goca-spree-api 3.1.14.rails.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (151) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +17 -0
  3. data/Gemfile +5 -0
  4. data/LICENSE +26 -0
  5. data/Rakefile +16 -0
  6. data/app/controllers/spree/api/base_controller.rb +167 -0
  7. data/app/controllers/spree/api/v1/addresses_controller.rb +46 -0
  8. data/app/controllers/spree/api/v1/checkouts_controller.rb +103 -0
  9. data/app/controllers/spree/api/v1/classifications_controller.rb +20 -0
  10. data/app/controllers/spree/api/v1/countries_controller.rb +24 -0
  11. data/app/controllers/spree/api/v1/credit_cards_controller.rb +27 -0
  12. data/app/controllers/spree/api/v1/images_controller.rb +56 -0
  13. data/app/controllers/spree/api/v1/inventory_units_controller.rb +54 -0
  14. data/app/controllers/spree/api/v1/line_items_controller.rb +70 -0
  15. data/app/controllers/spree/api/v1/option_types_controller.rb +51 -0
  16. data/app/controllers/spree/api/v1/option_values_controller.rb +60 -0
  17. data/app/controllers/spree/api/v1/orders_controller.rb +148 -0
  18. data/app/controllers/spree/api/v1/payments_controller.rb +83 -0
  19. data/app/controllers/spree/api/v1/product_properties_controller.rb +70 -0
  20. data/app/controllers/spree/api/v1/products_controller.rb +126 -0
  21. data/app/controllers/spree/api/v1/promotions_controller.rb +28 -0
  22. data/app/controllers/spree/api/v1/properties_controller.rb +72 -0
  23. data/app/controllers/spree/api/v1/return_authorizations_controller.rb +71 -0
  24. data/app/controllers/spree/api/v1/shipments_controller.rb +163 -0
  25. data/app/controllers/spree/api/v1/states_controller.rb +37 -0
  26. data/app/controllers/spree/api/v1/stock_items_controller.rb +77 -0
  27. data/app/controllers/spree/api/v1/stock_locations_controller.rb +52 -0
  28. data/app/controllers/spree/api/v1/stock_movements_controller.rb +45 -0
  29. data/app/controllers/spree/api/v1/stores_controller.rb +57 -0
  30. data/app/controllers/spree/api/v1/taxonomies_controller.rb +66 -0
  31. data/app/controllers/spree/api/v1/taxons_controller.rb +95 -0
  32. data/app/controllers/spree/api/v1/users_controller.rb +60 -0
  33. data/app/controllers/spree/api/v1/variants_controller.rb +75 -0
  34. data/app/controllers/spree/api/v1/zones_controller.rb +51 -0
  35. data/app/helpers/spree/api/api_helpers.rb +173 -0
  36. data/app/models/spree/api_configuration.rb +5 -0
  37. data/app/views/spree/api/errors/gateway_error.v1.rabl +2 -0
  38. data/app/views/spree/api/errors/invalid_api_key.v1.rabl +2 -0
  39. data/app/views/spree/api/errors/invalid_resource.v1.rabl +3 -0
  40. data/app/views/spree/api/errors/must_specify_api_key.v1.rabl +2 -0
  41. data/app/views/spree/api/errors/not_found.v1.rabl +2 -0
  42. data/app/views/spree/api/errors/unauthorized.v1.rabl +2 -0
  43. data/app/views/spree/api/v1/addresses/show.v1.rabl +10 -0
  44. data/app/views/spree/api/v1/adjustments/show.v1.rabl +4 -0
  45. data/app/views/spree/api/v1/config/money.v1.rabl +2 -0
  46. data/app/views/spree/api/v1/config/show.v1.rabl +2 -0
  47. data/app/views/spree/api/v1/countries/index.v1.rabl +7 -0
  48. data/app/views/spree/api/v1/countries/show.v1.rabl +5 -0
  49. data/app/views/spree/api/v1/credit_cards/index.v1.rabl +7 -0
  50. data/app/views/spree/api/v1/credit_cards/show.v1.rabl +3 -0
  51. data/app/views/spree/api/v1/images/index.v1.rabl +4 -0
  52. data/app/views/spree/api/v1/images/new.v1.rabl +3 -0
  53. data/app/views/spree/api/v1/images/show.v1.rabl +6 -0
  54. data/app/views/spree/api/v1/inventory_units/show.rabl +2 -0
  55. data/app/views/spree/api/v1/line_items/new.v1.rabl +3 -0
  56. data/app/views/spree/api/v1/line_items/show.v1.rabl +15 -0
  57. data/app/views/spree/api/v1/option_types/index.v1.rabl +3 -0
  58. data/app/views/spree/api/v1/option_types/new.v1.rabl +3 -0
  59. data/app/views/spree/api/v1/option_types/show.v1.rabl +5 -0
  60. data/app/views/spree/api/v1/option_values/index.v1.rabl +3 -0
  61. data/app/views/spree/api/v1/option_values/new.v1.rabl +3 -0
  62. data/app/views/spree/api/v1/option_values/show.v1.rabl +2 -0
  63. data/app/views/spree/api/v1/orders/address.v1.rabl +0 -0
  64. data/app/views/spree/api/v1/orders/canceled.v1.rabl +0 -0
  65. data/app/views/spree/api/v1/orders/cart.v1.rabl +0 -0
  66. data/app/views/spree/api/v1/orders/complete.v1.rabl +0 -0
  67. data/app/views/spree/api/v1/orders/could_not_apply_coupon.v1.rabl +2 -0
  68. data/app/views/spree/api/v1/orders/could_not_transition.v1.rabl +3 -0
  69. data/app/views/spree/api/v1/orders/index.v1.rabl +7 -0
  70. data/app/views/spree/api/v1/orders/invalid_shipping_method.v1.rabl +2 -0
  71. data/app/views/spree/api/v1/orders/mine.v1.rabl +9 -0
  72. data/app/views/spree/api/v1/orders/order.v1.rabl +10 -0
  73. data/app/views/spree/api/v1/orders/payment.v1.rabl +3 -0
  74. data/app/views/spree/api/v1/orders/show.v1.rabl +51 -0
  75. data/app/views/spree/api/v1/payments/credit_over_limit.v1.rabl +2 -0
  76. data/app/views/spree/api/v1/payments/index.v1.rabl +7 -0
  77. data/app/views/spree/api/v1/payments/new.v1.rabl +5 -0
  78. data/app/views/spree/api/v1/payments/show.v1.rabl +2 -0
  79. data/app/views/spree/api/v1/payments/update_forbidden.v1.rabl +2 -0
  80. data/app/views/spree/api/v1/product_properties/index.v1.rabl +7 -0
  81. data/app/views/spree/api/v1/product_properties/new.v1.rabl +2 -0
  82. data/app/views/spree/api/v1/product_properties/show.v1.rabl +2 -0
  83. data/app/views/spree/api/v1/products/index.v1.rabl +9 -0
  84. data/app/views/spree/api/v1/products/new.v1.rabl +3 -0
  85. data/app/views/spree/api/v1/products/product.v1.rabl +1 -0
  86. data/app/views/spree/api/v1/products/show.v1.rabl +32 -0
  87. data/app/views/spree/api/v1/promotions/handler.v1.rabl +5 -0
  88. data/app/views/spree/api/v1/promotions/show.v1.rabl +2 -0
  89. data/app/views/spree/api/v1/properties/index.v1.rabl +7 -0
  90. data/app/views/spree/api/v1/properties/new.v1.rabl +2 -0
  91. data/app/views/spree/api/v1/properties/show.v1.rabl +2 -0
  92. data/app/views/spree/api/v1/return_authorizations/index.v1.rabl +7 -0
  93. data/app/views/spree/api/v1/return_authorizations/new.v1.rabl +3 -0
  94. data/app/views/spree/api/v1/return_authorizations/show.v1.rabl +2 -0
  95. data/app/views/spree/api/v1/shared/stock_location_required.v1.rabl +2 -0
  96. data/app/views/spree/api/v1/shipments/big.v1.rabl +48 -0
  97. data/app/views/spree/api/v1/shipments/cannot_ready_shipment.v1.rabl +2 -0
  98. data/app/views/spree/api/v1/shipments/mine.v1.rabl +9 -0
  99. data/app/views/spree/api/v1/shipments/show.v1.rabl +32 -0
  100. data/app/views/spree/api/v1/shipments/small.v1.rabl +37 -0
  101. data/app/views/spree/api/v1/shipping_rates/show.v1.rabl +2 -0
  102. data/app/views/spree/api/v1/states/index.v1.rabl +14 -0
  103. data/app/views/spree/api/v1/states/show.v1.rabl +2 -0
  104. data/app/views/spree/api/v1/stock_items/index.v1.rabl +7 -0
  105. data/app/views/spree/api/v1/stock_items/show.v1.rabl +5 -0
  106. data/app/views/spree/api/v1/stock_locations/index.v1.rabl +7 -0
  107. data/app/views/spree/api/v1/stock_locations/show.v1.rabl +8 -0
  108. data/app/views/spree/api/v1/stock_movements/index.v1.rabl +7 -0
  109. data/app/views/spree/api/v1/stock_movements/show.v1.rabl +5 -0
  110. data/app/views/spree/api/v1/stores/index.v1.rabl +4 -0
  111. data/app/views/spree/api/v1/stores/show.v1.rabl +2 -0
  112. data/app/views/spree/api/v1/taxonomies/index.v1.rabl +7 -0
  113. data/app/views/spree/api/v1/taxonomies/jstree.rabl +8 -0
  114. data/app/views/spree/api/v1/taxonomies/nested.v1.rabl +11 -0
  115. data/app/views/spree/api/v1/taxonomies/new.v1.rabl +3 -0
  116. data/app/views/spree/api/v1/taxonomies/show.v1.rabl +15 -0
  117. data/app/views/spree/api/v1/taxons/index.v1.rabl +12 -0
  118. data/app/views/spree/api/v1/taxons/jstree.rabl +8 -0
  119. data/app/views/spree/api/v1/taxons/new.v1.rabl +3 -0
  120. data/app/views/spree/api/v1/taxons/show.v1.rabl +6 -0
  121. data/app/views/spree/api/v1/taxons/taxons.v1.rabl +5 -0
  122. data/app/views/spree/api/v1/users/index.v1.rabl +7 -0
  123. data/app/views/spree/api/v1/users/new.v1.rabl +3 -0
  124. data/app/views/spree/api/v1/users/show.v1.rabl +10 -0
  125. data/app/views/spree/api/v1/variants/big.v1.rabl +14 -0
  126. data/app/views/spree/api/v1/variants/index.v1.rabl +9 -0
  127. data/app/views/spree/api/v1/variants/new.v1.rabl +2 -0
  128. data/app/views/spree/api/v1/variants/show.v1.rabl +3 -0
  129. data/app/views/spree/api/v1/variants/small.v1.rabl +17 -0
  130. data/app/views/spree/api/v1/zones/index.v1.rabl +7 -0
  131. data/app/views/spree/api/v1/zones/show.v1.rabl +6 -0
  132. data/config/initializers/metal_load_paths.rb +1 -0
  133. data/config/locales/en.yml +27 -0
  134. data/config/routes.rb +128 -0
  135. data/db/migrate/20100107141738_add_api_key_to_spree_users.rb +7 -0
  136. data/db/migrate/20120411123334_resize_api_key_field.rb +7 -0
  137. data/db/migrate/20120530054546_rename_api_key_to_spree_api_key.rb +7 -0
  138. data/db/migrate/20131017162334_add_index_to_user_spree_api_key.rb +7 -0
  139. data/lib/spree/api/controller_setup.rb +20 -0
  140. data/lib/spree/api/engine.rb +35 -0
  141. data/lib/spree/api/responders/rabl_template.rb +30 -0
  142. data/lib/spree/api/responders.rb +11 -0
  143. data/lib/spree/api/testing_support/caching.rb +10 -0
  144. data/lib/spree/api/testing_support/helpers.rb +44 -0
  145. data/lib/spree/api/testing_support/setup.rb +16 -0
  146. data/lib/spree/api.rb +10 -0
  147. data/lib/spree_api.rb +2 -0
  148. data/script/rails +9 -0
  149. data/spec/fixtures/thinking-cat.jpg +0 -0
  150. data/spree_api.gemspec +20 -0
  151. metadata +221 -0
@@ -0,0 +1,51 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class OptionTypesController < Spree::Api::BaseController
5
+ def index
6
+ if params[:ids]
7
+ @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).where(id: params[:ids].split(','))
8
+ else
9
+ @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).load.ransack(params[:q]).result
10
+ end
11
+ respond_with(@option_types)
12
+ end
13
+
14
+ def show
15
+ @option_type = Spree::OptionType.accessible_by(current_ability, :read).find(params[:id])
16
+ respond_with(@option_type)
17
+ end
18
+
19
+ def create
20
+ authorize! :create, Spree::OptionType
21
+ @option_type = Spree::OptionType.new(option_type_params)
22
+ if @option_type.save
23
+ render :show, :status => 201
24
+ else
25
+ invalid_resource!(@option_type)
26
+ end
27
+ end
28
+
29
+ def update
30
+ @option_type = Spree::OptionType.accessible_by(current_ability, :update).find(params[:id])
31
+ if @option_type.update_attributes(option_type_params)
32
+ render :show
33
+ else
34
+ invalid_resource!(@option_type)
35
+ end
36
+ end
37
+
38
+ def destroy
39
+ @option_type = Spree::OptionType.accessible_by(current_ability, :destroy).find(params[:id])
40
+ @option_type.destroy
41
+ render :text => nil, :status => 204
42
+ end
43
+
44
+ private
45
+ def option_type_params
46
+ params.require(:option_type).permit(permitted_option_type_attributes)
47
+ end
48
+ end
49
+ end
50
+ end
51
+ end
@@ -0,0 +1,60 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class OptionValuesController < Spree::Api::BaseController
5
+ def index
6
+ if params[:ids]
7
+ @option_values = scope.where(:id => params[:ids])
8
+ else
9
+ @option_values = scope.ransack(params[:q]).result.distinct
10
+ end
11
+ respond_with(@option_values)
12
+ end
13
+
14
+ def show
15
+ @option_value = scope.find(params[:id])
16
+ respond_with(@option_value)
17
+ end
18
+
19
+ def create
20
+ authorize! :create, Spree::OptionValue
21
+ @option_value = scope.new(option_value_params)
22
+ if @option_value.save
23
+ render :show, :status => 201
24
+ else
25
+ invalid_resource!(@option_value)
26
+ end
27
+ end
28
+
29
+ def update
30
+ @option_value = scope.accessible_by(current_ability, :update).find(params[:id])
31
+ if @option_value.update_attributes(option_value_params)
32
+ render :show
33
+ else
34
+ invalid_resource!(@option_value)
35
+ end
36
+ end
37
+
38
+ def destroy
39
+ @option_value = scope.accessible_by(current_ability, :destroy).find(params[:id])
40
+ @option_value.destroy
41
+ render :text => nil, :status => 204
42
+ end
43
+
44
+ private
45
+
46
+ def scope
47
+ if params[:option_type_id]
48
+ @scope ||= Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability, :read)
49
+ else
50
+ @scope ||= Spree::OptionValue.accessible_by(current_ability, :read).load
51
+ end
52
+ end
53
+
54
+ def option_value_params
55
+ params.require(:option_value).permit(permitted_option_value_attributes)
56
+ end
57
+ end
58
+ end
59
+ end
60
+ end
@@ -0,0 +1,148 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class OrdersController < Spree::Api::BaseController
5
+ skip_before_action :authenticate_user, only: :apply_coupon_code
6
+
7
+ before_action :find_order, except: [:create, :mine, :current, :index, :update]
8
+
9
+ # Dynamically defines our stores checkout steps to ensure we check authorization on each step.
