RubyGems - dscf-marketplace - Versions diffs - 0.7.1 → 0.7.3 - Mend

dscf-marketplace 0.7.1 → 0.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/app/controllers/concerns/dscf/marketplace/demo_permission_bypass.rb +44 -0
data/app/controllers/dscf/marketplace/application_controller.rb +37 -1
data/app/controllers/dscf/marketplace/orders_controller.rb +80 -1
data/db/seeds.rb +34 -339
data/lib/dscf/marketplace/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e53b77975600245983fafdc3d139b165d94b2b9e7c2315889098f01ca846aed4
-  data.tar.gz: 6ccd1cd60dba72d0183f0643f2acab90c338c8302ba41dc1ab5034d10d786626
+  metadata.gz: 42792144bb56d00c7a6767aa3f8e2b4a0704fbbd815de3647bb942a764b34bb7
+  data.tar.gz: cb649cc916dedf3729a38b12e08714242647f34fd98971741decc3344fe8a776
 SHA512:
-  metadata.gz: '09b86cef7aa49c287b7b0cb02abb7b87ec24b6f5a6ed8cc84f9ea2d2ac78f422d1ec031edad76f2a75b95d99ef42b995a45b2b5f5fa95c1cb3aa7ceda1e5f743'
-  data.tar.gz: 5cbdd78cb9b6a7d32e362163b85a33c6f92854a2ff0775d90446e8bc1763eddd2f23ffa463a2d1f2b820b4837339fab20267023efddb953c97e8149eb544376e
+  metadata.gz: 8ed6fa17b79144e124102e838d34322d4b1735a77f2c9b9015c55f939669c6a6f16d059550394464e66402ceb9002ae33e8213c8da7af84e084c0dc15b9e9d83
+  data.tar.gz: babc3f0ccf9eef0f5be066fa59b0e77046ba03dae121c243ea8a946b3e49c3bfdea146c944486fe5bb1994d08a8e72e88cdcd8d362c2da4e802ba866c6db018c

data/app/controllers/concerns/dscf/marketplace/demo_permission_bypass.rb ADDED Viewed

@@ -0,0 +1,44 @@
+module Dscf
+  module Marketplace
+    module DemoPermissionBypass
+      extend ActiveSupport::Concern
+      included do
+        before_action :demo_bypass_permissions!
+      end
+      def bypass_permissions_for_demo?
+        true
+      end
+      def pundit_user
+        user = current_user
+        return nil unless user
+        bypass_permissions_on_user!(user)
+      end
+      def authorize_review_action!
+        skip_authorization if respond_to?(:skip_authorization, true)
+      end
+      private
+      def demo_bypass_permissions!
+        skip_authorization if respond_to?(:skip_authorization, true)
+        skip_policy_scope if respond_to?(:skip_policy_scope, true)
+      end
+      def bypass_permissions_on_user!(user)
+        return user if user.instance_variable_defined?(:@_banking_demo_permission_bypass)
+        user.define_singleton_method(:has_permission?) { |_permission_code| true }
+        user.define_singleton_method(:can?) { |permission_code| has_permission?(permission_code) }
+        user.define_singleton_method(:super_admin?) { true }
+        user.instance_variable_set(:@_banking_demo_permission_bypass, true)
+        user
+      end
+    end
+  end
+end

