RubyGems - dup_spree_api - Versions diffs - 1.3.0.rc1 - Mend

dup_spree_api 1.3.0.rc1

Files changed (122) hide show

data/.gitignore +17 -0
data/.rspec +1 -0
data/Gemfile +5 -0
data/LICENSE +22 -0
data/Rakefile +30 -0
data/app/controllers/spree/api/addresses_controller.rb +20 -0
data/app/controllers/spree/api/base_controller.rb +114 -0
data/app/controllers/spree/api/countries_controller.rb +18 -0
data/app/controllers/spree/api/images_controller.rb +32 -0
data/app/controllers/spree/api/line_items_controller.rb +40 -0
data/app/controllers/spree/api/orders_controller.rb +85 -0
data/app/controllers/spree/api/payments_controller.rb +80 -0
data/app/controllers/spree/api/product_properties_controller.rb +65 -0
data/app/controllers/spree/api/products_controller.rb +49 -0
data/app/controllers/spree/api/return_authorizations_controller.rb +54 -0
data/app/controllers/spree/api/shipments_controller.rb +43 -0
data/app/controllers/spree/api/taxonomies_controller.rb +50 -0
data/app/controllers/spree/api/taxons_controller.rb +53 -0
data/app/controllers/spree/api/variants_controller.rb +75 -0
data/app/controllers/spree/api/zones_controller.rb +46 -0
data/app/helpers/spree/api/api_helpers.rb +76 -0
data/app/models/spree/api_configuration.rb +5 -0
data/app/models/spree/line_item_decorator.rb +3 -0
data/app/models/spree/option_value_decorator.rb +5 -0
data/app/models/spree/order_decorator.rb +13 -0
data/app/models/spree/user_decorator.rb +13 -0
data/app/overrides/api_admin_user_edit_form.rb +6 -0
data/app/views/spree/admin/users/_api_fields.html.erb +32 -0
data/app/views/spree/api/addresses/show.v1.rabl +11 -0
data/app/views/spree/api/countries/index.v1.rabl +7 -0
data/app/views/spree/api/countries/show.v1.rabl +5 -0
data/app/views/spree/api/errors/gateway_error.v1.rabl +2 -0
data/app/views/spree/api/errors/invalid_api_key.v1.rabl +2 -0
data/app/views/spree/api/errors/invalid_resource.v1.rabl +3 -0
data/app/views/spree/api/errors/must_specify_api_key.v1.rabl +2 -0
data/app/views/spree/api/errors/not_found.v1.rabl +2 -0
data/app/views/spree/api/errors/unauthorized.v1.rabl +2 -0
data/app/views/spree/api/images/show.v1.rabl +3 -0
data/app/views/spree/api/line_items/new.v1.rabl +3 -0
data/app/views/spree/api/line_items/show.v1.rabl +5 -0
data/app/views/spree/api/orders/address.v1.rabl +0 -0
data/app/views/spree/api/orders/canceled.v1.rabl +0 -0
data/app/views/spree/api/orders/cart.v1.rabl +0 -0
data/app/views/spree/api/orders/complete.v1.rabl +0 -0
data/app/views/spree/api/orders/could_not_transition.v1.rabl +3 -0
data/app/views/spree/api/orders/delivery.v1.rabl +3 -0
data/app/views/spree/api/orders/index.v1.rabl +7 -0
data/app/views/spree/api/orders/invalid_shipping_method.v1.rabl +2 -0
data/app/views/spree/api/orders/payment.v1.rabl +4 -0
data/app/views/spree/api/orders/show.v1.rabl +29 -0
data/app/views/spree/api/payments/credit_over_limit.v1.rabl +2 -0
data/app/views/spree/api/payments/index.v1.rabl +7 -0
data/app/views/spree/api/payments/new.v1.rabl +6 -0
data/app/views/spree/api/payments/show.v1.rabl +2 -0
data/app/views/spree/api/product_properties/index.v1.rabl +7 -0
data/app/views/spree/api/product_properties/new.v1.rabl +2 -0
data/app/views/spree/api/product_properties/show.v1.rabl +2 -0
data/app/views/spree/api/products/index.v1.rabl +8 -0
data/app/views/spree/api/products/new.v1.rabl +3 -0
data/app/views/spree/api/products/product.v1.rabl +1 -0
