depends on||24909


Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24909
[Bug 24909] Add unprivileged route to get a bibliographic record
-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Status|NEW |ASSIGNED

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #8 from Jonathan Druart  
---
Maybe that does not make sense but, don't you think we should make is_public
mandatory in authenticate_api_request?

That would prevent a future call to forget it.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #7 from Tomás Cohen Arazi  ---
Any feedback on the wording is greatly appreciated.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #4 from Tomás Cohen Arazi  ---
Created attachment 102847
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=102847&action=edit
Bug 25045: Unit tests

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #9 from Jonathan Druart  
---
(In reply to Jonathan Druart from comment #8)
> Maybe that does not make sense but, don't you think we should make is_public
> mandatory in authenticate_api_request?
> 
> That would prevent a future call to forget it.

Scratch that, it does not make sense.
There won't be bad side-effects if it's not passed.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

 CC||agustinmoy...@theke.io,
   ||jonathan.dru...@bugs.koha-c
   ||ommunity.org,
   ||katrin.fisc...@bsz-bw.de,
   ||martin.renvoize@ptfs-europe
   ||.com,
   ||n...@bywatersolutions.com

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #5 from Tomás Cohen Arazi  ---
Created attachment 102848
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=102848&action=edit
Bug 25045: Allow restricting anonymous requests on the public API

This patch introduces a check on the authenticate_api_request method for
the RESTPublicAnonymousRequests system preference. If disabled,
anonymous  requests get rejected.

The idea is to replicate the homologous OpacPublic system preference
behaviour.

To test:
1. Apply the Unit tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail, 200 is answered instead of 401 on the route.
3. Apply this patch
4. Repeat 2.
=> SUCCESS: Tests pass!
5. Sign off :-D

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #6 from Tomás Cohen Arazi  ---
Created attachment 102849
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=102849&action=edit
Bug 25045: (follow-up) Add a note to OpacPublic

This patch tweaks the OpacPublic system preference description so users
don't expect, incorrectly, this syspref to disable the public API
anonymous access.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #3 from Tomás Cohen Arazi  ---
Created attachment 102846
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=102846&action=edit
Bug 25045: Add the RESTPublicAnonymousRequests syspref

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

Tomás Cohen Arazi  changed:

   What|Removed |Added

   Patch complexity|--- |Small patch
 Status|ASSIGNED|Needs Signoff

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 25045] Add a way to restrict anonymous access to public routes (OpacPublic behaviour)

2020-04-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25045

--- Comment #10 from Jonathan Druart  
---
The "Note" does not appear in the syspref's description.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

50 matches

Mail list logo