shopify_api 4.9.0 → 6.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: fff80db1065be0d32a1762d81992769fc9cde8b6
-  data.tar.gz: 2a00b35496dcffdb72d0788c5b4bd18b90bee947
+SHA256:
+  metadata.gz: 7b0ab297c1e32ac84d673b04ddf366cc5f9d43f2eb6f060d70e5d1fcc7c8736f
+  data.tar.gz: 99a2583bf370e73c85f2b71c4b6e99f1ac2e37db2a628a30dcbed346c29bdf8a
 SHA512:
-  metadata.gz: 4d53f0ae3e229f88800e277b83c4434228b1118f39627794b62868b37a4236deb626c295ee01557e10867b7070dd227a0fc1d1429201ecff203aabb2cb80ae24
-  data.tar.gz: 259547ebef03ae4f739ea2e7489ce0f01b8d03726037d8648c69321d8f640847872ee7b8ca27ed6c0c27ff7e4f529a04fdf35947a7b7a927a06aa05d9be5fa37
+  metadata.gz: 94e653b2a765e962ba1f4c360308bab8a66bb32b8fe487def7ef9880c4b972f934f280fce5805a7f5dcdea60b2a591c0ff4ea87dff04ce6334d490506155aa5a
+  data.tar.gz: 13701b452c87df0a9fb4054857f37d5821b63bb0ee8e467556bc8bb1d5beeae0712ec2457462567a45a715bc8b5a60d68aad8811385d9353e61779bec68bf060

data/.github/CODEOWNERS

@@ -0,0 +1 @@
+*       @shopify/platform-dev-tools-education

data/.github/probots.yml

@@ -0,0 +1,2 @@
+enabled:
+  - cla

data/.gitignore

@@ -6,5 +6,8 @@ doc
 pkg
 .ruby-version
 *.lock
+*.gem
 .idea
 .dev/
+.bundle/
+vendor/

data/.rubocop.yml

@@ -0,0 +1,8 @@
+inherit_from:
+  - https://shopify.github.io/ruby-style-guide/rubocop.yml
+
+AllCops:
+  TargetRubyVersion: 2.4
+
+Rails:
+  Enabled: false

data/.travis.yml

@@ -2,7 +2,6 @@ language: ruby
 sudo: false
 
 rvm:
-  - '2.0'
   - 2.3.1
   - 2.4.0-preview1
 
@@ -15,9 +14,6 @@ gemfile:
   - Gemfile_ar_master
 
 matrix:
-  exclude:
-    - rvm: '2.0'
-      gemfile: Gemfile_ar_master
   fast_finish: true
   allow_failures:
     - rvm: 2.4.0-preview1

data/CHANGELOG

@@ -1,3 +1,70 @@
+== Version 6.0.0
+
+* Removed undocumented `protocol` and `port` options from `ShopifyAPI::Session`.
+
+== Version 5.2.4
+
+* Added `currency` parameter to `ShopifyAPI::Order#capture`. This parameter is required for apps that belong to the
+multi-currency beta program.
+
+== Version 5.2.3
+
+* Update delivery confirmation resource to delivery confirmation details resource.
+
+== Version 5.2.2
+
+* Add delivery confirmation endpoint to Ping resources.
+
+== Version 5.2.1
+
+* Log warning when Shopify indicates deprecated API call was performed
+
+== Version 5.2.0
+
+* Added `ShopifyAPI::Currency` to fetch list of supported currencies on a shop
+* Added `ShopifyAPI::TenderTransaction` to fetch list of transactions on a shop
+* Fixed bug with X-Shopify-Checkout-Version on ShopifyAPI::Checkout header being applied to all requests
+
+== Version 5.1.0
+
+* Added `ShopifyAPI::Publications`
+* Added `ShopifyAPI::ProductPublications`
+* Added `ShopifyAPI::CollectionPublications`
+* Added support for new collection products endpoint from `ShopifyAPI::Collection#products`
+
+== Version 5.0.0
+
+* Breaking change: `ShopifyAPI::Checkout` now maps to the Checkout API, rather than the Abandoned Checkouts API
+  * See the README for more details
+* Added `ShopifyAPI::AbandonedCheckout`
+* Added support for X-Shopify-Checkout-Version header on `ShopifyAPI::Checkout`
+* Added `ShopifyAPI::ShippingRate`
+* Added `ShopifyAPI::Payment`
+* Added support for `Checkout::complete` endpoint
+* Fixed session handling support for Rails 5.2.1
+
+== Version 4.13.0
+* Added `ShopifyAPI::ApiPermission` resource for uninstalling an application
+* Added a deprecation warning to `ShopifyAPI::OAuth`
+
+== Version 4.12.0
+
+* Added support for the GraphQL API
+
+== Version 4.11.0
+
+* Added `ShopifyAPI::InventoryItem`
+* Added `ShopifyAPI::InventoryLevel`
+* Added `#inventory_levels` method to `ShopifyAPI::Location`
+
+== Version 4.10.0
+
+* Added `ShopifyAPI::AccessScope`
+
+== Version 4.9.1
+
+* Fix a bug with custom properties for orders
+
 == Version 4.9.0
 