data/app/views/spree/api/products/show.v1.rabl +25 -0
data/app/views/spree/api/return_authorizations/index.v1.rabl +7 -0
data/app/views/spree/api/return_authorizations/new.v1.rabl +3 -0
data/app/views/spree/api/return_authorizations/show.v1.rabl +2 -0
data/app/views/spree/api/shipments/cannot_ready_shipment.v1.rabl +2 -0
data/app/views/spree/api/shipments/show.v1.rabl +7 -0
data/app/views/spree/api/taxonomies/index.v1.rabl +7 -0
data/app/views/spree/api/taxonomies/nested.v1.rabl +11 -0
data/app/views/spree/api/taxonomies/new.v1.rabl +3 -0
data/app/views/spree/api/taxonomies/show.v1.rabl +15 -0
data/app/views/spree/api/taxons/index.v1.rabl +4 -0
data/app/views/spree/api/taxons/new.v1.rabl +3 -0
data/app/views/spree/api/taxons/show.v1.rabl +8 -0
data/app/views/spree/api/taxons/taxons.v1.rabl +7 -0
data/app/views/spree/api/variants/index.v1.rabl +10 -0
data/app/views/spree/api/variants/new.v1.rabl +2 -0
data/app/views/spree/api/variants/show.v1.rabl +3 -0
data/app/views/spree/api/variants/variant.v1.rabl +1 -0
data/app/views/spree/api/zones/index.v1.rabl +7 -0
data/app/views/spree/api/zones/show.v1.rabl +6 -0
data/config/initializers/metal_load_paths.rb +1 -0
data/config/locales/en.yml +23 -0
data/config/routes.rb +56 -0
data/db/migrate/20100107141738_add_api_key_to_spree_users.rb +7 -0
data/db/migrate/20120411123334_resize_api_key_field.rb +7 -0
data/db/migrate/20120530054546_rename_api_key_to_spree_api_key.rb +7 -0
data/lib/spree/api.rb +12 -0
data/lib/spree/api/controller_setup.rb +27 -0
data/lib/spree/api/engine.rb +35 -0
data/lib/spree/api/responders.rb +11 -0
data/lib/spree/api/responders/rabl_template.rb +22 -0
data/lib/spree/api/testing_support/helpers.rb +35 -0
data/lib/spree/api/testing_support/setup.rb +28 -0
data/lib/spree/api/version.rb +5 -0
data/lib/spree_api.rb +3 -0
data/script/rails +9 -0
data/spec/controllers/spree/api/addresses_controller_spec.rb +45 -0
data/spec/controllers/spree/api/base_controller_spec.rb +42 -0
data/spec/controllers/spree/api/countries_controller_spec.rb +48 -0
data/spec/controllers/spree/api/images_controller_spec.rb +66 -0
data/spec/controllers/spree/api/line_items_controller_spec.rb +77 -0
data/spec/controllers/spree/api/orders_controller_spec.rb +255 -0
data/spec/controllers/spree/api/payments_controller_spec.rb +203 -0
data/spec/controllers/spree/api/product_properties_controller_spec.rb +116 -0
data/spec/controllers/spree/api/products_controller_spec.rb +211 -0
data/spec/controllers/spree/api/return_authorizations_controller_spec.rb +155 -0
data/spec/controllers/spree/api/shipments_controller_spec.rb +59 -0
data/spec/controllers/spree/api/taxonomies_controller_spec.rb +107 -0
data/spec/controllers/spree/api/taxons_controller_spec.rb +87 -0
data/spec/controllers/spree/api/unauthenticated_products_controller_spec.rb +26 -0
data/spec/controllers/spree/api/variants_controller_spec.rb +155 -0
data/spec/controllers/spree/api/zones_controller_spec.rb +111 -0
data/spec/fixtures/thinking-cat.jpg +0 -0
data/spec/models/spree/legacy_user_spec.rb +19 -0
data/spec/models/spree/order_spec.rb +18 -0
data/spec/shared_examples/protect_product_actions.rb +17 -0
data/spec/spec_helper.rb +27 -0
data/spec/support/controller_hacks.rb +27 -0
data/spec/support/database_cleaner.rb +14 -0
data/spec/support/have_attributes_matcher.rb +13 -0
data/spree_api.gemspec +23 -0
metadata +254 -0