10
+ Order.checkout_steps.keys.each do |step|
11
+ define_method step do
12
+ find_order
13
+ authorize! :update, @order, params[:token]
14
+ end
15
+ end
16
+
17
+ def cancel
18
+ authorize! :update, @order, params[:token]
19
+ @order.canceled_by(current_api_user)
20
+ respond_with(@order, default_template: :show)
21
+ end
22
+
23
+ def approve
24
+ authorize! :approve, @order, params[:token]
25
+ @order.approved_by(current_api_user)
26
+ respond_with(@order, default_template: :show)
27
+ end
28
+
29
+ def create
30
+ authorize! :create, Spree::Order
31
+ if can?(:admin, Spree::Order)
32
+
33
+ order_user = if @current_user_roles.include?('admin') && order_params[:user_id]
34
+ Spree.user_class.find(order_params[:user_id])
35
+ else
36
+ current_api_user
37
+ end
38
+
39
+ import_params = if @current_user_roles.include?("admin")
40
+ params[:order].present? ? params[:order].permit! : {}
41
+ else
42
+ order_params
43
+ end
44
+
45
+ @order = Spree::Core::Importer::Order.import(order_user, import_params)
46
+
47
+ respond_with(@order, default_template: :show, status: 201)
48
+ else
49
+ @order = Spree::Order.create!(user: current_api_user, store: current_store)
50
+ if @order.contents.update_cart(order_params)
51
+ respond_with(@order, default_template: :show, status: 201)
52
+ else
53
+ invalid_resource!(@order)
54
+ end
55
+ end
56
+ end
57
+
58
+ def empty
59
+ authorize! :update, @order, order_token
60
+ @order.empty!
61
+ render text: nil, status: 204
62
+ end
63
+
64
+ def index
65
+ authorize! :index, Order
66
+ @orders = Order.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
67
+ respond_with(@orders)
68
+ end
69
+
70
+ def show
71
+ authorize! :show, @order, order_token
72
+ respond_with(@order)
73
+ end
74
+
75
+ def update
76
+ find_order(true)
77
+ authorize! :update, @order, order_token
78
+
79
+ if @order.contents.update_cart(order_params)
80
+ user_id = params[:order][:user_id]
81
+ if current_api_user.has_spree_role?('admin') && user_id
82
+ @order.associate_user!(Spree.user_class.find(user_id))
83
+ end
84
+ respond_with(@order, default_template: :show)
85
+ else
86
+ invalid_resource!(@order)
87
+ end
88
+ end
89
+
90
+ def current
91
+ @order = find_current_order
92
+ if @order
93
+ respond_with(@order, default_template: :show, locals: { root_object: @order })
94
+ else
95
+ head :no_content
96
+ end
97
+ end
98
+
99
+ def mine
100
+ if current_api_user.persisted?