 * Added `ShopifyAPI::PriceRule`

data/README.md

@@ -10,6 +10,13 @@ The Shopify API gem allows Ruby developers to programmatically access the admin
 
 The API is implemented as JSON over HTTP using all four verbs (GET/POST/PUT/DELETE). Each resource, like Order, Product, or Collection, has its own URL and is manipulated in isolation. In other words, we’ve tried to make the API follow the REST principles as much as possible.
 
+## ⚠️ Breaking change notice for version 5.0.0 ⚠️
+The [Abandoned Checkout API](https://help.shopify.com/en/api/reference/orders/abandoned_checkouts) is now accessed through the `ShopifyAPI::AbandonedCheckout` resource. If you were previously accessing the Abandoned Checkout API through the `ShopifyAPI::Checkout` resource, you will need to update your code after upgrading from version 4.x.x or earlier.
+
+Going forward, the `ShopifyAPI::Checkout` resource is used to access the [Checkout API](https://help.shopify.com/en/api/reference/sales_channels/checkout), which can be used to create new checkouts.
+
+For more details, [please see this issue](https://github.com/Shopify/shopify_api/issues/471).
+
 ## Usage
 
 ### Requirements
@@ -19,7 +26,7 @@ All API usage happens through Shopify applications, created by either shop owner
 * Shop owners can create applications for themselves through their own admin: https://docs.shopify.com/api/authentication/creating-a-private-app
 * Shopify Partners create applications through their admin: http://app.shopify.com/services/partners
 
-For more information and detailed documentation about the API visit http://api.shopify.com
+For more information and detailed documentation about the API visit https://developers.shopify.com/
 
