Uploaded image for project: 'mod-circulation'
  1. mod-circulation
  2. CIRC-1099

Lost permissions for /circulation/check-in-by-barcode

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: P2
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 20.0.1, 20.1.0
    • Labels:
      None
    • Template:
      Standard Bug Write-Up Format
    • Sprint:
      Firebird Sprint 110
    • Story Points:
      1
    • Development Team:
      Firebird
    • Release:
      R1 2021

      Description

      Overview:
      */remote-storage/return/

      {remoteStorageConfigurationId}
      • isn't available for non-diku_admin users, i.e. this endpoint isn't available for integration with edge-dematic.

      Steps to Reproduce:

      1. Log into some FOLIO testing environment as diku/diku:
        POST https://folio-testing-okapi.dev.folio.org:443/authn/login
        201
        417 ms
        POST /authn/login HTTP/1.1
        x-okapi-tenant: diku
        Content-Type: application/json
        User-Agent: PostmanRuntime/7.26.8
        Accept: */*
        Postman-Token: fe26f32d-2046-4eb7-8be2-431fe3b3fb14
        Host: folio-testing-okapi.dev.folio.org:443
        Accept-Encoding: gzip, deflate, br
        Connection: keep-alive
        Content-Length: 51
        {  
           "username":"diku",
           "password":"diku"
        }
        HTTP/1.1 201 Created
        Date: Sun, 14 Mar 2021 15:11:50 GMT
        Content-Type: application/json
        Transfer-Encoding: chunked
        Connection: keep-alive
        vary: origin
        X-Okapi-Trace: POST mod-authtoken-2.8.0-SNAPSHOT.88 http://10.36.1.217:9134/authn/login : 202 753us
        X-Okapi-Trace: POST mod-login-7.3.0-SNAPSHOT.92 http://10.36.1.217:9133/authn/login : 201 15097us
        x-okapi-token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkaWt1IiwidXNlcl9pZCI6ImEwM2IzNzY4LTY3YjEtNWJiMy1hNmEwLWE5N2Q0MDI1ZWY3MSIsImlhdCI6MTYxNTczNDcxMCwidGVuYW50IjoiZGlrdSJ9.SUcvhVDOV6R3mlPEatvwLFWW6eHp9TN1DS53pbpGkNM
        refreshtoken: eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..4LVANAyapRvfZ8Er.OeNSM9ci_dPPmxhovpJ7BfM0Dpibcb5YIMGD4eLwUpOS0RRsH2933-eHQiEP5R3nde4l6dNc3CBOvxCXYoQ4Ts16ztG439hR5n7eHAet2UmgoF6opPER8jxajsV-sX9E8k0Vl0Epxpuxm0PZBtHk44vgGuz1p5SUX0DYC0Rp9h-ogjsRS_pe8bN1ruLk22pIwzJJCT5yYsZxkp9OaqeZd5PSWThYGUSzGkaFq3T7dNeOFSK2HlP6bPzJsQgRgISkb7yI1L11.GEMkG2iJxM4mw4kDcq4FUQ
        content-encoding: gzip
        {
          "username" : "diku",
          "password" : "diku"
        }
        
      1. Make call to return API with received API key:
        POST https://folio-testing-okapi.dev.folio.org:443/remote-storage/return/de17bad7-2a30-4f1c-bee5-f653ded15629
        500
        565 ms
        POST /remote-storage/return/de17bad7-2a30-4f1c-bee5-f653ded15629 HTTP/1.1
        x-okapi-token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkaWt1IiwidXNlcl9pZCI6ImEwM2IzNzY4LTY3YjEtNWJiMy1hNmEwLWE5N2Q0MDI1ZWY3MSIsImlhdCI6MTYxNTczNDcxMCwidGVuYW50IjoiZGlrdSJ9.SUcvhVDOV6R3mlPEatvwLFWW6eHp9TN1DS53pbpGkNM
        x-okapi-tenant: diku
        Content-Type: application/json
        x-okapi-url: http://localhost:9130
        User-Agent: PostmanRuntime/7.26.8
        Accept: */*
        Postman-Token: 0497a093-e8dd-4fa8-adb2-1c0c6f97da98
        Host: folio-testing-okapi.dev.folio.org:443
        Accept-Encoding: gzip, deflate, br
        Connection: keep-alive
        Content-Length: 30
        {"itemBarcode":"A14837334306"}
        HTTP/1.1 500 Internal Server Error
        Date: Sun, 14 Mar 2021 15:13:31 GMT
        Content-Type: application/json
        Transfer-Encoding: chunked
        Connection: keep-alive
        vary: origin
        X-Okapi-Trace: POST mod-authtoken-2.8.0-SNAPSHOT.88 http://10.36.1.217:9134/remote-storage/return/de17bad7-2a30-4f1c-bee5-f653ded15629 : 202 12710us
        X-Okapi-Trace: POST mod-remote-storage-1.1.0-SNAPSHOT.73 http://10.36.1.217:9178/remote-storage/return/de17bad7-2a30-4f1c-bee5-f653ded15629 : 500 61777us
        {"timestamp":"2021-03-14T15:13:31.300+00:00","status":500,"error":"Internal Server Error","message":"","path":"/remote-storage/return/de17bad7-2a30-4f1c-bee5-f653ded15629"}
        

      Internal Server Error (500) was returned.

