https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16825
Tomás Cohen Arazi <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- QA Contact| |[email protected] Status|Needs Signoff |Failed QA --- Comment #39 from Tomás Cohen Arazi <[email protected]> --- Hi, Johanna. This work has been initiated before a few agreements were reached about how to write endpoints for the API. I've got a few remarks on this regard: - There's a problem with the attribute mappings. There's an RFC for this endpoint's spec [1]. The attribute mappings should respect the RFC (I'm not sure its been voted, but you should follow it, given the people involved on writing and discussing it). - We don't mix privileged users/non-privileged users use cases on the same endpoint anymore. An endpoint that requires admin privileges belongs to /items. An endpoint that doesn't require admin privileges goes to /public/items. This comment related to the check for OpacHiddenItems and the patron status. Non privileged users should get a 403 on this endpoint. If you need general unprivileged access, then add an endpoint to /public/items/{item_id} - Don't add to x-primitives, that went too far in my opinion. Just put the definition in the path spec. - For the tests, take t/db_dependent/api/v1/libraries.t as an example. I like it that you added stub tests for unimplemented routes, but try to clean it up by setting Basic authentication as libraries.t I can help on any doubts you might have or even coding. Just ping me (tcohen on IRC) [1] https://wiki.koha-community.org/wiki/Items_endpoint_RFC -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