 #### Ruby version
 
@@ -39,15 +46,6 @@ Or install via [gem](http://rubygems.org/)
 gem install shopify_api
 ```
 
-#### Rails 5
-
-shopify_api is compatible with Rails 5 but since the latest ActiveResource release (4.1) is locked on Rails 4.x, you'll need to use the unreleased master version:
-
-```ruby
-gem 'shopify_api'
-gem 'activeresource', github: 'rails/activeresource'
-```
-
 ### Getting Started
 
 ShopifyAPI uses ActiveResource to communicate with the REST web service. ActiveResource has to be configured with a fully authorized URL of a particular store first. To obtain that URL you can follow these steps:
@@ -90,20 +88,20 @@ ShopifyAPI uses ActiveResource to communicate with the REST web service. ActiveR
    We've added the create_permission_url method to make this easier, first instantiate your session object:
 
    ```ruby
-   session = ShopifyAPI::Session.new("SHOP_NAME.myshopify.com")
+   shopify_session = ShopifyAPI::Session.new("SHOP_NAME.myshopify.com")
    ```
 
    Then call:
 
    ```ruby
    scope = ["write_products"]
-   permission_url = session.create_permission_url(scope)
+   permission_url = shopify_session.create_permission_url(scope)
    ```
 
    or if you want a custom redirect_uri:
 
    ```ruby
-   permission_url = session.create_permission_url(scope, "https://my_redirect_uri.com")
+   permission_url = shopify_session.create_permission_url(scope, "https://my_redirect_uri.com")
    ```
 
 4. Once authorized, the shop redirects the owner to the return URL of your application with a parameter named 'code'. This is a temporary token that the app can exchange for a permanent access token.
@@ -133,37 +131,37 @@ ShopifyAPI uses ActiveResource to communicate with the REST web service. ActiveR
    the params, extract the temp code and then request your token:
 
    ```ruby
-   token = session.request_token(params)
+   token = shopify_session.request_token(params)
    ```
 
    This method will save the token to the session object and return it. All fields returned by Shopify, other than the access token itself, are stored in the session's `extra` attribute. For a list of all fields returned by Shopify, read [our OAuth documentation](https://help.shopify.com/api/guides/authentication/oauth#confirming-installation). If you requested an access token that is associated with a specific user, you can retreive information about this user from the `extra` hash:
 
    ```ruby
    # a list of all granted scopes
-   granted_scopes = session.extra['scope']
+   granted_scopes = shopify_session.extra['scope']
    # a hash containing the user information
-   user = session.extra['associated_user']
+   user = shopify_session.extra['associated_user']
    # the access scopes available to this user, which may be a subset of the access scopes granted to this app.
-   active_scopes = session.extra['associated_user_scope']
+   active_scopes = shopify_session.extra['associated_user_scope']
    # the time at which this token expires; this is automatically converted from 'expires_in' returned by Shopify
-   expires_at = session.extra['expires_at']
+   expires_at = shopify_session.extra['expires_at']
    ```
 
    For the security of your application, after retrieving an access token you must validate the following:
-   1) The list of scopes in `session.extra['scope']` is the same as you requested.
-   2) If you requested an online-mode access token, `session.extra['associated_user']` must be present.
+   1) The list of scopes in `shopify_session.extra['scope']` is the same as you requested.
+   2) If you requested an online-mode access token, `shopify_session.extra['associated_user']` must be present.
    Failing either of these tests means the end-user may have tampered with the url parameters during the OAuth authentication phase. You should avoid using this access token and revoke it immediately. If you use the [`omniauth-shopify-oauth2`](https://github.com/Shopify/omniauth-shopify-oauth2) gem these checks are done automatically for you.
 
    For future sessions simply pass in the `token` and `extra` hash (optional) when creating the session object:
 
    ```ruby
-   session = ShopifyAPI::Session.new("SHOP_NAME.myshopify.com", token, extra)
+   shopify_session = ShopifyAPI::Session.new("SHOP_NAME.myshopify.com", token, extra)
    ```
 
 5. The session must be activated before use:
 
    ```ruby
-   ShopifyAPI::Base.activate_session(session)
+   ShopifyAPI::Base.activate_session(shopify_session)
    ```
 
 6. Now you're ready to make authorized API requests to your shop! Data is returned as ActiveResource instances:
@@ -230,6 +228,30 @@ gem install shopify_cli
    shopify-cli help
    ```
 
+## GraphQL
+
+This library also supports Shopify's new [GraphQL API](https://help.shopify.com/api/graphql-admin-api)
+via a dependency on the [graphql-client](https://github.com/github/graphql-client) gem.
+The authentication process (steps 1-5 under [Getting Started](#getting-started))
+is identical. Once your session is activated, simply construct a new graphql
+client and use `parse` and `query` as defined by
+[graphql-client](https://github.com/github/graphql-client#defining-queries).
+
+```ruby
+client = ShopifyAPI::GraphQL.new
+
+SHOP_NAME_QUERY = client.parse <<-'GRAPHQL'
+  {
+    shop {
+      name
+    }
+  }
+GRAPHQL
+
+result = client.query(SHOP_NAME_QUERY)
+result.data.shop.name
+```
+
 ## Threadsafety
 
 ActiveResource is threadsafe as of version 4.1 (which works with Rails 4.x and above).
@@ -241,14 +263,14 @@ If you were previously using Shopify's [activeresource fork](https://github.com/
 Download the source code and run:
 