data/app/controllers/dscf/marketplace/application_controller.rb CHANGED Viewed

@@ -1,6 +1,42 @@
 module Dscf
   module Marketplace
-    class ApplicationController < Dscf::Core::ApplicationController
+    class ApplicationController < ActionController::API
+      include Dscf::Core::Authenticatable
+      include Dscf::Core::JsonResponse
+      before_action :authenticate_user
+      before_action :demo_bypass_permissions!
+      # TEMPORARY DEMO BYPASS:
+      # Bypass marketplace authorization checks for authenticated users only.
+      # Remove after the demo.
+      def bypass_permissions_for_demo?
+        true
+      end
+      def pundit_user
+        user = current_user
+        return nil unless user
+        bypass_permissions_on_user!(user)
+      end
+      private
+      def demo_bypass_permissions!
+        skip_authorization if respond_to?(:skip_authorization, true)
+        skip_policy_scope if respond_to?(:skip_policy_scope, true)
+      end
+      def bypass_permissions_on_user!(user)
+        return user if user.instance_variable_defined?(:@_banking_demo_permission_bypass)
+        user.define_singleton_method(:has_permission?) { |_permission_code| true }
+        user.define_singleton_method(:can?) { |permission_code| has_permission?(permission_code) }
+        user.define_singleton_method(:super_admin?) { true }
+        user.instance_variable_set(:@_banking_demo_permission_bypass, true)
+        user
+      end
     end
   end
 end

data/app/controllers/dscf/marketplace/orders_controller.rb CHANGED Viewed

@@ -3,6 +3,24 @@ module Dscf
     class OrdersController < ApplicationController
       include Dscf::Core::Common
+      def create
+        authorize @clazz.new, :create?
+        return create_direct_listing_order if direct_listing_request?
+        obj = @clazz.new(model_params)
+        if obj.save
+          obj = @clazz.includes(eager_loaded_associations).find(obj.id) if eager_loaded_associations.present?
+          includes = default_serializer_includes[:create] || []
+          options = {include: includes} if includes.present?
+          render_success(data: obj, serializer_options: options, status: :created)
+        else
+          render_error(errors: obj.errors.full_messages.join(", "), status: :unprocessable_entity)
+        end
+      rescue => e
+        render_error(error: e.message)
+      end
       def filter
         authorize @clazz.new, :filter?
         orders = @clazz.all
@@ -48,7 +66,7 @@ module Dscf
         @obj = find_record
         authorize @obj, :complete?
         if @obj.can_be_completed? && @obj.update(status: :completed)
-          @obj.order_items.update_all(status: OrderItem.statuses[:completed])
+          @obj.order_items.update_all(status: OrderItem.statuses[:fulfilled])
           render_success("orders.success.completed", data: @obj)
         else
           render_error("orders.errors.complete_failed")
@@ -70,6 +88,67 @@ module Dscf
       private
+      def create_direct_listing_order
+        listing = Dscf::Marketplace::Listing.active.find_by(id: model_params[:listing_id])
+        return render_error(errors: "Listing is not available", status: :unprocessable_entity) unless listing
+        quantity = direct_listing_quantity
+        return render_error(errors: "Quantity must be greater than 0", status: :unprocessable_entity) unless quantity.positive?
+        if quantity > listing.quantity
+          return render_error(errors: "Requested quantity exceeds available listing quantity", status: :unprocessable_entity)
+        end
+        order = nil
+        ActiveRecord::Base.transaction do
+          listing.lock!
+          if quantity > listing.quantity
+            listing.errors.add(:base, "Requested quantity exceeds available listing quantity")
+            raise ActiveRecord::RecordInvalid.new(listing)
+          end
+          order = @clazz.new(model_params.except(:order_items_attributes))
+          order.order_type = :direct_listing
+          order.status = :pending
+          order.listing = listing
+          order.ordered_to = listing.business
+          product = listing.supplier_product.product
+          order.order_items.build(
+            listing: listing,
+            product: product,
+            unit: product.unit,
+            quantity: quantity,
+            unit_price: listing.price,
+            status: :pending
+          )
+          order.save!
+          new_quantity = listing.quantity - quantity
+          listing.update!(quantity: new_quantity, status: (new_quantity.zero? ? :sold_out : listing.status))
+        end
+        order = @clazz.includes(eager_loaded_associations).find(order.id) if eager_loaded_associations.present?
+        includes = default_serializer_includes[:create] || []
+        options = {include: includes} if includes.present?
+        render_success(data: order, serializer_options: options, status: :created)
+      rescue ActiveRecord::RecordInvalid => e
+        errors = e.record&.errors&.full_messages&.presence || [e.message]
+        render_error(errors: errors.join(", "), status: :unprocessable_entity)
+      rescue => e
+        render_error(error: e.message)
+      end
+      def direct_listing_request?
+        %w[direct_listing 1].include?(model_params[:order_type].to_s)
+      end
+      def direct_listing_quantity
+        item = model_params[:order_items_attributes]&.first
+        (item&.[](:quantity) || item&.[]("quantity")).to_i
+      end
       def model_params
         params.require(:order).permit(
           :quotation_id, :listing_id, :user_id, :ordered_by_id, :ordered_to_id, :delivery_order_id, :dropoff_address_id,

