dup_spree_api 1.3.0.rc1

data/app/controllers/spree/api/product_properties_controller.rb

@@ -0,0 +1,65 @@
+module Spree
+  module Api
+    class ProductPropertiesController < Spree::Api::BaseController
+      respond_to :json
+
+      before_filter :find_product
+      before_filter :product_property, :only => [:show, :update, :destroy]
+
+      def index
+        @product_properties = @product.product_properties.ransack(params[:q]).result
+          .page(params[:page]).per(params[:per_page])
+        respond_with(@product_properties)
+      end
+
+      def show
+        respond_with(@product_property)
+      end
+
+      def new
+      end
+
+      def create
+        authorize! :create, ProductProperty
+        @product_property = @product.product_properties.new(params[:product_property])
+        if @product_property.save
+          respond_with(@product_property, :status => 201, :default_template => :show)
+        else
+          invalid_resource!(@product_property)
+        end
+      end
+
+      def update
+        authorize! :update, ProductProperty
+        if @product_property  && @product_property.update_attributes(params[:product_property])
+          respond_with(@product_property, :status => 200, :default_template => :show)
+        else
+          invalid_resource!(@product_property)
+        end
+      end
+
+      def destroy
+        authorize! :delete, ProductProperty
+        if(@product_property)
+          @product_property.destroy
+          respond_with(@product_property, :status => 204)
+        else
+          invalid_resource!(@product_property)
+        end
+
+      end
+
+      private
+        def find_product
+          @product = super(params[:product_id])
+        end
+
+        def product_property
+          if @product
+            @product_property ||= @product.product_properties.find_by_id(params[:id])
+            @product_property ||= @product.product_properties.joins(:property).where('spree_properties.name' => params[:id]).readonly(false).first
+          end
+        end
+    end
+  end
+end

data/app/controllers/spree/api/products_controller.rb

@@ -0,0 +1,49 @@
+module Spree
+  module Api
+    class ProductsController < Spree::Api::BaseController
+      respond_to :json
+
+      def index
+        @products = product_scope.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+        respond_with(@products)
+      end
+
+      def show
+        @product = find_product(params[:id])
+        respond_with(@product)
+      end
+
+      def new
+      end
+
+      def create
+        authorize! :create, Product
+        params[:product][:available_on] ||= Time.now
+        @product = Product.new(params[:product])
+        if @product.save
+          respond_with(@product, :status => 201, :default_template => :show)
+        else
+          invalid_resource!(@product)
+        end
+      end
+
+      def update
+        authorize! :update, Product
+        @product = find_product(params[:id])
+        if @product.update_attributes(params[:product])
+          respond_with(@product, :status => 200, :default_template => :show)
+        else
+          invalid_resource!(@product)
+        end
+      end
+
+      def destroy
+        authorize! :delete, Product
+        @product = find_product(params[:id])
+        @product.update_attribute(:deleted_at, Time.now)
+        @product.variants_including_master.update_all(:deleted_at => Time.now)
+        respond_with(@product, :status => 204)
+      end
+    end
+  end
+end

data/app/controllers/spree/api/return_authorizations_controller.rb

@@ -0,0 +1,54 @@
+module Spree
+  module Api
+    class ReturnAuthorizationsController < Spree::Api::BaseController
+      respond_to :json
+
+      before_filter :authorize_admin!
+
+      def index
+        @return_authorizations = order.return_authorizations.ransack(params[:q]).result
+          .page(params[:page]).per(params[:per_page])
+        respond_with(@return_authorizations)
+      end
+
+      def show
+        @return_authorization = order.return_authorizations.find(params[:id])
+        respond_with(@return_authorization)
+      end
+
+      def create
+        @return_authorization = order.return_authorizations.build(params[:return_authorization], :as => :api)
+        if @return_authorization.save
+          respond_with(@return_authorization, :status => 201, :default_template => :show)
+        else
+          invalid_resource!(@return_authorization)
+        end
+      end
+
+      def update
+        @return_authorization = order.return_authorizations.find(params[:id])
+        if @return_authorization.update_attributes(params[:return_authorization])
+          respond_with(@return_authorization, :default_template => :show)
+        else
+          invalid_resource!(@return_authorization)
+        end
+      end
+
+      def destroy
+        @return_authorization = order.return_authorizations.find(params[:id])
+        @return_authorization.destroy
+        respond_with(@return_authorization, :status => 204)
+      end
+
+      private
+
+      def order
+        @order ||= Order.find_by_number!(params[:order_id])
+      end
+
+      def authorize_admin!
+        authorize! :manage, Spree::ReturnAuthorization
+      end
+    end
+  end
+end