data/.gitignore ADDED

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec ADDED

	@@ -0,0 +1 @@
1	+ --colour

data/Gemfile ADDED

@@ -0,0 +1,5 @@
+eval(File.read(File.dirname(__FILE__) + '/../common_spree_dependencies.rb'))
+gem 'spree_core', :path => "../core"
+gemspec

data/LICENSE ADDED

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Ryan Bigg
+MIT License
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile ADDED

@@ -0,0 +1,30 @@
+require 'rubygems'
+require 'rake'
+require 'rake/testtask'
+require 'rake/packagetask'
+require 'rubygems/package_task'
+require 'rspec/core/rake_task'
+require 'spree/core/testing_support/common_rake'
+require 'rails/all'
+Bundler::GemHelper.install_tasks
+RSpec::Core::RakeTask.new
+spec = eval(File.read('spree_api.gemspec'))
+Gem::PackageTask.new(spec) do |p|
+  p.gem_spec = spec
+end
+desc "Release to gemcutter"
+task :release do
+  version = File.read(File.expand_path("../../SPREE_VERSION", __FILE__)).strip
+  cmd = "cd pkg && gem push spree_api-#{version}.gem"; puts cmd; system cmd
+end
+task :default => :spec
+desc "Generates a dummy app for testing"
+task :test_app do
+  ENV['LIB_NAME'] = 'spree/api'
+  Rake::Task['common:test_app'].invoke
+end

data/app/controllers/spree/api/addresses_controller.rb ADDED

@@ -0,0 +1,20 @@
+module Spree
+  module Api
+    class AddressesController < Spree::Api::BaseController
+      respond_to :json
+      def show
+        @address = Address.find(params[:id])
+        authorize! :read, @address
+        respond_with(@address)
+      end
+      def update
+        @address = Address.find(params[:id])
+        authorize! :read, @address
+        @address.update_attributes(params[:address])
+        respond_with(@address, :default_template => :show)
+      end
+    end
+  end
+end

