subject:"\[Koha\-bugs\] \[Bug 32739\] REST API\: Extend endpoint \/auth\/password\/validation for cardnumber"

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-28 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #35 from Pedro Amorim  ---
Nice work everyone!

Pushed to 22.11.x for next release

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-28 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Pedro Amorim  changed:

   What|Removed |Added

 Status|Pushed to stable|Pushed to oldstable
 Version(s)|23.11.00,23.05.03   |23.11.00,23.05.03,22.11.09
released in||

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-28 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #34 from Pedro Amorim  ---
(In reply to Pedro Amorim from comment #33)
> @Tomas I know this is rel_22_11_candidate but I believe this bug requires
> bug 33556. And it seems bug 33556 requires bug 21043.
> 
> There may be other bugs missing here but this is as far as I went with this.
> 
> Do we drop this or invest and backport the whole required tree for this?

Nevermind, the team helped me rebase this without anything else being pushed.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-18 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Pedro Amorim  changed:

   What|Removed |Added

 CC||pedro.amo...@ptfs-europe.co
   ||m

--- Comment #33 from Pedro Amorim  ---
@Tomas I know this is rel_22_11_candidate but I believe this bug requires bug
33556. And it seems bug 33556 requires bug 21043.

There may be other bugs missing here but this is as far as I went with this.

Do we drop this or invest and backport the whole required tree for this?

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-15 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Tomás Cohen Arazi  changed:

   What|Removed |Added

   Keywords||rel_22_11_candidate

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-04 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #32 from Katrin Fischer  ---
Thank you!

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-04 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Fridolin Somers  changed:

   What|Removed |Added

 Version(s)|23.11.00|23.11.00,23.05.03
released in||
 Status|Pushed to master|Pushed to stable

--- Comment #31 from Fridolin Somers  ---
Pushed to 23.05.x for 23.05.03

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-04 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #30 from Fridolin Somers  ---
(In reply to Katrin Fischer from comment #29)
> (In reply to Fridolin Somers from comment #28)
> > I prefer not to backport since it is about passwords ;)
> 
> It would be nice if you could reconsider. This brings this API in line and
> is more a bug fix than an enhancement I feel. The API is also very new
> still, so better to change it earlier than later.

OK on it. I looks solid ;)

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-04 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #29 from Katrin Fischer  ---
(In reply to Fridolin Somers from comment #28)
> I prefer not to backport since it is about passwords ;)

It would be nice if you could reconsider. This brings this API in line and is
more a bug fix than an enhancement I feel. The API is also very new still, so
better to change it earlier than later.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-08-03 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Fridolin Somers  changed:

   What|Removed |Added

 CC||fridolin.som...@biblibre.co
   ||m

--- Comment #28 from Fridolin Somers  ---
I prefer not to backport since it is about passwords ;)

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-25 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #27 from Tomás Cohen Arazi  ---
Pushed to master for 23.11.

Nice work everyone, thanks!

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-25 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Version(s)||23.11.00
released in||
 Status|Passed QA   |Pushed to master

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-25 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #26 from Tomás Cohen Arazi  ---
(In reply to Martin Renvoize from comment #25)
> Created attachment 153887 [details] [review]
> Bug 32739: (follow-up) QA Cleanup
> 
> Signed-off-by: Martin Renvoize 

Oops. Thanks!

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-25 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Martin Renvoize  changed:

   What|Removed |Added

 QA Contact||martin.renvoize@ptfs-europe
   ||.com

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-25 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Martin Renvoize  changed:

   What|Removed |Added

 Status|Signed Off  |Passed QA
 CC||martin.renvoize@ptfs-europe
   ||.com

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-25 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #25 from Martin Renvoize  ---
Created attachment 153887
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153887&action=edit
Bug 32739: (follow-up) QA Cleanup

Signed-off-by: Martin Renvoize 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-25 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Martin Renvoize  changed:

   What|Removed |Added

 Attachment #153842|0   |1
is obsolete||

--- Comment #24 from Martin Renvoize  ---
Created attachment 153886
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153886&action=edit
Bug 32739: Allow other patron identifier on pwd validation

This patch takes a step forward on the password validation endpoint, by
adding  the `identifier` parameter and making it be allowed
to be the patron's `cardnumber` or the `userid`.

The current `userid` only validation option is kept as-is.

The implementation relies on `C4::Auth::checkpw` to query for the
patron.

To test:
1. Apply this patches
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/api/v1/password_validation.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Nick Clemens 
Signed-off-by: Martin Renvoize 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-25 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Martin Renvoize  changed:

   What|Removed |Added

 Attachment #153841|0   |1
is obsolete||

--- Comment #23 from Martin Renvoize  ---
Created attachment 153885
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153885&action=edit
Bug 32739: Unit tests

Signed-off-by: Nick Clemens 
Signed-off-by: Martin Renvoize 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #22 from Nick Clemens  ---
Created attachment 153842
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153842&action=edit
Bug 32739: Allow other patron identifier on pwd validation

This patch takes a step forward on the password validation endpoint, by
adding  the `identifier` parameter and making it be allowed
to be the patron's `cardnumber` or the `userid`.

The current `userid` only validation option is kept as-is.

The implementation relies on `C4::Auth::checkpw` to query for the
patron.

To test:
1. Apply this patches
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/api/v1/password_validation.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Nick Clemens 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Nick Clemens  changed:

   What|Removed |Added

 Attachment #153816|0   |1
is obsolete||
 Attachment #153817|0   |1
is obsolete||

--- Comment #21 from Nick Clemens  ---
Created attachment 153841
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153841&action=edit
Bug 32739: Unit tests

Signed-off-by: Nick Clemens 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Nick Clemens  changed:

   What|Removed |Added

 Status|Needs Signoff   |Signed Off

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Tomás Cohen Arazi  changed:

   What|Removed |Added

  Text to go in the||This development adds a new
  release notes||attribute for identifying
   ||the patron for password
   ||validation: `identifier`.
   ||It expects to be passed a
   ||`userid` or a `cardnumber`
   ||in it. It the `identifier`
   ||doesn't match a `userid`,
   ||then Koha will try matching
   ||a `cardnumber`.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #20 from Tomás Cohen Arazi  ---
(In reply to Katrin Fischer from comment #16)
> (In reply to Katrin Fischer from comment #15)
> > There is documentation in the patch claiming that userid with cardnumber
> > should not work, but it does in my testing:

I regretted about making such change. I'll deal with the thing that bothered me
about it on a separate bug.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #19 from Tomás Cohen Arazi  ---
Created attachment 153817
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153817&action=edit
Bug 32739: Allow other patron identifier on pwd validation

This patch takes a step forward on the password validation endpoint, by
adding  the `identifier` parameter and making it be allowed
to be the patron's `cardnumber` or the `userid`.

The current `userid` only validation option is kept as-is.

The implementation relies on `C4::Auth::checkpw` to query for the
patron.

To test:
1. Apply this patches
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/api/v1/password_validation.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Nick Clemens 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Attachment #153776|0   |1
is obsolete||
 Attachment #153777|0   |1
is obsolete||

--- Comment #18 from Tomás Cohen Arazi  ---
Created attachment 153816
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153816&action=edit
Bug 32739: Unit tests

Signed-off-by: Nick Clemens 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Status|Failed QA   |Needs Signoff

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #17 from Tomás Cohen Arazi  ---
Nick, can you retest? I decided to restore the original behavior for userid. We
will make it better [1] once we move password checking into Koha::*. But the
original functionality should remain as-is, and it was a mistake to simplify it
like I did. Sorry for that

[1] We are fetching the Koha::Patron from the DB, and then checkpw will
re-fetch it. This is how the original code works in master BTW.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #16 from Katrin Fischer  ---
(In reply to Katrin Fischer from comment #15)
> There is documentation in the patch claiming that userid with cardnumber
> should not work, but it does in my testing:
> 
> Optionally, you can specify the `userid` attribute if you don't want it
> to be checked against the patron cardnumbers.
> 
> { "userid": "42", "password": "koha" }
> 
> Gives: 204

I don't insist on this behaviur, only on adjusting the docs.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Katrin Fischer  changed:

   What|Removed |Added

 Status|Signed Off  |Failed QA

--- Comment #15 from Katrin Fischer  ---
There is documentation in the patch claiming that userid with cardnumber should
not work, but it does in my testing:

Optionally, you can specify the `userid` attribute if you don't want it
to be checked against the patron cardnumbers.

{ "userid": "42", "password": "koha" }

Gives: 204

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Nick Clemens  changed:

   What|Removed |Added

 Attachment #153684|0   |1
is obsolete||

--- Comment #14 from Nick Clemens  ---
Created attachment 153777
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153777&action=edit
Bug 32739: Allow other patron identifier on pwd validation

This patch takes a step forward on the password validation endpoint, by
renaming the `userid` attribute to `identifier` and making it be allowed
to be the patron's `cardnumber`.

The implementation relies on `C4::Auth::checkpw` to query for the
patron. Note the original implementation verified the `userid` was really
a `userid`, and with this patch, `userid` is just an alias for `identifier`.

To test:
1. Apply this patches
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/api/v1/password_validation.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Nick Clemens 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Nick Clemens  changed:

   What|Removed |Added

 Attachment #153683|0   |1
is obsolete||

--- Comment #13 from Nick Clemens  ---
Created attachment 153776
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153776&action=edit
Bug 32739: Unit tests

Signed-off-by: Nick Clemens 

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-21 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Nick Clemens  changed:

   What|Removed |Added

 Status|Needs Signoff   |Signed Off

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #12 from Tomás Cohen Arazi  ---
(In reply to David Cook from comment #8)
> (In reply to Tomás Cohen Arazi from comment #7)
> > It's a fair point. In this case we could keep the legacy behavior with no
> > harm. We thought being released a couple months ago made it not such a big
> > deal.
> 
> I would very much appreciate that. 

Done!(In reply to Katrin Fischer from comment #9)
> Could be having all 3 options, userid, cardnumber and identifier, be a
> solution?

I decided to only keep `userid`(legacy) and `identifier`.

I felt like a real use case for that would be required to justify it, so
leaving for later/when someone really needs it for a specialized use case.

I filed bug 34313 while thinking on possible reasons to have a `cardnumber`
option. Happy to discuss there if needed.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #11 from Tomás Cohen Arazi  ---
Created attachment 153684
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153684&action=edit
Bug 32739: Allow other patron identifier on pwd validation

This patch takes a step forward on the password validation endpoint, by
renaming the `userid` attribute to `identifier` and making it be allowed
to be the patron's `cardnumber`.

The implementation relies on `C4::Auth::checkpw` to query for the
patron. Note the original implementation verified the `userid` was really
a `userid`, and with this patch, `userid` is just an alias for `identifier`.

To test:
1. Apply this patches
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/api/v1/password_validation.t
=> SUCCESS: Tests pass!
3. Sign off :-D

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Attachment #153574|0   |1
is obsolete||
 Attachment #153575|0   |1
is obsolete||

--- Comment #10 from Tomás Cohen Arazi  ---
Created attachment 153683
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153683&action=edit
Bug 32739: Unit tests

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Status|In Discussion   |Needs Signoff

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-19 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Blocks||34313


Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34313
[Bug 34313] Make password validation endpoint return patron ids
-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-18 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #9 from Katrin Fischer  ---
Tomas, I was really happy to see the patch, but I also understand David's
argument. I think identifier would work great for our use cases where we
sometimes don't know what is entered by the user.

Could be having all 3 options, userid, cardnumber and identifier, be a
solution?

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #8 from David Cook  ---
(In reply to Tomás Cohen Arazi from comment #7)
> It's a fair point. In this case we could keep the legacy behavior with no
> harm. We thought being released a couple months ago made it not such a big
> deal.

I would very much appreciate that. 

> About V1 and breaking changes, I don't think there have been many, but truth
> is we are just reaching a point in which we can call the API stable.

That's true. I suppose we haven't quite reached the full stable "v1" yet.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #7 from Tomás Cohen Arazi  ---
(In reply to David Cook from comment #6)
> (In reply to Tomás Cohen Arazi from comment #5)
> > After talking with Martin, I decided to submit this patches the way they are
> > written.
> > 
> > I decided to rename 'userid' => 'identifier' to make it generic enough. I'm
> > open to discuss if you *also* want to be able to specify *userid* and
> > *cardnumber* explicitly, but I think this is the way to go and thus my
> > proposal.
> > 
> > Best regards
> 
> I'd be happy for "identifier" to be added in addition to "userid", but I
> think renaming it is a problematic idea, since "userid" is already in use by
> third-party systems using the production API. 
> 
> Koha has a bit of a habit of making backwards incompatible changes to its
> "v1" API...

