shopify_api 6.0.0 → 7.0.0

data/lib/shopify_api/limits.rb

@@ -7,14 +7,14 @@ module ShopifyAPI
     end
 
     module ClassMethods
-
-      # Takes form num_requests_executed/max_requests
-      # Eg: 101/3000
+      # Takes form <call count>/<bucket size>
+      # See https://help.shopify.com/en/api/getting-started/api-call-limit
+      # Eg: 2/40
       CREDIT_LIMIT_HEADER_PARAM = {
-        :shop => 'http_x_shopify_shop_api_call_limit'
+        shop: 'X-Shopify-Shop-Api-Call-Limit',
       }
 
-        ##
+      ##
       # How many more API calls can I make?
       # @return {Integer}
       #

data/lib/shopify_api/resources/access_scope.rb

@@ -1,5 +1,10 @@
+# frozen_string_literal: true
 module ShopifyAPI
   class AccessScope < Base
-    self.prefix = '/admin/oauth/'
+    class << self
+      def prefix(_options={})
+        '/admin/oauth/'
+      end
+    end
   end
 end

data/lib/shopify_api/resources/asset.rb

@@ -10,24 +10,24 @@ module ShopifyAPI
   #
   # Initialize with a key:
   #   asset = ShopifyAPI::Asset.new(:key => 'assets/special.css', :theme_id => 12345)
-  # 
+  #
   # Find by key:
   #   asset = ShopifyAPI::Asset.find('assets/image.png', :params => {:theme_id => 12345})
-  # 
+  #
   # Get the text or binary value:
   #   asset.value # decodes from attachment attribute if necessary
-  # 
+  #
   # You can provide new data for assets in a few different ways:
-  # 
+  #
   #   * assign text data for the value directly:
   #       asset.value = "div.special {color:red;}"
-  #     
+  #
   #   * provide binary data for the value:
   #       asset.attach(File.read('image.png'))
-  #     
+  #
   #   * set a URL from which Shopify will fetch the value:
   #       asset.src = "http://mysite.com/image.png"
-  #     
+  #
   #   * set a source key of another of your assets from which
   #     the value will be copied:
   #       asset.source_key = "assets/another_image.png"
@@ -44,15 +44,19 @@ module ShopifyAPI
     end
 
     # find an asset by key:
-    #   ShopifyAPI::Asset.find('layout/theme.liquid', :params => {:theme_id => 99})
+    #   ShopifyAPI::Asset.find('layout/theme.liquid', :params => { theme_id: 99 })
     def self.find(*args)
       if args[0].is_a?(Symbol)
         super
       else
-        params = {:asset => {:key => args[0]}}
+        params = { asset: { key: args[0] } }
         params = params.merge(args[1][:params]) if args[1] && args[1][:params]
-        path_prefix = params[:theme_id] ? "/admin/themes/#{params[:theme_id]}" : "/admin"
-        resource = find(:one, :from => "#{path_prefix}/assets.#{format.extension}", :params => params)
+        path_prefix = params[:theme_id] ? "themes/#{params[:theme_id]}/" : ""
+        resource = find(
+          :one,
+          from: api_version.construct_api_path("#{path_prefix}assets.#{format.extension}"),
+          params: params
+        )
         resource.prefix_options[:theme_id] = params[:theme_id] if resource && params[:theme_id]
         resource
       end

data/lib/shopify_api/resources/base.rb

@@ -4,6 +4,7 @@ module ShopifyAPI
   class Base < ActiveResource::Base
     class InvalidSessionError < StandardError; end
     extend Countable
+
     self.timeout = 90
     self.include_root_in_json = false
     self.headers['User-Agent'] = ["ShopifyAPI/#{ShopifyAPI::VERSION}",
@@ -28,6 +29,8 @@ module ShopifyAPI
     end
 
     class << self
+      threadsafe_attribute(:_api_version)
+
       if ActiveResource::Base.respond_to?(:_headers) && ActiveResource::Base.respond_to?(:_headers_defined?)
         def headers
           if _headers_defined?
@@ -54,21 +57,80 @@ module ShopifyAPI
         raise InvalidSessionError.new("Session cannot be nil") if session.nil?
         self.site = session.site
         self.headers.merge!('X-Shopify-Access-Token' => session.token)
+        self.api_version = session.api_version
       end
 
       def clear_session
         self.site = nil
         self.password = nil
         self.user = nil
+        self.api_version = nil
         self.headers.delete('X-Shopify-Access-Token')
       end
 