101
+ @orders = current_api_user.orders.reverse_chronological.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
102
+ else
103
+ render "spree/api/errors/unauthorized", status: :unauthorized
104
+ end
105
+ end
106
+
107
+ def apply_coupon_code
108
+ find_order
109
+ authorize! :update, @order, order_token
110
+ @order.coupon_code = params[:coupon_code]
111
+ @handler = PromotionHandler::Coupon.new(@order).apply
112
+ status = @handler.successful? ? 200 : 422
113
+ render "spree/api/v1/promotions/handler", status: status
114
+ end
115
+
116
+ private
117
+ def order_params
118
+ if params[:order]
119
+ normalize_params
120
+ params.require(:order).permit(permitted_order_attributes)
121
+ else
122
+ {}
123
+ end
124
+ end
125
+
126
+ def normalize_params
127
+ params[:order][:payments_attributes] = params[:order].delete(:payments) if params[:order][:payments]
128
+ params[:order][:shipments_attributes] = params[:order].delete(:shipments) if params[:order][:shipments]
129
+ params[:order][:line_items_attributes] = params[:order].delete(:line_items) if params[:order][:line_items]
130
+ params[:order][:ship_address_attributes] = params[:order].delete(:ship_address) if params[:order][:ship_address]
131
+ params[:order][:bill_address_attributes] = params[:order].delete(:bill_address) if params[:order][:bill_address]
132
+ end
133
+
134
+ def find_order(lock = false)
135
+ @order = Spree::Order.lock(lock).friendly.find(params[:id])
136
+ end
137
+
138
+ def find_current_order
139
+ current_api_user ? current_api_user.orders.incomplete.order(:created_at).last : nil
140
+ end
141
+
142
+ def order_id
143
+ super || params[:id]
144
+ end
145
+ end
146
+ end
147
+ end
148
+ end
@@ -0,0 +1,83 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class PaymentsController < Spree::Api::BaseController
5
+
6
+ before_action :find_order
7
+ before_action :find_payment, only: [:update, :show, :authorize, :purchase, :capture, :void]
8
+
9
+ def index
10
+ @payments = @order.payments.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
11
+ respond_with(@payments)
12
+ end
13
+
14
+ def new
15
+ @payment_methods = Spree::PaymentMethod.available
16
+ respond_with(@payment_methods)
17
+ end
18
+
19
+ def create
20
+ @order.validate_payments_attributes([payment_params])
21
+ @payment = @order.payments.build(payment_params)
22
+ if @payment.save
23
+ respond_with(@payment, status: 201, default_template: :show)
24
+ else
25
+ invalid_resource!(@payment)
26
+ end
27
+ end
28
+
29
+ def update
30
+ authorize! params[:action], @payment
31
+ if !@payment.editable?
32
+ render 'update_forbidden', status: 403
33
+ elsif @payment.update_attributes(payment_params)
34
+ respond_with(@payment, default_template: :show)
35
+ else
36
+ invalid_resource!(@payment)
37
+ end
38
+ end
39
+
40
+ def show
41
+ respond_with(@payment)
42
+ end
43
+
44
+ def authorize
45
+ perform_payment_action(:authorize)
46
+ end
47
+
48
+ def capture
49
+ perform_payment_action(:capture)
50
+ end
51
+
52
+ def purchase
53
+ perform_payment_action(:purchase)
54
+ end
55
+
56
+ def void
57
+ perform_payment_action(:void_transaction)
58
+ end
59
+
60
+ private
61
+
62
+ def find_order
63
+ @order = Spree::Order.friendly.find(order_id)
64
+ authorize! :read, @order, order_token
65
+ end
66
+
67
+ def find_payment
68
+ @payment = @order.payments.friendly.find(params[:id])
69
+ end
70
+
71
+ def perform_payment_action(action, *args)
72
+ authorize! action, Payment
73
+ @payment.send("#{action}!", *args)
74
+ respond_with(@payment, default_template: :show)
75
+ end
76
+
77
+ def payment_params
78
+ params.require(:payment).permit(permitted_payment_attributes)
79
+ end
80
+ end
81
+ end
82
+ end
83
+ end
@@ -0,0 +1,70 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class ProductPropertiesController < Spree::Api::BaseController
5
+ before_action :find_product
6
+ before_action :product_property, only: [:show, :update, :destroy]
7
+
8
+ def index
9
+ @product_properties = @product.product_properties.accessible_by(current_ability, :read).
10
+ ransack(params[:q]).result.