data/db/seeds.rb CHANGED Viewed

@@ -1,343 +1,38 @@
-puts "🚀 Starting demo seed..."
-begin
-  puts "🧹 Clearing existing demo data..."
-  Dscf::Marketplace::DeliveryOrderItem.delete_all
-  Dscf::Marketplace::DeliveryOrder.delete_all
-  Dscf::Marketplace::OrderItem.delete_all
-  Dscf::Marketplace::Order.delete_all
-  Dscf::Marketplace::QuotationItem.delete_all
-  Dscf::Marketplace::Quotation.delete_all
-  Dscf::Marketplace::RfqItem.delete_all
-  Dscf::Marketplace::RequestForQuotation.delete_all
-  Dscf::Marketplace::Listing.delete_all
-  Dscf::Marketplace::SupplierProduct.delete_all
-  Dscf::Marketplace::Product.delete_all
-  Dscf::Core::Business.delete_all
-  Dscf::Core::User.where.not(email: "admin@example.com").delete_all
-  Dscf::Core::Address.delete_all
-  puts "🌱 Creating base units and categories..."
-  # Units
-  kg = Dscf::Marketplace::Unit.create!(name: "Kilogram", code: "kg", unit_type: :weight)
-  Dscf::Marketplace::Unit.create!(name: "Piece", code: "pc", unit_type: :quantity)
-  liter = Dscf::Marketplace::Unit.create!(name: "Liter", code: "L", unit_type: :volume)
-  # Categories
-  fruits_veg = Dscf::Marketplace::Category.create!(name: "Fruits & Vegetables")
-  dairy = Dscf::Marketplace::Category.create!(name: "Dairy Products")
-  Dscf::Marketplace::Category.create!(name: "Grains & Cereals")
-  Dscf::Marketplace::Category.create!(name: "Beverages")
-  puts "✅ Created #{Dscf::Marketplace::Unit.count} units and #{Dscf::Marketplace::Category.count} categories"
-  puts "👥 Creating users and personas..."
-  # Business Types
-  wholesale_type = Dscf::Core::BusinessType.find_or_create_by!(name: "Wholesale Distributor")
-  retail_type = Dscf::Core::BusinessType.find_or_create_by!(name: "Retail Store")
-  # Consumers
-  consumer1 = Dscf::Core::User.create!(
-    email: "abebe.consumer@example.com",
-    phone: "+251911123456"
-  )
-  consumer2 = Dscf::Core::User.create!(
-    email: "tigist.consumer@example.com",
-    phone: "+251922334567"
-  )
-  # Drivers
-  driver1 = Dscf::Core::User.create!(
-    email: "driver.ahmed@example.com",
-    phone: "+251933445678"
-  )
-  Dscf::Core::User.create!(
-    email: "driver.mariam@example.com",
-    phone: "+251944556789"
-  )
-  puts "✅ Created #{Dscf::Core::User.count} users (#{Dscf::Core::User.where("email LIKE ?", "%consumer%").count} consumers, #{Dscf::Core::User.where("email LIKE ?", "%driver%").count} drivers)"
-  puts "🏢 Creating businesses and linking to users..."
-  # Wholesalers
-  wholesale_user1 = Dscf::Core::User.create!(
-    email: "wholesale.addis@example.com",
-    phone: "+251955667890"
-  )
-  wholesaler1 = Dscf::Core::Business.create!(
-    name: "Addis Wholesale Distributors",
-    contact_email: "contact@addiswholesale.et",
-    contact_phone: "+251966778901",
-    tin_number: "1234567890",
-    business_type: wholesale_type,
-    user: wholesale_user1
-  )
-  wholesale_user2 = Dscf::Core::User.create!(
-    email: "wholesale.ethio@example.com",
-    phone: "+251977889012"
-  )
-  wholesaler2 = Dscf::Core::Business.create!(
-    name: "Ethio Agricultural Wholesale",
-    contact_email: "info@ethiowholesale.et",
-    contact_phone: "+251988990123",
-    tin_number: "0987654321",
-    business_type: wholesale_type,
-    user: wholesale_user2
-  )
-  # Retailers
-  retail_user1 = Dscf::Core::User.create!(
-    email: "retail.meklit@example.com",
-    phone: "+251999001234"
-  )