      Expected Results (diku_admin case):

      1. Log into some FOLIO testing environment as diku/diku:
        POST https://folio-testing-okapi.dev.folio.org:443/authn/login
        201
        895 ms
        POST /authn/login HTTP/1.1
        x-okapi-tenant: diku
        Content-Type: application/json
        User-Agent: PostmanRuntime/7.26.8
        Accept: */*
        Postman-Token: 1575bb6d-0c11-4506-9411-6fac9ea25fd0
        Host: folio-testing-okapi.dev.folio.org:443
        Accept-Encoding: gzip, deflate, br
        Connection: keep-alive
        Content-Length: 58
        {  
           "username":"diku_admin",
           "password":"admin"
        }
        HTTP/1.1 201 Created
        Date: Sun, 14 Mar 2021 15:17:01 GMT
        Content-Type: application/json
        Transfer-Encoding: chunked
        Connection: keep-alive
        vary: origin
        X-Okapi-Trace: POST mod-authtoken-2.8.0-SNAPSHOT.88 http://10.36.1.217:9134/authn/login : 202 494us
        X-Okapi-Trace: POST mod-login-7.3.0-SNAPSHOT.92 http://10.36.1.217:9133/authn/login : 201 15248us
        x-okapi-token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkaWt1X2FkbWluIiwidXNlcl9pZCI6IjE1Yzk4NzNlLWZlZjAtNWVlYS1iMTM5LWRmNzBiNTVhYTE4NSIsImlhdCI6MTYxNTczNTAyMSwidGVuYW50IjoiZGlrdSJ9.tY-TP7A6PO-kC4WSuEbtC5P20A2VBIQt2MjHWcnj-oQ
        refreshtoken: eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..dDxosKe7pIGWOZh3.hM3v9xHJmBQ7TsYYQkBcj4Oe7A3FaxsLKxj-MwUVoiz4FtbKVZAoSWDILeG8FE4mWrP7tqh1Ihk05F7YqmeRpSGrvwaWhi7BDgcjytQDqAkSC0etwBpVN9qJ-CU-6ipmZ8MRe9qeyfETQb2OO7WOMJThQKSpGohHEm3vfw-VX8Wih4BvD0x1sXP2nThXy5aiafO30OLWNXWDVNE_RhreSWxGugItHNfOBZkjI3RtVx89oRO8Gd3h1M2LALLxpKGCYDUQkRsDEdj7gBLW.H6lWLzQHO5S9KU4ZCVFOmg
        content-encoding: gzip
        {
          "username" : "diku_admin",
          "password" : "admin"
        }
        
      1. Make call to return API with received API key:
        POST https://folio-testing-okapi.dev.folio.org:443/remote-storage/return/de17bad7-2a30-4f1c-bee5-f653ded15629
        200
        1216 ms
        POST /remote-storage/return/de17bad7-2a30-4f1c-bee5-f653ded15629 HTTP/1.1
        x-okapi-token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkaWt1X2FkbWluIiwidXNlcl9pZCI6IjE1Yzk4NzNlLWZlZjAtNWVlYS1iMTM5LWRmNzBiNTVhYTE4NSIsImlhdCI6MTYxNTczNTAyMSwidGVuYW50IjoiZGlrdSJ9.tY-TP7A6PO-kC4WSuEbtC5P20A2VBIQt2MjHWcnj-oQ
        x-okapi-tenant: diku
        Content-Type: application/json
        x-okapi-url: http://localhost:9130
        User-Agent: PostmanRuntime/7.26.8
        Accept: */*
        Postman-Token: 16c82f24-011f-4f5c-9821-b3cb7f708972
        Host: folio-testing-okapi.dev.folio.org:443
        Accept-Encoding: gzip, deflate, br
        Connection: keep-alive
        Content-Length: 30
        {"itemBarcode":"A14837334306"}
        HTTP/1.1 200 OK
        Date: Sun, 14 Mar 2021 15:18:12 GMT
        Content-Type: application/json
        Transfer-Encoding: chunked
        Connection: keep-alive
        vary: origin
        X-Okapi-Trace: POST mod-authtoken-2.8.0-SNAPSHOT.88 http://10.36.1.217:9134/remote-storage/return/de17bad7-2a30-4f1c-bee5-f653ded15629 : 202 38955us
        X-Okapi-Trace: POST mod-remote-storage-1.1.0-SNAPSHOT.73 http://10.36.1.217:9178/remote-storage/return/de17bad7-2a30-4f1c-bee5-f653ded15629 : 200 669439us
        {"isHoldRecallRequestExist":true}
        

      Additional Information:

      diku has already had remote-storage.all permissions.