11
+ page(params[:page]).per(params[:per_page])
12
+ respond_with(@product_properties)
13
+ end
14
+
15
+ def show
16
+ respond_with(@product_property)
17
+ end
18
+
19
+ def new
20
+ end
21
+
22
+ def create
23
+ authorize! :create, ProductProperty
24
+ @product_property = @product.product_properties.new(product_property_params)
25
+ if @product_property.save
26
+ respond_with(@product_property, status: 201, default_template: :show)
27
+ else
28
+ invalid_resource!(@product_property)
29
+ end
30
+ end
31
+
32
+ def update
33
+ authorize! :update, @product_property
34
+
35
+ if @product_property.update_attributes(product_property_params)
36
+ respond_with(@product_property, status: 200, default_template: :show)
37
+ else
38
+ invalid_resource!(@product_property)
39
+ end
40
+ end
41
+
42
+ def destroy
43
+ authorize! :destroy, @product_property
44
+ @product_property.destroy
45
+ respond_with(@product_property, status: 204)
46
+ end
47
+
48
+ private
49
+
50
+ def find_product
51
+ @product = super(params[:product_id])
52
+ authorize! :read, @product
53
+ end
54
+
55
+ def product_property
56
+ if @product
57
+ @product_property ||= @product.product_properties.find_by(id: params[:id])
58
+ @product_property ||= @product.product_properties.includes(:property).where(spree_properties: { name: params[:id] }).first
59
+ fail ActiveRecord::RecordNotFound unless @product_property
60
+ authorize! :read, @product_property
61
+ end
62
+ end
63
+
64
+ def product_property_params
65
+ params.require(:product_property).permit(permitted_product_properties_attributes)
66
+ end
67
+ end
68
+ end
69
+ end
70
+ end
@@ -0,0 +1,126 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class ProductsController < Spree::Api::BaseController
5
+
6
+ def index
7
+ if params[:ids]
8
+ @products = product_scope.where(id: params[:ids].split(",").flatten)
9
+ else
10
+ @products = product_scope.ransack(params[:q]).result
11
+ end
12
+
13
+ @products = @products.distinct.page(params[:page]).per(params[:per_page])
14
+ expires_in 15.minutes, :public => true
15
+ headers['Surrogate-Control'] = "max-age=#{15.minutes}"
16
+ respond_with(@products)
17
+ end
18
+
19
+ def show
20
+ @product = find_product(params[:id])
21
+ expires_in 15.minutes, :public => true
22
+ headers['Surrogate-Control'] = "max-age=#{15.minutes}"
23
+ headers['Surrogate-Key'] = "product_id=1"
24
+ respond_with(@product)
25
+ end
26
+
27
+ # Takes besides the products attributes either an array of variants or
28
+ # an array of option types.
29
+ #
30
+ # By submitting an array of variants the option types will be created
31
+ # using the *name* key in options hash. e.g
32
+ #
33
+ # product: {
34
+ # ...
35
+ # variants: {
36
+ # price: 19.99,
37
+ # sku: "hey_you",
38
+ # options: [
39
+ # { name: "size", value: "small" },
40
+ # { name: "color", value: "black" }
41
+ # ]
42
+ # }
43
+ # }
44
+ #
45
+ # Or just pass in the option types hash:
46
+ #
47
+ # product: {
48
+ # ...
49
+ # option_types: ['size', 'color']
50
+ # }
51
+ #
52
+ # By passing the shipping category name you can fetch or create that
53
+ # shipping category on the fly. e.g.
54
+ #
55
+ # product: {
56
+ # ...
57
+ # shipping_category: "Free Shipping Items"
58
+ # }
59
+ #
60
+ def create
61
+ authorize! :create, Product
62
+ params[:product][:available_on] ||= Time.current
63
+ set_up_shipping_category
64
+
65
+ options = { variants_attrs: variants_params, options_attrs: option_types_params }
66
+ @product = Core::Importer::Product.new(nil, product_params, options).create
67
+
68
+ if @product.persisted?
69
+ respond_with(@product, :status => 201, :default_template => :show)
70
+ else
71
+ invalid_resource!(@product)
72
+ end
73
+ end
74
+
75
+ def update
76
+ @product = find_product(params[:id])
77
+ authorize! :update, @product
78
+
79
+ options = { variants_attrs: variants_params, options_attrs: option_types_params }
80
+ @product = Core::Importer::Product.new(@product, product_params, options).update
81
+
82
+ if @product.errors.empty?