-  Dscf::Core::Business.create!(
-    name: "Meklit Fresh Market",
-    contact_email: "meklit@freshmarket.et",
-    contact_phone: "+251910112345",
-    tin_number: "1122334455",
-    business_type: retail_type,
-    user: retail_user1
-  )
-  retail_user2 = Dscf::Core::User.create!(
-    email: "retail.bole@example.com",
-    phone: "+251921223456"
-  )
-  Dscf::Core::Business.create!(
-    name: "Bole Modern Supermarket",
-    contact_email: "info@bolesuper.et",
-    contact_phone: "+251932334567",
-    tin_number: "5566778899",
-    business_type: retail_type,
-    user: retail_user2
-  )
-  puts "✅ Created #{Dscf::Core::Business.count} businesses (#{Dscf::Core::Business.joins(:user).where("dscf_core_users.email LIKE ?", "%wholesale%").count} wholesalers, #{Dscf::Core::Business.joins(:user).where("dscf_core_users.email LIKE ?", "%retail%").count} retailers)"
-  puts "📦 Creating products and supplier listings..."
-  # Products from wholesalers
-  banana_product = wholesaler1.supplier_products.create!(
-    product: Dscf::Marketplace::Product.create!(
-      name: "Fresh Bananas",
-      category: fruits_veg,
-      unit: kg
-    )
-  )
-  banana_listing = Dscf::Marketplace::Listing.create!(
-    supplier_product: banana_product,
-    price: 25.00,
-    quantity: 1000,
-    status: :active
-  )
-  milk_product = wholesaler2.supplier_products.create!(
-    product: Dscf::Marketplace::Product.create!(
-      name: "Fresh Cow Milk",
-      category: dairy,
-      unit: liter
-    )
-  )
-  milk_listing = Dscf::Marketplace::Listing.create!(
-    supplier_product: milk_product,
-    price: 45.00,
-    quantity: 500,
-    status: :active
-  )
-  puts "✅ Created #{Dscf::Marketplace::Product.count} products and #{Dscf::Marketplace::Listing.count} active listings"
-  puts "📋 Creating RFQs and quotations..."
-  # RFQ from retailer to wholesalers
-  rfq = Dscf::Marketplace::RequestForQuotation.create!(
-    user: retail_user1,
-    status: :sent,
-    notes: "Monthly supply of fresh produce"
-  )
-  # RFQ items
-  rfq.rfq_items.create!(
-    product: banana_product.product,
-    unit: kg,
-    quantity: 200,
-    notes: "Premium quality bananas"
-  )
-  rfq.rfq_items.create!(
-    product: milk_product.product,
-    unit: liter,
-    quantity: 100,
-    notes: "Fresh morning milk"
-  )
-  # Quotations from wholesalers
-  quotation1 = Dscf::Marketplace::Quotation.create!(
-    request_for_quotation: rfq,
-    business: wholesaler1,
-    total_price: 5000.00,
-    delivery_date: 3.days.from_now.to_date,
-    valid_until: 10.days.from_now,
-    status: :accepted,
-    notes: "Competitive pricing for bulk orders"
-  )
-  quotation1.quotation_items.create!(
-    rfq_item: rfq.rfq_items.first,
-    product: banana_product.product,
-    unit: kg,
-    quantity: 200,
-    unit_price: 25.00
-  )
-  quotation2 = Dscf::Marketplace::Quotation.create!(
-    request_for_quotation: rfq,
-    business: wholesaler2,
-    total_price: 4500.00,
-    delivery_date: 2.days.from_now.to_date,
-    valid_until: 8.days.from_now,
-    status: :sent,
-    notes: "Direct from farm fresh milk"
-  )
-  quotation2.quotation_items.create!(
-    rfq_item: rfq.rfq_items.second,
-    product: milk_product.product,
-    unit: liter,
-    quantity: 100,
-    unit_price: 45.00
-  )
-  puts "✅ Created #{Dscf::Marketplace::RequestForQuotation.count} RFQs with #{Dscf::Marketplace::Quotation.count} quotations"