data/app/controllers/spree/api/shipments_controller.rb

@@ -0,0 +1,43 @@
+module Spree
+  module Api
+    class ShipmentsController < Spree::Api::BaseController
+      respond_to :json
+
+      before_filter :find_order
+      before_filter :find_and_update_shipment, :only => [:ship, :ready]
+
+      def ready
+        authorize! :read, Shipment
+        unless @shipment.ready?
+          if @shipment.can_ready?
+            @shipment.ready!
+          else
+            render "spree/api/shipments/cannot_ready_shipment", :status => 422 and return
+          end
+        end
+        respond_with(@shipment, :default_template => :show)
+      end
+
+      def ship
+        authorize! :read, Shipment
+        unless @shipment.shipped?
+          @shipment.ship!
+        end
+        respond_with(@shipment, :default_template => :show)
+      end
+
+      private
+
+      def find_order
+        @order = Spree::Order.find_by_number!(params[:order_id])
+        authorize! :read, @order
+      end
+
+      def find_and_update_shipment
+        @shipment = @order.shipments.find_by_number!(params[:id])
+        @shipment.update_attributes(params[:shipment])
+        @shipment.reload
+      end
+    end
+  end
+end

data/app/controllers/spree/api/taxonomies_controller.rb

@@ -0,0 +1,50 @@
+module Spree
+  module Api
+    class TaxonomiesController < Spree::Api::BaseController
+      respond_to :json
+
+      def index
+        @taxonomies = Taxonomy.order('name').includes(:root => :children).ransack(params[:q]).result
+          .page(params[:page]).per(params[:per_page])
+        respond_with(@taxonomies)
+      end
+
+      def show
+        @taxonomy = Taxonomy.find(params[:id])
+        respond_with(@taxonomy)
+      end
+
+      def create
+        authorize! :create, Taxonomy
+        @taxonomy = Taxonomy.new(params[:taxonomy])
+        if @taxonomy.save
+          respond_with(@taxonomy, :status => 201, :default_template => :show)
+        else
+          invalid_resource!(@taxonomy)
+        end
+      end
+
+      def update
+        authorize! :update, Taxonomy
+        if taxonomy.update_attributes(params[:taxonomy])
+          respond_with(taxonomy, :status => 200, :default_template => :show)
+        else
+          invalid_resource!(taxonomy)
+        end
+      end
+
+      def destroy
+        authorize! :delete, Taxonomy
+        taxonomy.destroy
+        respond_with(taxonomy, :status => 204)
+      end
+
+      private
+
+      def taxonomy
+        @taxonomy ||= Taxonomy.find(params[:id])
+      end
+
+    end
+  end
+end

data/app/controllers/spree/api/taxons_controller.rb

@@ -0,0 +1,53 @@
+module Spree
+  module Api
+    class TaxonsController < Spree::Api::BaseController
+      respond_to :json
+
+      def index
+        @taxons = taxonomy.root.children
+        respond_with(@taxons)
+      end
+
+      def show
+        @taxon = taxon
+        respond_with(@taxon)
+      end
+
+      def create
+        authorize! :create, Taxon
+        @taxon = Taxon.new(params[:taxon])
+        if @taxon.save
+          respond_with(@taxon, :status => 201, :default_template => :show)
+        else
+          invalid_resource!(@taxon)
+        end
+      end
+
+      def update
+        authorize! :update, Taxon
+        if taxon.update_attributes(params[:taxon])
+          respond_with(taxon, :status => 200, :default_template => :show)
+        else
+          invalid_resource!(taxon)
+        end
+      end
+
+      def destroy
+        authorize! :delete, Taxon
+        taxon.destroy
+        respond_with(taxon, :status => 204)
+      end
+
+      private
+
+      def taxonomy
+        @taxonomy ||= Taxonomy.find(params[:taxonomy_id])
+      end
+
+      def taxon
+        @taxon ||= taxonomy.taxons.find(params[:id])
+      end
+
+    end
+  end
+end

