effective_orders 4.6.1 → 5.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5693e3ae8df0c31b622cb87ab3297f991e35621f41abd0e9ca02566e1d8777d7
-  data.tar.gz: 6053ce889d3d2e5ffb398a3d01ae0354633c4fcef5a0492c579c3babfc3cd2d1
+  metadata.gz: 982893ebe426c1097f68ffaccbd87a1977c5d48f4ce1a45dbbf5b13752572542
+  data.tar.gz: 1742602893eb3c98aea29e31161c05e60b67929802ed51a39c40d20fb3c4f2b3
 SHA512:
-  metadata.gz: 61f708843535a4ae2f13cb0b6071378b38be77c9a88d6677f83451829191904b8ded3416c330a3e48549531a99b3bfd6d852338952c5444d766e980a03c64708
-  data.tar.gz: 6b995206b0b6e944ba78000b79eea0c674f1bbbbc574ef2432399c6f64d9554a11904e419adb65fd14ec7363dadb2565ee5616f4070ac3f4cdaf2ac9f34d83b1
+  metadata.gz: fa41b81eba8d7c6364fe8192f3e072149562228a666cd8b7b2b41845258e1684a00947bce0b890d9f77f5887ae1a87ba377b68909c7f99d2773ac1801acd12c4
+  data.tar.gz: f7759f4669a5a66492b6dd0259d5e744d64c403775112d0577280397d4b31e2d98dd66bf764e18c4e5359b16346d22b9444ecb65b087b55c4638e2bf28eccfa2

data/README.md

@@ -351,7 +351,10 @@ The permissions you actually want to define for a regular user are as follows (u
 
 ```ruby
 can [:manage], Effective::Cart, user_id: user.id
+
 can [:manage], Effective::Order, user_id: user.id # Orders cannot be deleted
+cannot [:edit, :update], Effective::Order, state: 'purchased'
+
 can [:manage], Effective::Subscription, user_id: user.id
 ```
 

data/app/controllers/admin/orders_controller.rb

@@ -50,7 +50,7 @@ module Admin
     # The show page posts to this action
     # See Effective::OrdersController checkout
     def checkout
-      @order = Effective::Order.find(params[:id])
+      @order = Effective::Order.not_purchased.find(params[:id])
 
       authorize_effective_order!
 

data/app/controllers/effective/orders_controller.rb

@@ -68,13 +68,13 @@ module Effective
 
     # Always step1
     def edit
-      @order ||= Effective::Order.find(params[:id])
+      @order ||= Effective::Order.not_purchased.find(params[:id])
       EffectiveResources.authorize!(self, :edit, @order)
     end
 
     # Confirms the order from existing order
     def update
-      @order ||= Effective::Order.find(params[:id])
+      @order ||= Effective::Order.not_purchased.find(params[:id])
       EffectiveResources.authorize!(self, :update, @order)
 
       @order.assign_attributes(checkout_params)
@@ -110,7 +110,7 @@ module Effective
     end
 
     def send_buyer_receipt
-      @order = Effective::Order.find(params[:id])
+      @order = Effective::Order.purchased.find(params[:id])
       EffectiveResources.authorize!(self, :show, @order)
 
       if @order.send_order_receipt_to_buyer!

data/app/models/effective/order.rb

@@ -34,10 +34,6 @@ module Effective
     belongs_to :user, polymorphic: true, validate: false  # This is the buyer/user of the order. We validate it below.
     has_many :order_items, -> { order(:id) }, inverse_of: :order, dependent: :delete_all
 
-    if defined?(EffectiveQbSync)
-      has_one :qb_order_item
-    end
-
     accepts_nested_attributes_for :order_items, allow_destroy: false, reject_if: :all_blank
     accepts_nested_attributes_for :user, allow_destroy: false, update_only: true
 
@@ -78,6 +74,10 @@ module Effective
       self.state = EffectiveOrders::CONFIRMED if pending?
     end
 
+    before_save(if: -> { state_was == EffectiveOrders::PURCHASED }) do
+      raise EffectiveOrders::AlreadyPurchasedException.new('cannot unpurchase an order') unless purchased?
+    end
+
     # Order validations
     validates :user_id, presence: true
     validates :email, presence: true, email: true  # email and cc validators are from effective_resources
@@ -261,12 +261,6 @@ module Effective
       end
     end
 
-    # first or build
-    def qb_item_name
-      raise('expected EffectiveQbSync gem') unless defined?(EffectiveQbSync)
-      (qb_order_item || build_qb_order_item(name: purchasable.qb_item_name)).name
-    end
-
     def pending?
       state == EffectiveOrders::PENDING
     end
@@ -338,6 +332,8 @@ module Effective
     # It skips any address or bad user validations
     # It's basically the same as save! on a new order, except it might send the payment request to buyer
     def pending!
+      return false if purchased?
+
       self.state = EffectiveOrders::PENDING
       self.addresses.clear if addresses.any? { |address| address.valid? == false }
       save!
@@ -348,6 +344,7 @@ module Effective
 
     # Used by admin checkout only
     def confirm!
+      return false if purchased?
       update!(state: EffectiveOrders::CONFIRMED)
     end
 

data/app/models/effective/order_item.rb

@@ -5,6 +5,10 @@ module Effective
     belongs_to :order
     belongs_to :purchasable, polymorphic: true
 
+    if defined?(EffectiveQbSync)
+      has_one :qb_order_item
+    end
+
     effective_resource do
       name                  :string
       quantity              :integer
@@ -61,5 +65,11 @@ module Effective
       end
     end
 
+    # first or build
+    def qb_item_name
+      raise('expected EffectiveQbSync gem') unless defined?(EffectiveQbSync)
+      (qb_order_item || build_qb_order_item(name: purchasable.qb_item_name)).name
+    end
+
   end
 end

data/lib/effective_orders/version.rb

@@ -1,3 +1,3 @@
 module EffectiveOrders
-  VERSION = '4.6.1'.freeze
+  VERSION = '5.0.2'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_orders
 version: !ruby/object:Gem::Version
-  version: 4.6.1
+  version: 5.0.2
 platform: ruby
 authors:
 - Code and Effect
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-03-01 00:00:00.000000000 Z
+date: 2021-03-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails