https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17003
--- Comment #8 from Jiri Kozlovsky <[email protected]> --- Comment on attachment 57493 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=57493 Bug 17003: Add API route to get checkout's renewability Review of attachment 57493: --> (https://bugs.koha-community.org/bugzilla3/page.cgi?id=splinter.html&bug=17003&attachment=57493) ----------------------------------------------------------------- ::: Koha/REST/V1/Checkout.pm @@ +109,5 @@ > + $OpacRenewalAllowed = C4::Context->preference('OpacRenewalAllowed'); > + } > + > + unless ($user && ($OpacRenewalAllowed > + || haspermission($user->userid, { circulate => > "circulate_remaining_permissions" }))) { This "haspermission" check should be moved to the path definition using "x-koha-authorization". Also when OpacRenewalAllowed syspref is disabled, the error should be returned sooner then possible "Checkout doesn't exist" error (don't give users hope to renew it when not found, but tell them renewal is not allowed at all instead). ::: api/v1/swagger/paths/checkouts.json @@ +98,5 @@ > + "get": { > + "operationId": "renewabilityCheckout", > + "tags": ["patrons", "checkouts"], > + "parameters": [{ > + "name": "checkout_id", I think this parameter should be exported in dependent bug 13895 and only referenced here instead of defined again. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