+      def api_version
+        if _api_version_defined?
+          _api_version
+        elsif superclass != Object && superclass.site
+          superclass.api_version.dup.freeze
+        end
+      end
+
+      def api_version=(value)
+        self._api_version = value
+      end
+
+      def prefix(options = {})
+        api_version.construct_api_path(resource_prefix(options))
+      end
+
+      def prefix_source
+        ''
+      end
+
+      def resource_prefix(_options = {})
+        ''
+      end
+
+      # Sets the \prefix for a resource's nested URL (e.g., <tt>prefix/collectionname/1.json</tt>).
+      # Default value is <tt>site.path</tt>.
+      def resource_prefix=(value)
+        @prefix_parameters = nil
+
+        resource_prefix_call = value.gsub(/:\w+/) { |key| "\#{URI.parser.escape options[#{key}].to_s}" }
+
+        silence_warnings do
+          # Redefine the new methods.
+          instance_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1
+            def prefix_source() "#{value}" end
+            def resource_prefix(options={}) "#{resource_prefix_call}" end
+          RUBY_EVAL
+        end
+      rescue => e
+        logger&.error("Couldn't set prefix: #{e}\n  #{code}")
+        raise
+      end
+
+      def prefix=(value)
+        if value.start_with?('/admin')
+          raise ArgumentError, "'#{value}' can no longer start /admin/. Change to using resource_prefix="
+        end
+
+        warn(
+          '[DEPRECATED] ShopifyAPI::Base#prefix= is deprecated and will be removed in a future version. ' \
+            'Use `self.resource_prefix=` instead.'
+        )
+        self.resource_prefix = value
+      end
+
+      alias_method :set_prefix, :prefix=
+
       def init_prefix(resource)
         init_prefix_explicit(resource.to_s.pluralize, "#{resource}_id")
       end
 
       def init_prefix_explicit(resource_type, resource_id)
-        self.prefix = "/admin/#{resource_type}/:#{resource_id}/"
+        self.resource_prefix = "#{resource_type}/:#{resource_id}/"
 
         define_method resource_id.to_sym do
           @prefix_options[resource_id]

data/lib/shopify_api/resources/fulfillment_event.rb

@@ -1,6 +1,6 @@
 module ShopifyAPI
   class FulfillmentEvent < Base
-    self.prefix = '/admin/orders/:order_id/fulfillments/:fulfillment_id/'
+    self.resource_prefix = "orders/:order_id/fulfillments/:fulfillment_id/"
     self.collection_name = 'events'
     self.element_name = 'event'
 

data/lib/shopify_api/resources/graphql.rb

@@ -7,7 +7,7 @@ module ShopifyAPI
   class GraphQL
     def initialize
       uri = Base.site.dup
-      uri.path = '/admin/api/graphql.json'
+      uri.path = Base.api_version.construct_graphql_path
       @http = ::GraphQL::Client::HTTP.new(uri.to_s) do
         define_method(:headers) do |_context|
           Base.headers

data/lib/shopify_api/resources/inventory_level.rb

@@ -4,11 +4,11 @@ module ShopifyAPI
   class InventoryLevel < Base
 
     # The default path structure in ActiveResource for delete would result in:
-    # /admin/inventory_levels/#{ inventory_level.id }.json?#{ params }, but since
+    # /admin/api/<version>/inventory_levels/#{ inventory_level.id }.json?#{ params }, but since
     # InventroyLevels are a second class resource made up of a Where and a What
     # (Location and InventoryItem), it does not have a resource ID. Here we
     # redefine element_path to remove the id so HTTP DELETE requests go to
-    # /admin/inventory_levels.json?#{ params } instead.
+    # /admin/api/<version>/inventory_levels.json?#{ params } instead.
     #
     def self.element_path(prefix_options = {}, query_options = nil)
       prefix_options, query_options = split_options(prefix_options) if query_options.nil?