      GET https://folio-testing-okapi.dev.folio.org:443/users?query=username==diku
      200
      388 ms
      GET /users?query=username==diku HTTP/1.1
      content-type: application/json
      x-okapi-tenant: diku
      x-okapi-token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkaWt1X2FkbWluIiwidXNlcl9pZCI6IjE1Yzk4NzNlLWZlZjAtNWVlYS1iMTM5LWRmNzBiNTVhYTE4NSIsImlhdCI6MTYxNTczMzk0NSwidGVuYW50IjoiZGlrdSJ9.CFiLBbFE5wK6fgYAXMINVCOHgoRKttCTghPqqf0jq5M
      User-Agent: PostmanRuntime/7.26.8
      Accept: */*
      Postman-Token: 6f5b8aa3-6f87-4c47-996e-64af932c814d
      Host: folio-testing-okapi.dev.folio.org:443
      Accept-Encoding: gzip, deflate, br
      Connection: keep-alive
      HTTP/1.1 200 OK
      Date: Sun, 14 Mar 2021 15:21:39 GMT
      Content-Type: application/json
      Transfer-Encoding: chunked
      Connection: keep-alive
      vary: origin
      content-encoding: gzip
      X-Okapi-Trace: GET mod-users-17.4.0-SNAPSHOT.160 http://10.36.1.217:9132/users.. : 200 3242us
      {
        "users": [
      {"username":"diku","id":"a03b3768-67b1-5bb3-a6a0-a97d4025ef71","active":true,"departments":[],"proxyFor":[],"createdDate":"2021-03-14T03:30:00.146+00:00","updatedDate":"2021-03-14T03:30:00.146+00:00","metadata":{"createdDate":"2021-03-14T03:30:00.143+00:00","createdByUserId":"15c9873e-fef0-5eea-b139-df70b55aa185","updatedDate":"2021-03-14T03:30:00.143+00:00","updatedByUserId":"15c9873e-fef0-5eea-b139-df70b55aa185"}}],
        "totalRecords": 1,
       "resultInfo": {"totalRecords":1,"facets":[],"diagnostics":[]}
      }
      
      GET https://folio-testing-okapi.dev.folio.org:443/perms/users?query=userId==a03b3768-67b1-5bb3-a6a0-a97d4025ef71
      200
      596 ms
      GET /perms/users?query=userId==a03b3768-67b1-5bb3-a6a0-a97d4025ef71 HTTP/1.1
      x-okapi-token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkaWt1X2FkbWluIiwidXNlcl9pZCI6IjE1Yzk4NzNlLWZlZjAtNWVlYS1iMTM5LWRmNzBiNTVhYTE4NSIsImlhdCI6MTYxNTczMzk0NSwidGVuYW50IjoiZGlrdSJ9.CFiLBbFE5wK6fgYAXMINVCOHgoRKttCTghPqqf0jq5M
      Accept-Encoding: identity
      User-Agent: PostmanRuntime/7.26.8
      Accept: */*
      Postman-Token: 95a85391-9140-44c0-9e02-a515852b986c
      Host: folio-testing-okapi.dev.folio.org:443
      Connection: keep-alive
      HTTP/1.1 200 OK
      Date: Sun, 14 Mar 2021 15:19:49 GMT
      Content-Type: application/json
      Transfer-Encoding: chunked
      Connection: keep-alive
      vary: origin
      X-Okapi-Trace: GET mod-authtoken-2.8.0-SNAPSHOT.88 http://10.36.1.217:9134/perms/users.. : 202 28531us
      X-Okapi-Trace: GET mod-permissions-5.14.0-SNAPSHOT.108 http://10.36.1.217:9131/perms/users.. : 200 120545us
      {
        "permissionUsers": [
      {"id":"2ac24d96-ad81-4b9e-bbde-744a63f56e1c","userId":"a03b3768-67b1-5bb3-a6a0-a97d4025ef71","permissions":["rtac.all","oai-pmh.all","patron.all","users.collection.get","gobi.all","ebsconet.all","ncip.all","remote-storage.all","copycat.all"],"metadata":{"createdDate":"2021-03-14T03:30:01.728+00:00","createdByUserId":"15c9873e-fef0-5eea-b139-df70b55aa185","updatedDate":"2021-03-14T03:30:01.728+00:00","updatedByUserId":"15c9873e-fef0-5eea-b139-df70b55aa185"}}],
        "totalRecords": 1,
       "resultInfo": {"totalRecords":1,"facets":[],"diagnostics":[]}
      }
      

      UPDATE:: It looks that modperms.circulation.requests.queue.collection.get permission from circulation module should have inventory-storage.location-units.libraries.collection.get permision by Aliaksei Harbuz.

        TestRail: Results

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                khandramai Viachaslau Khandramai
                Reporter:
                khandramai Viachaslau Khandramai
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved:

                    TestRail: Runs

                      TestRail: Cases