comable_backend 0.2.3 → 0.3.0

data/app/controllers/comable/admin/application_controller.rb

@@ -1,7 +1,35 @@
 module Comable
   module Admin
     class ApplicationController < ActionController::Base
+      include Comable::ApplicationHelper
+
       layout 'comable/admin/application'
+
+      def current_ability
+        Comable::Ability.new(current_customer)
+      end
+
+      private
+
+      rescue_from CanCan::AccessDenied, with: :unauthorized
+
+      def unauthorized
+        if current_customer.signed_in?
+          flash[:alert] = Comable.t('admin.access_denied')
+          redirect_to after_access_denied_path
+        else
+          store_location
+          redirect_to comable.new_admin_customer_session_path
+        end
+      end
+
+      def after_access_denied_path
+        if current_customer.customer?
+          comable.root_path
+        else
+          comable.admin_root_path
+        end
+      end
     end
   end
 end

data/app/controllers/comable/admin/categories_controller.rb

@@ -0,0 +1,14 @@
+require_dependency 'comable/admin/application_controller'
+
+module Comable
+  module Admin
+    class CategoriesController < Comable::Admin::ApplicationController
+      load_and_authorize_resource class: Comable::Category.name
+
+      def create
+        Comable::Category.from_jstree!(params[:jstree_json])
+        redirect_to comable.admin_categories_path
+      end
+    end
+  end
+end

data/app/controllers/comable/admin/customers_controller.rb

@@ -0,0 +1,36 @@
+require_dependency 'comable/admin/application_controller'
+
+module Comable
+  module Admin
+    class CustomersController < Comable::Admin::ApplicationController
+      include Comable::PermittedAttributes
+
+      load_and_authorize_resource class: Comable::Customer.name, except: :index
+
+      def index
+        @q = Comable::Customer.ransack(params[:q])
+        @customers = @q.result.page(params[:page]).accessible_by(current_ability)
+      end
+
+      def update
+        if @customer.update_attributes(customer_params)
+          redirect_to comable.admin_customer_path(@customer), notice: Comable.t('successful')
+        else
+          flash.now[:alert] = Comable.t('failure')
+          render :edit
+        end
+      end
+
+      private
+
+      def customer_params
+        params.require(:customer).permit(
+          :email,
+          :password,
+          :role,
+          bill_address_attributes: permitted_address_attributes
+        )
+      end
+    end
+  end
+end

data/app/controllers/comable/admin/dashboard_controller.rb

@@ -0,0 +1,20 @@
+require_dependency 'comable/admin/application_controller'
+
+module Comable
+  module Admin
+    class DashboardController < Comable::Admin::ApplicationController
+      def show
+        @this_month_orders = Comable::Order.this_month
+        @this_week_orders = Comable::Order.this_week
+        @last_week_orders = Comable::Order.last_week
+        authorize! :read, @this_month_orders
+
+        # TODO: Comment out after adding timestamp columns
+        # @this_month_customers = Comable::Customer.with_role(:customer).this_month
+        # @this_week_customers = Comable::Customer.with_role(:customer).this_week
+        # @last_week_customers = Comable::Customer.with_role(:customer).last_week
+        # authorize! :read, @this_week_customers
+      end
+    end
+  end
+end

data/app/controllers/comable/admin/orders_controller.rb

@@ -0,0 +1,14 @@
+require_dependency 'comable/admin/application_controller'
+
+module Comable
+  module Admin
+    class OrdersController < Comable::Admin::ApplicationController
+      load_and_authorize_resource class: Comable::Order.name, except: :index
+
+      def index
+        @q = Comable::Order.complete.ransack(params[:q])
+        @orders = @q.result.page(params[:page]).per(15).order('completed_at DESC').accessible_by(current_ability)
+      end
+    end
+  end
+end