data/app/controllers/spree/api/base_controller.rb ADDED

@@ -0,0 +1,114 @@
+module Spree
+  module Api
+    class BaseController < ActionController::Metal
+      include Spree::Api::ControllerSetup
+      include ::ActionController::Head
+      self.responder = Spree::Api::Responders::AppResponder
+      attr_accessor :current_api_user
+      before_filter :set_content_type
+      before_filter :check_for_api_key, :if => :requires_authentication?
+      before_filter :authenticate_user
+      after_filter  :set_jsonp_format
+      rescue_from CanCan::AccessDenied, :with => :unauthorized
+      rescue_from ActiveRecord::RecordNotFound, :with => :not_found
+      helper Spree::Api::ApiHelpers
+      def set_jsonp_format
+        if params[:callback] && request.get?
+          self.response_body = "#{params[:callback]}(#{self.response_body})"
+          headers["Content-Type"] = 'application/javascript'
+        end
+      end
+      def map_nested_attributes_keys(klass, attributes)
+        nested_keys = klass.nested_attributes_options.keys
+        attributes.inject({}) do |h, (k,v)|
+          key = nested_keys.include?(k.to_sym) ? "#{k}_attributes" : k
+          h[key] = v
+          h
+        end.with_indifferent_access
+      end
+      private
+      def set_content_type
+        content_type = case params[:format]
+        when "json"
+          "application/json"
+        when "xml"
+          "text/xml"
+        end
+        headers["Content-Type"] = content_type
+      end
+      def check_for_api_key
+        render "spree/api/errors/must_specify_api_key", :status => 401 and return if api_key.blank?
+      end
+      def authenticate_user
+        if requires_authentication? || api_key.present?
+          unless @current_api_user = Spree.user_class.find_by_spree_api_key(api_key)
+            render "spree/api/errors/invalid_api_key", :status => 401 and return
+          end
+        else
+          # Effectively, an anonymous user
+          @current_api_user = Spree.user_class.new
+        end
+      end
+      def unauthorized
+        render "spree/api/errors/unauthorized", :status => 401 and return
+      end
+      def requires_authentication?
+        Spree::Api::Config[:requires_authentication]
+      end
+      def not_found
+        render "spree/api/errors/not_found", :status => 404 and return
+      end
+      def current_ability
+        Spree::Ability.new(current_api_user)
+      end
+      def invalid_resource!(resource)
+        @resource = resource
+        render "spree/api/errors/invalid_resource", :status => 422
+      end
+      def api_key
+        request.headers["X-Spree-Token"] || params[:token]
+      end
+      helper_method :api_key
+      def find_product(id)
+        begin
+          product_scope.find_by_permalink!(id.to_s)
+        rescue ActiveRecord::RecordNotFound
+          product_scope.find(id)
+        end
+      end
+      def product_scope
+        if current_api_user.has_spree_role?("admin")
+          scope = Product
+          unless params[:show_deleted]
+            scope = scope.not_deleted
+          end
+        else
+          scope = Product.active
+        end
+        scope.includes(:master)
+      end
+    end
+  end
+end

data/app/controllers/spree/api/countries_controller.rb ADDED

@@ -0,0 +1,18 @@
+module Spree
+  module Api
+    class CountriesController < Spree::Api::BaseController
+      respond_to :json
+      def index
+        @countries = Country.ransack(params[:q]).result.includes(:states).order('name ASC')
+          .page(params[:page]).per(params[:per_page])
+        respond_with(@countries)
+      end
+      def show
+        @country = Country.find(params[:id])
+        respond_with(@country)
+      end
+    end
+  end
+end

data/app/controllers/spree/api/images_controller.rb ADDED

@@ -0,0 +1,32 @@
+module Spree
+  module Api
+    class ImagesController < Spree::Api::BaseController
+      respond_to :json
+      def show
+        @image = Image.find(params[:id])
+        respond_with(@image)
+      end
+      def create
+        authorize! :create, Image
+        @image = Image.create(params[:image])
+        respond_with(@image, :status => 201, :default_template => :show)
+      end
+      def update
+        authorize! :update, Image
+        @image = Image.find(params[:id])
+        @image.update_attributes(params[:image])
+        respond_with(@image, :default_template => :show)
+      end
+      def destroy
+        authorize! :delete, Image
+        @image = Image.find(params[:id])
+        @image.destroy
+        respond_with(@image, :status => 204)
+      end
+    end
+  end
+end

data/app/controllers/spree/api/line_items_controller.rb ADDED

@@ -0,0 +1,40 @@
+module Spree
+  module Api
+    class LineItemsController < Spree::Api::BaseController
+      respond_to :json
+      def create
+        authorize! :read, order
+        @line_item = order.line_items.build(params[:line_item], :as => :api)
+        if @line_item.save
+          respond_with(@line_item, :status => 201, :default_template => :show)
+        else
+          invalid_resource!(@line_item)
+        end
+      end
+      def update
+        authorize! :read, order
+        @line_item = order.line_items.find(params[:id])
+        if @line_item.update_attributes(params[:line_item])
+          respond_with(@line_item, :default_template => :show)
+        else
+          invalid_resource!(@line_item)
+        end
+      end
+      def destroy
+        authorize! :read, order
+        @line_item = order.line_items.find(params[:id])
+        @line_item.destroy
+        respond_with(@line_item, :status => 204)
+      end
+      private
+      def order
+        @order ||= Order.find_by_number!(params[:order_id])
+      end
+    end
+  end
+end

