RubyGems - dscf-marketplace - Versions diffs - 0.7.2 → 0.7.3 - Mend

dscf-marketplace 0.7.2 → 0.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/app/controllers/concerns/dscf/marketplace/demo_permission_bypass.rb +44 -0
data/app/controllers/dscf/marketplace/application_controller.rb +37 -1
data/app/controllers/dscf/marketplace/orders_controller.rb +80 -1
data/lib/dscf/marketplace/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 81c4fc2b3cbb08308f4da22f26a56d9d7a3ca197325c340d491dacfe4adbaa6f
-  data.tar.gz: 1c89213f1171138ea6efc0c8566a60a6937348c7c934cfacc8ccecd53f35c310
+  metadata.gz: 42792144bb56d00c7a6767aa3f8e2b4a0704fbbd815de3647bb942a764b34bb7
+  data.tar.gz: cb649cc916dedf3729a38b12e08714242647f34fd98971741decc3344fe8a776
 SHA512:
-  metadata.gz: 2f812ce7f37138fbf88cfed6c03233193b12fef8a194f8cd632c8006b86814201af5877122679c9634920bcb4ba73291e7ea2171009be15265a38cd9dad524c5
-  data.tar.gz: e6ffd5232a4f43d7d4020f789a0ce6b400858ffd2801192a7008dab0ffd4f66f3dcd3488c0364f26d8861c2b451eb2d6f1f2edcfbd9b990363cd121b6905a3b6
+  metadata.gz: 8ed6fa17b79144e124102e838d34322d4b1735a77f2c9b9015c55f939669c6a6f16d059550394464e66402ceb9002ae33e8213c8da7af84e084c0dc15b9e9d83
+  data.tar.gz: babc3f0ccf9eef0f5be066fa59b0e77046ba03dae121c243ea8a946b3e49c3bfdea146c944486fe5bb1994d08a8e72e88cdcd8d362c2da4e802ba866c6db018c

data/app/controllers/concerns/dscf/marketplace/demo_permission_bypass.rb ADDED Viewed

@@ -0,0 +1,44 @@
+module Dscf
+  module Marketplace
+    module DemoPermissionBypass
+      extend ActiveSupport::Concern
+      included do
+        before_action :demo_bypass_permissions!
+      end
+      def bypass_permissions_for_demo?
+        true
+      end
+      def pundit_user
+        user = current_user
+        return nil unless user
+        bypass_permissions_on_user!(user)
+      end
+      def authorize_review_action!
+        skip_authorization if respond_to?(:skip_authorization, true)
+      end
+      private
+      def demo_bypass_permissions!
+        skip_authorization if respond_to?(:skip_authorization, true)
+        skip_policy_scope if respond_to?(:skip_policy_scope, true)
+      end
+      def bypass_permissions_on_user!(user)
+        return user if user.instance_variable_defined?(:@_banking_demo_permission_bypass)
+        user.define_singleton_method(:has_permission?) { |_permission_code| true }
+        user.define_singleton_method(:can?) { |permission_code| has_permission?(permission_code) }
+        user.define_singleton_method(:super_admin?) { true }
+        user.instance_variable_set(:@_banking_demo_permission_bypass, true)
+        user
+      end
+    end
+  end
+end

data/app/controllers/dscf/marketplace/application_controller.rb CHANGED Viewed

@@ -1,6 +1,42 @@
 module Dscf
   module Marketplace
-    class ApplicationController < Dscf::Core::ApplicationController
+    class ApplicationController < ActionController::API
+      include Dscf::Core::Authenticatable
+      include Dscf::Core::JsonResponse
+      before_action :authenticate_user
+      before_action :demo_bypass_permissions!
+      # TEMPORARY DEMO BYPASS:
+      # Bypass marketplace authorization checks for authenticated users only.
+      # Remove after the demo.
+      def bypass_permissions_for_demo?
+        true
+      end
+      def pundit_user
+        user = current_user
+        return nil unless user
+        bypass_permissions_on_user!(user)
+      end
+      private
+      def demo_bypass_permissions!
+        skip_authorization if respond_to?(:skip_authorization, true)
+        skip_policy_scope if respond_to?(:skip_policy_scope, true)
+      end
+      def bypass_permissions_on_user!(user)
+        return user if user.instance_variable_defined?(:@_banking_demo_permission_bypass)
+        user.define_singleton_method(:has_permission?) { |_permission_code| true }
+        user.define_singleton_method(:can?) { |permission_code| has_permission?(permission_code) }
+        user.define_singleton_method(:super_admin?) { true }
+        user.instance_variable_set(:@_banking_demo_permission_bypass, true)
+        user
+      end
     end
   end
 end