data/app/controllers/comable/admin/payment_methods_controller.rb

@@ -0,0 +1,52 @@
+require_dependency 'comable/admin/application_controller'
+
+module Comable
+  module Admin
+    class PaymentMethodsController < Comable::Admin::ApplicationController
+      load_and_authorize_resource class: Comable::PaymentMethod.name
+
+      def index
+        @payment_methods = @payment_methods.page(params[:page])
+      end
+
+      def show
+        render :edit
+      end
+
+      def create
+        if @payment_method.update_attributes(payment_method_params)
+          redirect_to comable.admin_payment_method_path(@payment_method), notice: Comable.t('successful')
+        else
+          flash.now[:alert] = Comable.t('failure')
+          render :new
+        end
+      end
+
+      def update
+        if @payment_method.update_attributes(payment_method_params)
+          redirect_to comable.admin_payment_method_path(@payment_method), notice: Comable.t('successful')
+        else
+          flash.now[:alert] = Comable.t('failure')
+          render :edit
+        end
+      end
+
+      def destroy
+        @payment_method.destroy
+        redirect_to comable.admin_payment_methods_path, notice: Comable.t('successful')
+      end
+
+      private
+
+      def payment_method_params
+        params.require(:payment_method).permit(
+          :name,
+          :payment_provider_type,
+          :payment_provider_kind,
+          :enable_price_from,
+          :enable_price_to
+        )
+      end
+    end
+  end
+end

data/app/controllers/comable/admin/products_controller.rb

@@ -3,8 +3,57 @@ require_dependency 'comable/admin/application_controller'
 module Comable
   module Admin
     class ProductsController < Comable::Admin::ApplicationController
+      load_and_authorize_resource class: Comable::Product.name, except: :index
+
+      def show
+        render :edit
+      end
+
       def index
-        @products = Comable::Product.all
+        @q = Comable::Product.ransack(params[:q])
+        @products = @q.result.includes(:stocks).page(params[:page]).accessible_by(current_ability)
+      end
+
+      def create
+        if @product.update_attributes(product_params)
+          redirect_to comable.admin_product_path(@product), notice: Comable.t('successful')
+        else
+          flash.now[:alert] = Comable.t('failure')
+          render :new
+        end
+      end
+
+      def update
+        if @product.update_attributes(product_params)
+          redirect_to comable.admin_product_path(@product), notice: Comable.t('successful')
+        else
+          flash.now[:alert] = Comable.t('failure')
+          render :edit
+        end
+      end
+
+      def destroy
+        if @product.destroy
+          redirect_to comable.admin_products_path, notice: Comable.t('successful')
+        else
+          flash.now[:alert] = Comable.t('failure')
+          render :edit
+        end
+      end
+
+      private
+
+      def product_params
+        params.require(:product).permit(
+          :name,
+          :code,
+          :caption,
+          :price,
+          :sku_h_item_name,
+          :sku_v_item_name,
+          category_path_names: [],
+          images_attributes: [:id, :file, :_destroy]
+        )
       end
     end
   end

data/app/controllers/comable/admin/shipment_methods_controller.rb

@@ -3,57 +3,41 @@ require_dependency 'comable/admin/application_controller'
 module Comable
   module Admin
     class ShipmentMethodsController < Comable::Admin::ApplicationController
-      # GET /admin/shipment_methods
+      load_and_authorize_resource class: Comable::ShipmentMethod.name
+
       def index
-        @shipment_methods = Comable::ShipmentMethod.all
+        @shipment_methods = @shipment_methods.page(params[:page])
       end
 
-      # GET /admin/shipment_methods/1
       def show
-        @shipment_method = Comable::ShipmentMethod.find(params[:id])
-      end
-
-      # GET /admin/shipment_methods/new
-      def new
-        @shipment_method = Comable::ShipmentMethod.new
+        render :edit
       end
 
-      # GET /admin/shipment_methods/1/edit
-      def edit
-        @shipment_method = Comable::ShipmentMethod.find(params[:id])
-      end
-
-      # POST /admin/shipment_methods
       def create
-        @shipment_method = Comable::ShipmentMethod.new(shipment_method_params)
-
-        if @shipment_method.save
-          redirect_to comable.admin_shipment_method_url(@shipment_method), notice: 'Shipment method was successfully created.'
+        if @shipment_method.update_attributes(shipment_method_params)
+          redirect_to comable.admin_shipment_method_path(@shipment_method), notice: Comable.t('successful')
         else
+          flash.now[:alert] = Comable.t('failure')
           render :new
         end
       end
 