data/lib/shopify_api/resources/location.rb

@@ -2,7 +2,7 @@ module ShopifyAPI
   class Location < Base
 
     def inventory_levels
-      ShopifyAPI::InventoryLevel.find(:all, from: "/admin/locations/#{id}/inventory_levels.json")
+      ShopifyAPI::InventoryLevel.find(:all, from: "#{self.class.prefix}locations/#{id}/inventory_levels.json")
     end
   end
 end

data/lib/shopify_api/resources/marketing_event.rb

@@ -1,5 +1,7 @@
 module ShopifyAPI
   class MarketingEvent < Base
+    include Countable
+
     def add_engagements(engagements)
       engagements = { engagements: Array.wrap(engagements) }
       post(:engagements, {}, engagements.to_json)

data/lib/shopify_api/resources/payment.rb

@@ -2,6 +2,6 @@
 
 module ShopifyAPI
   class Payment < Base
-    self.prefix = '/admin/checkouts/:checkout_id/'
+    self.resource_prefix = "checkouts/:checkout_id/"
   end
 end

data/lib/shopify_api/resources/refund.rb

@@ -4,9 +4,10 @@ module ShopifyAPI
 
     def self.calculate(*args)
       options = { :refund => args[0] }
-      params = options.merge(args[1][:params]) if args[1] && args[1][:params]
-      self.prefix = "/admin/orders/#{params[:order_id]}/"
-      resource = post(:calculate, {}, options.to_json)
+      params = {}
+      params = args[1][:params] if args[1] && args[1][:params]
+
+      resource = post(:calculate, params, options.to_json)
       instantiate_record(format.decode(resource.body), {})
     end
   end

data/lib/shopify_api/resources/shipping_rate.rb

@@ -2,6 +2,6 @@
 
 module ShopifyAPI
   class ShippingRate < Base
-    self.prefix = '/admin/checkouts/:checkout_id/'
+    self.resource_prefix = "checkouts/:checkout_id/"
   end
 end

data/lib/shopify_api/resources/shop.rb

@@ -2,8 +2,10 @@ module ShopifyAPI
   # Shop object. Use Shop.current to receive
   # the shop.
   class Shop < Base
-    def self.current(options={})
-      find(:one, options.merge({from: "/admin/shop.#{format.extension}"}))
+    include ActiveResource::Singleton
+
+    def self.current(options = {})
+      find(options)
     end
 
     def metafields(**options)

data/lib/shopify_api/resources/smart_collection.rb

@@ -5,7 +5,7 @@ module ShopifyAPI
 
     def products(options = {})
       if options.present?
-        Product.find(:all, from: "/admin/smart_collections/#{id}/products.json", params: options)
+        Product.find(:all, from: "#{self.class.prefix}smart_collections/#{id}/products.json", params: options)
       else
         Product.find(:all, params: { collection_id: id })
       end

data/lib/shopify_api/session.rb

@@ -10,7 +10,9 @@ module ShopifyAPI
     cattr_accessor :api_key, :secret, :myshopify_domain
     self.myshopify_domain = 'myshopify.com'
 
-    attr_accessor :url, :token, :name, :extra
+    attr_accessor :domain, :token, :name, :extra
+    attr_reader :api_version
+    alias_method :url, :domain
 
     class << self
 
@@ -18,11 +20,14 @@ module ShopifyAPI
         params.each { |k,value| public_send("#{k}=", value) }
       end
 
-      def temp(domain, token, &block)
-        session = new(domain, token)
-        original_site = ShopifyAPI::Base.site.to_s
-        original_token = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
-        original_session = new(original_site, original_token)
+      def temp(domain:, token:, api_version:, &block)
+        session = new(domain: domain, token: token, api_version: api_version)
+
+        with_session(session, &block)
+      end
+
+      def with_session(session, &_block)
+        original_session = extract_current_session
 
         begin
           ShopifyAPI::Base.activate_session(session)
@@ -32,12 +37,19 @@ module ShopifyAPI
         end
       end
 