data/app/controllers/spree/api/variants_controller.rb

@@ -0,0 +1,75 @@
+module Spree
+  module Api
+    class VariantsController < Spree::Api::BaseController
+      respond_to :json
+
+      before_filter :product
+
+      def index
+        @variants = scope.includes(:option_values).ransack(params[:q]).result.
+          page(params[:page]).per(params[:per_page])
+        respond_with(@variants)
+      end
+
+      def show
+        @variant = scope.includes(:option_values).find(params[:id])
+        respond_with(@variant)
+      end
+
+      def new
+      end
+
+      def create
+        authorize! :create, Variant
+        @variant = scope.new(params[:product])
+        if @variant.save
+          respond_with(@variant, :status => 201, :default_template => :show)
+        else
+          invalid_resource!(@variant)
+        end
+      end
+
+      def update
+        authorize! :update, Variant
+        @variant = scope.find(params[:id])
+        if @variant.update_attributes(params[:variant])
+          respond_with(@variant, :status => 200, :default_template => :show)
+        else
+          invalid_resource!(@product)
+        end
+      end
+
+      def destroy
+        authorize! :delete, Variant
+        @variant = scope.find(params[:id])
+        @variant.destroy
+        respond_with(@variant, :status => 204)
+      end
+
+      private
+        def product
+          @product ||= Spree::Product.find_by_permalink(params[:product_id]) if params[:product_id]
+        end
+
+        def scope
+          if @product
+            unless current_api_user.has_spree_role?("admin") || params[:show_deleted]
+              variants = @product.variants_including_master
+            else
+              variants = @product.variants_including_master_and_deleted
+            end
+          else
+            variants = Variant.scoped
+            if current_api_user.has_spree_role?("admin")
+              unless params[:show_deleted]
+                variants = Variant.active
+              end
+            else
+              variants = variants.active
+            end
+          end
+          variants
+        end
+    end
+  end
+end

data/app/controllers/spree/api/zones_controller.rb

@@ -0,0 +1,46 @@
+module Spree
+  module Api
+    class ZonesController < Spree::Api::BaseController
+      respond_to :json
+
+      def index
+        @zones = Zone.order('name ASC').ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+        respond_with(@zones)
+      end
+
+      def show
+        respond_with(zone)
+      end
+
+      def create
+        authorize! :create, Zone
+        @zone = Zone.new(map_nested_attributes_keys(Spree::Zone, params[:zone]))
+        if @zone.save
+          respond_with(@zone, :status => 201, :default_template => :show)
+        else
+          invalid_resource!(@zone)
+        end
+      end
+
+      def update
+        authorize! :update, Zone
+        if zone.update_attributes(map_nested_attributes_keys(Spree::Zone, params[:zone]))
+          respond_with(zone, :status => 200, :default_template => :show)
+        else
+          invalid_resource!(zone)
+        end
+      end
+
+      def destroy
+        authorize! :delete, Zone
+        zone.destroy
+        respond_with(zone, :status => 204)
+      end
+
+      private
+      def zone
+        @zone ||= Spree::Zone.find(params[:id])
+      end
+    end
+  end
+end

data/app/helpers/spree/api/api_helpers.rb

@@ -0,0 +1,76 @@
+module Spree
+  module Api
+    module ApiHelpers
+      def required_fields_for(model)
+        required_fields = model._validators.select do |field, validations|
+          validations.any? { |v| v.is_a?(ActiveModel::Validations::PresenceValidator) }
+        end.map(&:first) # get fields that are invalid
+        # Permalinks presence is validated, but are really automatically generated
+        # Therefore we shouldn't tell API clients that they MUST send one through
+        required_fields.map!(&:to_s).delete("permalink")
+        required_fields
+      end
+
+      def product_attributes
+        [:id, :name, :description, :price, :available_on, :permalink,
+          :count_on_hand, :meta_description, :meta_keywords, :taxon_ids]
+      end
+
+      def product_property_attributes
+        [:id, :product_id, :property_id, :value, :property_name]
+      end
+
+      def variant_attributes
+        [:id, :name, :count_on_hand, :sku, :price, :weight, :height, :width, :depth, :is_master, :cost_price, :permalink]
+      end
+
+      def image_attributes
+        [:id, :position, :attachment_content_type, :attachment_file_name, :type, :attachment_updated_at, :attachment_width, :attachment_height, :alt]
+      end
+
+      def option_value_attributes
+        [:id, :name, :presentation, :option_type_name, :option_type_id]
+      end
+
+      def order_attributes
+        [:id, :number, :item_total, :total, :state, :adjustment_total, :user_id, :created_at, :updated_at, :completed_at, :payment_total, :shipment_state, :payment_state, :email, :special_instructions]
+      end
+
+      def line_item_attributes
+        [:id, :quantity, :price, :variant_id]
+      end
+
+      def option_type_attributes
+        [:id, :name, :presentation, :position]
+      end
+
+      def payment_attributes
+        [:id, :source_type, :source_id, :amount, :payment_method_id, :response_code, :state, :avs_response, :created_at, :updated_at]
+      end
+
+      def payment_method_attributes
+        [:id, :name, :description]
+      end
+
+      def shipment_attributes
+        [:id, :tracking, :number, :cost, :shipped_at, :state]
+      end
+
+      def taxonomy_attributes
+        [:id, :name]
+      end
+
+      def taxon_attributes
+        [:id, :name, :permalink, :position, :parent_id, :taxonomy_id]
+      end
+
+      def return_authorization_attributes
+        [:id, :number, :state, :amount, :order_id, :reason, :created_at, :updated_at]
+      end
+
+      def country_attributes
+        [:id, :iso_name, :iso, :iso3, :name, :numcode]
+      end
+    end
+  end
+end