-      # PATCH/PUT /admin/shipment_methods/1
       def update
-        @shipment_method = Comable::ShipmentMethod.find(params[:id])
-        if @shipment_method.update(shipment_method_params)
-          redirect_to comable.admin_shipment_method_url(@shipment_method), notice: 'Shipment method was successfully updated.'
+        if @shipment_method.update_attributes(shipment_method_params)
+          redirect_to comable.admin_shipment_method_path(@shipment_method), notice: Comable.t('successful')
         else
+          flash.now[:alert] = Comable.t('failure')
           render :edit
         end
       end
 
-      # DELETE /admin/shipment_methods/1
       def destroy
-        @shipment_method = Comable::ShipmentMethod.find(params[:id])
         @shipment_method.destroy
-        redirect_to comable.admin_shipment_methods_url, notice: 'Shipment method was successfully destroyed.'
+        redirect_to comable.admin_shipment_methods_path, notice: Comable.t('successful')
       end
 
       private
 
-      # Only allow a trusted parameter "white list" through.
       def shipment_method_params
         params.require(:shipment_method).permit(
           :activate_flag,

data/app/controllers/comable/admin/stocks_controller.rb

@@ -0,0 +1,69 @@
+require_dependency 'comable/admin/application_controller'
+
+module Comable
+  module Admin
+    class StocksController < Comable::Admin::ApplicationController
+      load_and_authorize_resource :product, class: Comable::Product.name
+      load_and_authorize_resource :stock, class: Comable::Stock.name, through: :product
+
+      before_filter :redirect_to_show_when_nonsku_product, only: :index
+
+      def show
+        render :edit
+      end
+
+      def index
+        @q = @product.stocks.ransack(params[:q])
+        @stocks = @q.result.includes(:product).page(params[:page]).accessible_by(current_ability)
+      end
+
+      def create
+        if @stock.update_attributes(stock_params)
+          redirect_to comable.admin_product_stock_path(@product, @stock), notice: Comable.t('successful')
+        else
+          flash.now[:alert] = Comable.t('failure')
+          render :new
+        end
+      end
+
+      def update
+        if @stock.update_attributes(stock_params)
+          redirect_to comable.admin_product_stock_path(@product, @stock), notice: Comable.t('successful')
+        else
+          flash.now[:alert] = Comable.t('failure')
+          render :edit
+        end
+      end
+
+      def destroy
+        if @stock.destroy
+          redirect_to comable.admin_product_stocks_path(@product), notice: Comable.t('successful')
+        else
+          flash.now[:alert] = Comable.t('failure')
+          render :edit
+        end
+      end
+
+      private
+
+      def stock_params
+        params.require(:stock).permit(
+          :code,
+          :quantity,
+          :sku_h_choice_name,
+          :sku_v_choice_name
+        )
+      end
+
+      def redirect_to_show_when_nonsku_product
+        return if @product.sku?
+
+        if @product.stocks.first
+          redirect_to comable.admin_product_stock_path(@product, @product.stocks.first)
+        else
+          redirect_to comable.new_admin_product_stock_path(@product)
+        end
+      end
+    end
+  end
+end

data/app/controllers/comable/admin/store_controller.rb

@@ -3,50 +3,33 @@ require_dependency 'comable/admin/application_controller'
 module Comable
   module Admin
     class StoreController < Comable::Admin::ApplicationController
-      # GET /admin/store
-      def show
-        @store = Comable::Store.first
-        return redirect_to action: :new unless @store
-      end
-
-      # GET /admin/store/new
-      def new
-        @store = Comable::Store.new
-      end
-
-      # GET /admin/store/edit
-      def edit
-        @store = Comable::Store.first
-      end
+      authorize_resource class: Comable::Store.name
 
-      # POST /admin/store
-      def create
-        @store = Comable::Store.new(store_params)
+      before_filter :find_store, only: [:show, :edit, :update]
 
-        if @store.save
-          redirect_to comable.admin_store_url(@store), notice: 'Store was successfully created.'
-        else
-          render :new
-        end
+      def show
+        render :edit
       end
 