 ```bash
-rake install
+bundle install
+bundle exec rake test
 ```
 
 ## Additional Resources
 
-API Docs: https://help.shopify.com/api/reference
-
-Ask questions on the forums: http://ecommerce.shopify.com/c/shopify-apis-and-technology
+* [API Reference](https://help.shopify.com/api/reference)
+* [Ask questions on the forums](http://ecommerce.shopify.com/c/shopify-apis-and-technology)
 
 ## Copyright
 

data/lib/active_resource/detailed_log_subscriber.rb

@@ -1,6 +1,17 @@
 module ActiveResource
   class DetailedLogSubscriber < ActiveSupport::LogSubscriber
     def request(event)
+      log_request_response_details(event)
+      warn_on_deprecated_header(event)
+    end
+
+    def logger
+      ActiveResource::Base.logger
+    end
+
+    private
+
+    def log_request_response_details(event)
       data = event.payload[:data]
       headers = data.extract_options!
       request_body = data.first
@@ -10,8 +21,20 @@ module ActiveResource
       info "Response:\n#{event.payload[:response].body}"
     end
 
-    def logger
-      ActiveResource::Base.logger
+    def warn_on_deprecated_header(event)
+      payload = event.payload
+
+      payload[:response].each do |header_name, header_value|
+        case header_name.downcase
+        when 'x-shopify-api-deprecated-reason'
+          warning_message = <<~MSG
+            [DEPRECATED] ShopifyAPI made a call to #{payload[:method].upcase} #{payload[:path]}, and this call made
+            use of a deprecated endpoint, behaviour, or parameter. See #{header_value} for more details.
+          MSG
+
+          warn warning_message
+        end
+      end
     end
   end
 end

data/lib/shopify_api/connection.rb

@@ -13,15 +13,17 @@ module ShopifyAPI
     module RequestNotification
       def request(method, path, *arguments)
         super.tap do |response|
-          notify_about_request(response, arguments)
+          notify_about_request(method, path, response, arguments)
         end
       rescue => e
-        notify_about_request(e.response, arguments) if e.respond_to?(:response)
+        notify_about_request(method, path, e.response, arguments) if e.respond_to?(:response)
         raise
       end
 
-      def notify_about_request(response, arguments)
+      def notify_about_request(method, path, response, arguments)
         ActiveSupport::Notifications.instrument("request.active_resource_detailed") do |payload|
+          payload[:method]   = method
+          payload[:path]     = path
           payload[:response] = response
           payload[:data]     = arguments
         end

data/lib/shopify_api/limits.rb

@@ -39,8 +39,7 @@ module ShopifyAPI
       # @return {Integer}
       #
       def credit_limit(scope=:shop)
-        @api_credit_limit ||= {}
-        @api_credit_limit[scope] ||= api_credit_limit_param(scope).pop.to_i - 1
+        api_credit_limit_param(scope).pop.to_i - 1
       end
       alias_method :call_limit, :credit_limit
 

data/lib/shopify_api/resources/abandoned_checkout.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module ShopifyAPI
+  class AbandonedCheckout < Base
+    self.element_name = "checkout"
+  end
+end

data/lib/shopify_api/resources/access_scope.rb

@@ -0,0 +1,5 @@
+module ShopifyAPI
+  class AccessScope < Base
+    self.prefix = '/admin/oauth/'
+  end
+end

data/lib/shopify_api/resources/api_permission.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module ShopifyAPI
+  class ApiPermission < Base
+    def self.destroy
+      delete(:current)
+    end
+  end
+end

data/lib/shopify_api/resources/asset.rb

@@ -42,7 +42,7 @@ module ShopifyAPI
       prefix_options, query_options = split_options(prefix_options) if query_options.nil?
       "#{prefix(prefix_options)}#{collection_name}.#{format.extension}#{query_string(query_options)}"
     end
-    
+
     # find an asset by key:
     #   ShopifyAPI::Asset.find('layout/theme.liquid', :params => {:theme_id => 99})
     def self.find(*args)
@@ -57,7 +57,7 @@ module ShopifyAPI
         resource
       end
     end
-    
+
     # For text assets, Shopify returns the data in the 'value' attribute.
     # For binary assets, the data is base-64-encoded and returned in the
     # 'attachment' attribute. This accessor returns the data in both cases.
@@ -65,28 +65,28 @@ module ShopifyAPI
       attributes['value'] ||
       (attributes['attachment'] ? Base64.decode64(attributes['attachment']) : nil)
     end
-    
+
     def attach(data)
       self.attachment = Base64.encode64(data)
     end
-    
+
     def destroy
       connection.delete(element_path(prefix_options.merge(:asset => {:key => key})), self.class.headers)
     end
-    
+
     def new?
       false
     end
-    
+
     def method_missing(method_symbol, *arguments) #:nodoc:
       if %w{value= attachment= src= source_key=}.include?(method_symbol)
         wipe_value_attributes
       end
       super
     end
-    
+
     private
-    
+
     def wipe_value_attributes
       %w{value attachment src source_key}.each do |attr|
         attributes.delete(attr)

data/lib/shopify_api/resources/billing_address.rb

@@ -1,4 +1,4 @@
 module ShopifyAPI
   class BillingAddress < Base
-  end         
+  end
 end