data/app/controllers/spree/api/orders_controller.rb ADDED

@@ -0,0 +1,85 @@
+module Spree
+  module Api
+    class OrdersController < Spree::Api::BaseController
+      respond_to :json
+      before_filter :authorize_read!, :except => [:index, :search, :create]
+      def index
+        # should probably look at turning this into a CanCan step
+        raise CanCan::AccessDenied unless current_api_user.has_spree_role?("admin")
+        @orders = Order.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+        respond_with(@orders)
+      end
+      def show
+        respond_with(@order)
+      end
+      def create
+        @order = Order.build_from_api(current_api_user, nested_params)
+        next!(:status => 201)
+      end
+      def update
+        authorize! :update, Order
+        if order.update_attributes(nested_params)
+          order.update!
+          respond_with(order, :default_template => :show)
+        else
+          invalid_resource!(order)
+        end
+      end
+      def address
+        order.build_ship_address(params[:shipping_address]) if params[:shipping_address]
+        order.build_bill_address(params[:billing_address]) if params[:billing_address]
+        next!
+      end
+      def delivery
+        begin
+          ShippingMethod.find(params[:shipping_method_id])
+        rescue ActiveRecord::RecordNotFound
+          render :invalid_shipping_method, :status => 422
+        else
+          order.update_attribute(:shipping_method_id, params[:shipping_method_id])
+          next!
+        end
+      end
+      def cancel
+        order.cancel!
+        render :show
+      end
+      def empty
+        order.line_items.destroy_all
+        order.update!
+        render :text => nil, :status => 200
+      end
+      private
+      def nested_params
+        map_nested_attributes_keys Order, params[:order] || {}
+      end
+      def order
+        @order ||= Order.find_by_number!(params[:id])
+      end
+      def next!(options={})
+        if @order.valid? && @order.next
+          render :show, :status => options[:status] || 200
+        else
+          render :could_not_transition, :status => 422
+        end
+      end
+      def authorize_read!
+        authorize! :read, order
+      end
+    end
+  end
+end

data/app/controllers/spree/api/payments_controller.rb ADDED

@@ -0,0 +1,80 @@
+module Spree
+  module Api
+    class PaymentsController < Spree::Api::BaseController
+      respond_to :json
+      before_filter :find_order
+      before_filter :find_payment, :only => [:show, :authorize, :purchase, :capture, :void, :credit]
+      def index
+        @payments = @order.payments.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+        respond_with(@payments)
+      end
+      def new
+        @payment_methods = Spree::PaymentMethod.where(:environment => Rails.env)
+        respond_with(@payment_method)
+      end
+      def create
+        @payment = @order.payments.build(params[:payment])
+        if @payment.save
+          respond_with(@payment, :status => 201, :default_template => :show)
+        else
+          invalid_resource!(@payment)
+        end
+      end
+      def show
+        respond_with(@payment)
+      end
+      def authorize
+        perform_payment_action(:authorize)
+      end
+      def capture
+        perform_payment_action(:capture)
+      end
+      def purchase
+        perform_payment_action(:purchase)
+      end
+      def void
+        perform_payment_action(:void_transaction)
+      end
+      def credit
+        if params[:amount].to_f > @payment.credit_allowed
+          render "spree/api/payments/credit_over_limit", :status => 422
+        else
+          perform_payment_action(:credit, params[:amount])
+        end
+      end
+      private
+      def find_order
+        @order = Order.find_by_number(params[:order_id])
+        authorize! :read, @order
+      end
+      def find_payment
+        @payment = @order.payments.find(params[:id])
+      end
+      def perform_payment_action(action, *args)
+        authorize! action, Payment
+        begin
+          @payment.send("#{action}!", *args)
+          respond_with(@payment, :default_template => :show)
+        rescue Spree::Core::GatewayError => e
+          @error = e.message
+          render "spree/api/errors/gateway_error", :status => 422
+        end
+      end
+    end
+  end
+end