data/app/controllers/dscf/marketplace/orders_controller.rb CHANGED Viewed

@@ -3,6 +3,24 @@ module Dscf
     class OrdersController < ApplicationController
       include Dscf::Core::Common
+      def create
+        authorize @clazz.new, :create?
+        return create_direct_listing_order if direct_listing_request?
+        obj = @clazz.new(model_params)
+        if obj.save
+          obj = @clazz.includes(eager_loaded_associations).find(obj.id) if eager_loaded_associations.present?
+          includes = default_serializer_includes[:create] || []
+          options = {include: includes} if includes.present?
+          render_success(data: obj, serializer_options: options, status: :created)
+        else
+          render_error(errors: obj.errors.full_messages.join(", "), status: :unprocessable_entity)
+        end
+      rescue => e
+        render_error(error: e.message)
+      end
       def filter
         authorize @clazz.new, :filter?
         orders = @clazz.all
@@ -48,7 +66,7 @@ module Dscf
         @obj = find_record
         authorize @obj, :complete?
         if @obj.can_be_completed? && @obj.update(status: :completed)
-          @obj.order_items.update_all(status: OrderItem.statuses[:completed])
+          @obj.order_items.update_all(status: OrderItem.statuses[:fulfilled])
           render_success("orders.success.completed", data: @obj)
         else
           render_error("orders.errors.complete_failed")
@@ -70,6 +88,67 @@ module Dscf
       private
+      def create_direct_listing_order
+        listing = Dscf::Marketplace::Listing.active.find_by(id: model_params[:listing_id])
+        return render_error(errors: "Listing is not available", status: :unprocessable_entity) unless listing
+        quantity = direct_listing_quantity
+        return render_error(errors: "Quantity must be greater than 0", status: :unprocessable_entity) unless quantity.positive?
+        if quantity > listing.quantity
+          return render_error(errors: "Requested quantity exceeds available listing quantity", status: :unprocessable_entity)
+        end
+        order = nil
+        ActiveRecord::Base.transaction do
+          listing.lock!
+          if quantity > listing.quantity
+            listing.errors.add(:base, "Requested quantity exceeds available listing quantity")
+            raise ActiveRecord::RecordInvalid.new(listing)
+          end
+          order = @clazz.new(model_params.except(:order_items_attributes))
+          order.order_type = :direct_listing
+          order.status = :pending
+          order.listing = listing
+          order.ordered_to = listing.business
+          product = listing.supplier_product.product
+          order.order_items.build(
+            listing: listing,
+            product: product,
+            unit: product.unit,
+            quantity: quantity,
+            unit_price: listing.price,
+            status: :pending
+          )
+          order.save!
+          new_quantity = listing.quantity - quantity
+          listing.update!(quantity: new_quantity, status: (new_quantity.zero? ? :sold_out : listing.status))
+        end
+        order = @clazz.includes(eager_loaded_associations).find(order.id) if eager_loaded_associations.present?
+        includes = default_serializer_includes[:create] || []
+        options = {include: includes} if includes.present?
+        render_success(data: order, serializer_options: options, status: :created)
+      rescue ActiveRecord::RecordInvalid => e
+        errors = e.record&.errors&.full_messages&.presence || [e.message]
+        render_error(errors: errors.join(", "), status: :unprocessable_entity)
+      rescue => e
+        render_error(error: e.message)
+      end
+      def direct_listing_request?
+        %w[direct_listing 1].include?(model_params[:order_type].to_s)
+      end
+      def direct_listing_quantity
+        item = model_params[:order_items_attributes]&.first
+        (item&.[](:quantity) || item&.[]("quantity")).to_i
+      end
       def model_params
         params.require(:order).permit(
           :quotation_id, :listing_id, :user_id, :ordered_by_id, :ordered_to_id, :delivery_order_id, :dropoff_address_id,

data/lib/dscf/marketplace/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Dscf
   module Marketplace
-    VERSION = "0.7.2".freeze
+    VERSION = "0.7.3".freeze
   end
 end

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: dscf-marketplace
 version: !ruby/object:Gem::Version
-  version: 0.7.2
+  version: 0.7.3
 platform: ruby
 authors:
 - Asrat
 bindir: bin
 cert_chain: []
-date: 2026-03-10 00:00:00.000000000 Z
+date: 2026-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -416,6 +416,7 @@ extra_rdoc_files: []
 files:
 - MIT-LICENSE
 - Rakefile
+- app/controllers/concerns/dscf/marketplace/demo_permission_bypass.rb
 - app/controllers/dscf/marketplace/application_controller.rb
 - app/controllers/dscf/marketplace/categories_controller.rb
 - app/controllers/dscf/marketplace/delivery_order_items_controller.rb