It's a fair point. In this case we could keep the legacy behavior with no harm.
We thought being released a couple months ago made it not such a big deal.

About V1 and breaking changes, I don't think there have been many, but truth is
we are just reaching a point in which we can call the API stable.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

David Cook  changed:

   What|Removed |Added

 Status|Needs Signoff   |In Discussion

--- Comment #6 from David Cook  ---
(In reply to Tomás Cohen Arazi from comment #5)
> After talking with Martin, I decided to submit this patches the way they are
> written.
> 
> I decided to rename 'userid' => 'identifier' to make it generic enough. I'm
> open to discuss if you *also* want to be able to specify *userid* and
> *cardnumber* explicitly, but I think this is the way to go and thus my
> proposal.
> 
> Best regards

I'd be happy for "identifier" to be added in addition to "userid", but I think
renaming it is a problematic idea, since "userid" is already in use by
third-party systems using the production API. 

Koha has a bit of a habit of making backwards incompatible changes to its "v1"
API...

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #5 from Tomás Cohen Arazi  ---
After talking with Martin, I decided to submit this patches the way they are
written.

I decided to rename 'userid' => 'identifier' to make it generic enough. I'm
open to discuss if you *also* want to be able to specify *userid* and
*cardnumber* explicitly, but I think this is the way to go and thus my
proposal.

Best regards

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #4 from Tomás Cohen Arazi  ---
Created attachment 153575
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153575&action=edit
Bug 32739: Allow other patron identifier on pwd validation

This patch takes a step forward on the password validation endpoint, by
renaming the `userid` attribute to `identifier` and making it be allowed
to be the patron's cardnumber.

The implementation relies on `C4::Auth::checkpw` to query for the
patron.

To test:
1. Apply this patches
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/api/v1/password_validation.t
=> SUCCESS: Tests pass!
3. Sign off :-D

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #3 from Tomás Cohen Arazi  ---
Created attachment 153574
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=153574&action=edit
Bug 32739: Unit tests

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-17 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Tomás Cohen Arazi  changed:

   What|Removed |Added

 Status|NEW |Needs Signoff

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-16 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #2 from Katrin Fischer  ---
I think adding it to the endpoint would be the way to go, so it matches who
Koha authenticates in all other spots.

We were just not sure how it should present in the endpoint when discussing
this.

The user of the endpoint might not know if the login information entered was
the cardnumber or the username. 

The simplest route might be to extend userid to check for both internally
without changing how the API is used.

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Michaela Sieber  changed:

   What|Removed |Added

 CC||lukasz.kos...@kit.edu

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-07-14 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Nick Clemens  changed:

   What|Removed |Added

   Assignee|koha-b...@lists.koha-commun |tomasco...@gmail.com
   |ity.org |
 CC||n...@bywatersolutions.com

-- 
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-05-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

--- Comment #1 from David Cook  ---
One option is to do a user search using the Patrons API using
userid/cardnumber/email address or whatever match point(s) you want.

And then you can validate using the fetched userid and provided password.

This is what I do for a couple systems using this API endpoint. 

But I'm not opposed to someone adding cardnumber to this API endpoint either.

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-05-24 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739
Bug 32739 depends on bug 30962, which changed state.

Bug 30962 Summary: Add POST endpoint for validating a user password
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30962

   What|Removed |Added

 Status|Needs documenting   |RESOLVED
 Resolution|--- |FIXED

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-01-30 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

David Cook  changed:

   What|Removed |Added

 CC||dc...@prosentient.com.au

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-01-30 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Katrin Fischer  changed:

   What|Removed |Added

 CC||michaela.sie...@kit.edu

-- 
You are receiving this mail because:
You are watching all bug changes.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 32739] REST API: Extend endpoint /auth/password/validation for cardnumber

2023-01-27 Thread bugzilla-daemon

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32739

Katrin Fischer  changed:

   What|Removed |Added

 Depends on||30962


Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30962
[Bug 30962] REST API: Add endpoint /auth/password/validation
-- 
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
___
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

53 matches

Mail list logo