83
+ respond_with(@product.reload, :status => 200, :default_template => :show)
84
+ else
85
+ invalid_resource!(@product)
86
+ end
87
+ end
88
+
89
+ def destroy
90
+ @product = find_product(params[:id])
91
+ authorize! :destroy, @product
92
+ @product.destroy
93
+ respond_with(@product, :status => 204)
94
+ end
95
+
96
+ private
97
+ def product_params
98
+ params.require(:product).permit(permitted_product_attributes)
99
+ end
100
+
101
+ def variants_params
102
+ variants_key = if params[:product].has_key? :variants
103
+ :variants
104
+ else
105
+ :variants_attributes
106
+ end
107
+
108
+ params.require(:product).permit(
109
+ variants_key => [permitted_variant_attributes, :id],
110
+ ).delete(variants_key) || []
111
+ end
112
+
113
+ def option_types_params
114
+ params[:product].fetch(:option_types, [])
115
+ end
116
+
117
+ def set_up_shipping_category
118
+ if shipping_category = params[:product].delete(:shipping_category)
119
+ id = ShippingCategory.find_or_create_by(name: shipping_category).id
120
+ params[:product][:shipping_category_id] = id
121
+ end
122
+ end
123
+ end
124
+ end
125
+ end
126
+ end
@@ -0,0 +1,28 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class PromotionsController < Spree::Api::BaseController
5
+ before_action :requires_admin
6
+ before_action :load_promotion
7
+
8
+ def show
9
+ if @promotion
10
+ respond_with(@promotion, default_template: :show)
11
+ else
12
+ raise ActiveRecord::RecordNotFound
13
+ end
14
+ end
15
+
16
+ private
17
+ def requires_admin
18
+ return if @current_user_roles.include?("admin")
19
+ unauthorized and return
20
+ end
21
+
22
+ def load_promotion
23
+ @promotion = Spree::Promotion.find_by_id(params[:id]) || Spree::Promotion.with_coupon_code(params[:id])
24
+ end
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,72 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class PropertiesController < Spree::Api::BaseController
5
+
6
+ before_action :find_property, only: [:show, :update, :destroy]
7
+
8
+ def index
9
+ @properties = Spree::Property.accessible_by(current_ability, :read)
10
+
11
+ if params[:ids]
12
+ @properties = @properties.where(id: params[:ids].split(",").flatten)
13
+ else
14
+ @properties = @properties.ransack(params[:q]).result
15
+ end
16
+
17
+ @properties = @properties.page(params[:page]).per(params[:per_page])
18
+ respond_with(@properties)
19
+ end
20
+
21
+ def show
22
+ respond_with(@property)
23
+ end
24
+
25
+ def new
26
+ end
27
+
28
+ def create
29
+ authorize! :create, Property
30
+ @property = Spree::Property.new(property_params)
31
+ if @property.save
32
+ respond_with(@property, status: 201, default_template: :show)
33
+ else
34
+ invalid_resource!(@property)
35
+ end
36
+ end
37
+
38
+ def update
39
+ if @property
40
+ authorize! :update, @property
41
+ @property.update_attributes(property_params)
42
+ respond_with(@property, status: 200, default_template: :show)
43
+ else
44
+ invalid_resource!(@property)
45
+ end
46
+ end
47
+
48
+ def destroy
49
+ if @property
50
+ authorize! :destroy, @property
51
+ @property.destroy
52
+ respond_with(@property, status: 204)
53
+ else
54
+ invalid_resource!(@property)
55
+ end
56
+ end
57
+
58
+ private
59
+
60
+ def find_property
61
+ @property = Spree::Property.accessible_by(current_ability, :read).find(params[:id])
62
+ rescue ActiveRecord::RecordNotFound
63
+ @property = Spree::Property.accessible_by(current_ability, :read).find_by!(name: params[:id])
64
+ end
65
+
66
+ def property_params
67
+ params.require(:property).permit(permitted_property_attributes)
68
+ end
69
+ end
70
+ end
71
+ end
72
+ end