-  puts "🛒 Creating orders from consumers and retailers..."
-  # Addresses for orders
-  consumer_address = Dscf::Core::Address.create!(
-    user: consumer1,
-    address_type: :shipping,
-    country: "Ethiopia",
-    city: "Addis Ababa",
-    sub_city: "Bole",
-    woreda: "05",
-    kebele: "09",
-    house_numbers: "123",
-    po_box: "5678",
-    latitude: 9.0108,
-    longitude: 38.7613
-  )
-  retailer_address = Dscf::Core::Address.create!(
-    user: retail_user1,
-    address_type: :shipping,
-    country: "Ethiopia",
-    city: "Addis Ababa",
-    sub_city: "Piassa",
-    woreda: "01",
-    kebele: "12",
-    house_numbers: "456",
-    po_box: "9012",
-    latitude: 9.0308,
-    longitude: 38.7413
-  )
-  # Order from consumer via direct listing
-  consumer_order = Dscf::Marketplace::Order.create_from_listing(
-    milk_listing,
-    consumer1,
-    10,
-    consumer_address
-  )
-  # Order from retailer via accepted quotation
-  retailer_order = Dscf::Marketplace::Order.create_from_quotation(
-    quotation1,
-    retailer_address
-  )
-  puts "✅ Created #{Dscf::Marketplace::Order.count} orders (#{Dscf::Marketplace::Order.where(order_type: :direct_listing).count} direct, #{Dscf::Marketplace::Order.where(order_type: :rfq_based).count} RFQ-based)"
-  puts "🚚 Creating delivery orders with multiple dropoffs..."
-  # Pickup address
-  pickup_address = Dscf::Core::Address.create!(
-    user: wholesaler1.user,
-    address_type: :business,
-    country: "Ethiopia",
-    city: "Addis Ababa",
-    sub_city: "Kazanchis",
-    woreda: "03",
-    kebele: "15",
-    house_numbers: "789",
-    po_box: "3456",
-    latitude: 9.0208,
-    longitude: 38.7513
-  )
-  # Additional dropoff
-  extra_address = Dscf::Core::Address.create!(
-    user: consumer2,
-    address_type: :shipping,
-    country: "Ethiopia",
-    city: "Addis Ababa",
-    sub_city: "Merkato",
-    woreda: "07",
-    kebele: "21",
-    house_numbers: "101",
-    po_box: "7890",
-    latitude: 9.0008,
-    longitude: 38.7713
-  )
-  # Create delivery order
-  delivery_order = Dscf::Marketplace::DeliveryOrder.create!(
-    driver: driver1,
-    pickup_address: pickup_address,
-    status: :assigned,
-    vehicle_type: :motorcycle,
-    estimated_delivery_price: 150.00,
-    estimated_delivery_time: 2.hours.from_now
-  )
-  # Associate orders
-  consumer_order.update!(delivery_order: delivery_order)
-  retailer_order.update!(delivery_order: delivery_order)
-  # Create additional order for third dropoff
-  extra_order = Dscf::Marketplace::Order.create_from_listing(
-    banana_listing,
-    consumer2,
-    5,
-    extra_address
-  )
-  extra_order.update!(delivery_order: delivery_order)
-  # Create delivery order items
-  delivery_order.delivery_order_items.create!(
-    order_item: consumer_order.order_items.first,
-    pickup_address: pickup_address,
-    dropoff_address: consumer_address
-  )
+puts "🌱 Seeding marketplace permissions and default USER role..."
+Dscf::Core::PermissionRegistry.register("dscf-marketplace") do
+  resource :categories, actions: %i[index show create update destroy subcategories]
+  resource :products, actions: %i[index show create update destroy filter supplier_products]
+  resource :units, actions: %i[index show create update destroy]
+  resource :unit_conversions, actions: %i[index show create update destroy]