-      # PATCH/PUT /admin/store
       def update
-        @store = Comable::Store.first
-        if @store.update(store_params)
-          redirect_to comable.admin_store_url(@store), notice: 'Store was successfully updated.'
+        if @store.update_attributes(store_params)
+          redirect_to comable.admin_store_url, notice: Comable.t('successful')
         else
+          flash.now[:alert] = Comable.t('failure')
           render :edit
         end
       end
 
       private
 
-      # Only allow a trusted parameter "white list" through.
+      def find_store
+        @store = Comable::Store.instance
+      end
+
       def store_params
         params.require(:store).permit(
           :name,
-          :meta_keyword,
+          :meta_keywords,
           :meta_description,
           :email_sender,
           :email_activate_flag

data/app/views/comable/admin/categories/index.slim

@@ -0,0 +1,94 @@
+#comable-category
+  ol.breadcrumb
+    li
+      = link_to Comable.t('admin.nav.dashboard'), comable.admin_root_path
+    li.active
+      = Comable.t('admin.nav.category')
+
+  h1.page-header
+    = Comable.t('admin.nav.category')
+
+  javascript:
+    comable_jstree_json = #{raw @categories.to_jstree(state: { opened: true }, icon: 'fa fa-bars')};
+    comable_new_node_label = '#{Comable.t('admin.categories.new_node')}';
+    comable_action_new = '#{Comable.t('admin.actions.new')}';
+    comable_action_edit = '#{Comable.t('admin.actions.edit')}';
+    comable_action_destroy = '#{Comable.t('admin.actions.destroy')}';
+    comable_destroied_nodes = [];
+
+  coffee:
+    jQuery(->
+      $comable_jstree = $('#comable-jstree')
+      $comable_jstree.jstree({
+        core: {
+          check_callback: true,
+          data: comable_jstree_json,
+          strings : { new_node: comable_new_node_label, icon: 'fa fa-bars' }
+        },
+        contextmenu: {
+          items: ($node) ->
+            _this = $comable_jstree.jstree(true)
+            {
+              create: {
+                label: comable_action_new,
+                action: -> create_new_node($node)
+              }
+              edit: {
+                label: comable_action_edit,
+                action: -> _this.edit($node)
+              }
+              destory: {
+                label: comable_action_destroy,
+                action: ->
+                  comable_destroied_nodes.push { _destroy: $node.id }
+                  _this.delete_node($node)
+              }
+            }
+        },
+        plugins: ['dnd', 'wholerow', 'contextmenu']
+      })
+
+      window.create_new_node = ($node = '#') ->
+        jstree = $comable_jstree.jstree(true)
+        new_node = jstree.create_node($node)
+        jstree.open_node($node) unless jstree.is_open($node)
+        jstree.rename_node(new_node, comable_new_node_label)
+        jstree.set_icon(new_node, 'fa fa-bars')
+
+      $('form').submit(->
+        json = $comable_jstree.jstree(true).get_json().concat(comable_destroied_nodes)
+        json_string = JSON.stringify(json)
+        $(this).find('#jstree_json').val(json_string)
+      )
+    )
+
+  .row
+    section.col-sm-8
+      .panel.panel-inverse
+        .panel-heading
+          .panel-title
+            = Comable.t('admin.actions.edit')
+        - if @categories.empty?
+          .panel-body
+            = Comable.t('admin.not_found')
+        - else
+          .panel-body
+            .well.well-sm
+              p
+                strong
+                  = Comable.t('admin.note')
+              ul
+                li
+                  = Comable.t('admin.you_can_drag_and_drop')
+                li
+                  = Comable.t('admin.you_can_right_click')
+                li
+                  = Comable.t('admin.link_to_add_new_node')
+                  = link_to Comable.t('admin.actions.new'), '#', onclick: 'create_new_node()'
+            #comable-jstree
+          .panel-footer
+            = form_tag comable.admin_categories_path do
+              = hidden_field_tag :jstree_json
+              = submit_tag Comable.t('admin.actions.update')
+
+    nav.col-sm-4