+  resource :supplier_products, actions: %i[index show create update destroy my_products]
+  resource :listings, actions: %i[index show create update destroy activate pause sold_out my_listings listings_by_supplier]
+  resource :request_for_quotations, actions: %i[index show create update destroy send_rfq close respond my_rfqs filter]
+  resource :rfq_items, actions: %i[index show create update destroy]
+  resource :quotations, actions: %i[index show create update destroy accept reject send_quotation my_quotes filter]
+  resource :quotation_items, actions: %i[index show create update destroy]
+  resource :orders, actions: %i[index show create update destroy confirm cancel complete my_orders filter]
+  resource :order_items, actions: %i[index show create update destroy]
+  resource :delivery_orders, actions: %i[
+    index show create update destroy pickup start_delivery complete_delivery mark_failed accept summary
+    my_driver_deliveries filter convert_orders
+  ]
+  resource :delivery_stops, actions: %i[index show create update destroy verify]
+  resource :delivery_order_items, actions: %i[index show create update destroy receiver_confirm report_issue dispute_delivery]
+  resource :delivery_vehicles, actions: %i[index show create update destroy]
+  resource :locations, actions: %i[get_location]
+end
-  delivery_order.delivery_order_items.create!(
-    order_item: retailer_order.order_items.first,
-    pickup_address: pickup_address,
-    dropoff_address: retailer_address
-  )
+user_role = Dscf::Core::Role.find_or_create_by!(code: "USER") do |role|
+  role.name = "User"
+  role.active = true
+end
+user_role.update!(name: "User", active: true)
-  delivery_order.delivery_order_items.create!(
-    order_item: extra_order.order_items.first,
-    pickup_address: pickup_address,
-    dropoff_address: extra_address
-  )
+marketplace_permissions = Dscf::Core::Permission.where(engine: "dscf-marketplace")
-  puts "✅ Created #{Dscf::Marketplace::DeliveryOrder.count} delivery orders with #{Dscf::Marketplace::DeliveryOrderItem.count} total dropoffs"
-  puts "🎉 Demo seed completed! Created realistic supply chain with #{Dscf::Core::User.count} users, #{Dscf::Core::Business.count} businesses, and #{Dscf::Marketplace::Order.count} orders across the platform."
-rescue => e
-  puts "❌ Seed failed: #{e.message}"
-  puts e.backtrace
-  raise
+marketplace_permissions.find_each do |permission|
+  Dscf::Core::RolePermission.find_or_create_by!(role: user_role, permission: permission)
 end
+puts "✅ Seeded #{marketplace_permissions.count} marketplace permissions and assigned to USER role."

data/lib/dscf/marketplace/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Dscf
   module Marketplace
-    VERSION = "0.7.1".freeze
+    VERSION = "0.7.3".freeze
   end
 end

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: dscf-marketplace
 version: !ruby/object:Gem::Version
-  version: 0.7.1
+  version: 0.7.3
 platform: ruby
 authors:
 - Asrat
 bindir: bin
 cert_chain: []
-date: 2026-03-10 00:00:00.000000000 Z
+date: 2026-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -416,6 +416,7 @@ extra_rdoc_files: []
 files:
 - MIT-LICENSE
 - Rakefile
+- app/controllers/concerns/dscf/marketplace/demo_permission_bypass.rb
 - app/controllers/dscf/marketplace/application_controller.rb
 - app/controllers/dscf/marketplace/categories_controller.rb
 - app/controllers/dscf/marketplace/delivery_order_items_controller.rb