-      def prepare_url(url)
-        return nil if url.blank?
+      def with_version(api_version, &block)
+        original_session = extract_current_session
+        session = new(domain: original_session.site, token: original_session.token, api_version: api_version)
+
+        with_session(session, &block)
+      end
+
+      def prepare_domain(domain)
+        return nil if domain.blank?
         # remove http:// or https://
-        url = url.strip.gsub(/\Ahttps?:\/\//, '')
+        domain = domain.strip.gsub(%r{\Ahttps?://}, '')
         # extract host, removing any username, password or path
-        shop = URI.parse("https://#{url}").host
+        shop = URI.parse("https://#{domain}").host
         # extract subdomain of .myshopify.com
         if idx = shop.index(".")
           shop = shop.slice(0, idx)
@@ -63,10 +75,18 @@ module ShopifyAPI
         params = params.except(:signature, :hmac, :action, :controller)
         params.map{|k,v| "#{URI.escape(k.to_s, '&=%')}=#{URI.escape(v.to_s, '&%')}"}.sort.join('&')
       end
+
+      def extract_current_session
+        site = ShopifyAPI::Base.site.to_s
+        token = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
+        version = ShopifyAPI::Base.api_version
+        new(domain: site, token: token, api_version: version)
+      end
     end
 
-    def initialize(url, token = nil, extra = {})
-      self.url = self.class.prepare_url(url)
+    def initialize(domain:, token:, api_version:, extra: {})
+      self.domain = self.class.prepare_domain(domain)
+      self.api_version = api_version
       self.token = token
       self.extra = extra
     end
@@ -74,7 +94,7 @@ module ShopifyAPI
     def create_permission_url(scope, redirect_uri = nil)
       params = {:client_id => api_key, :scope => scope.join(',')}
       params[:redirect_uri] = redirect_uri if redirect_uri
-      "#{site}/oauth/authorize?#{parameterize(params)}"
+      construct_oauth_url("authorize", params)
     end
 
     def request_token(params)
@@ -103,11 +123,15 @@ module ShopifyAPI
     end
 
     def site
-      "https://#{url}/admin"
+      "https://#{domain}"
+    end
+
+    def api_version=(version)
+      @api_version = version.nil? ? nil : ApiVersion.coerce_to_version(version)
     end
 
     def valid?
-      url.present? && token.present?
+      domain.present? && token.present? && api_version.present?
     end
 
     def expires_in
@@ -132,12 +156,17 @@ module ShopifyAPI
     end
 
     def access_token_request(code)
-      uri = URI.parse("https://#{url}/admin/oauth/access_token")
+      uri = URI.parse(construct_oauth_url('access_token'))
       https = Net::HTTP.new(uri.host, uri.port)
       https.use_ssl = true
       request = Net::HTTP::Post.new(uri.request_uri)
       request.set_form_data('client_id' => api_key, 'client_secret' => secret, 'code' => code)
       https.request(request)
     end
+
+    def construct_oauth_url(path, query_params = {})
+      query_string = "?#{parameterize(query_params)}" unless query_params.empty?
+      "https://#{domain}/admin/oauth/#{path}#{query_string}"
+    end
   end
 end

data/lib/shopify_api/version.rb

@@ -1,3 +1,3 @@
 module ShopifyAPI
-  VERSION = "6.0.0"
+  VERSION = "7.0.0"
 end

data/shopify_api.gemspec

@@ -23,9 +23,9 @@ Gem::Specification.new do |s|
   s.summary = %q{ShopifyAPI is a lightweight gem for accessing the Shopify admin REST web services}
   s.license = "MIT"
 
-  s.required_ruby_version = ">= 2.1"
+  s.required_ruby_version = ">= 2.4"
 
-  s.add_runtime_dependency("activeresource", ">= 3.0.0")
+  s.add_runtime_dependency("activeresource", ">= 4.1.0", "< 6.0.0")
   s.add_runtime_dependency("rack")
   s.add_runtime_dependency("graphql-client")
 
@@ -34,6 +34,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency("minitest", ">= 4.0")
   s.add_development_dependency("rake")
   s.add_development_dependency("timecop")
+  s.add_development_dependency("rubocop")
   s.add_development_dependency("pry")
   s.add_development_dependency("pry-byebug")
 end

data/test/access_scope_test.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+require 'test_helper'
+
+class AccessScopeTest < Test::Unit::TestCase
+  test 'access scope does not use the versioned resource urls' do
+    fake(
+      'access_scopes',
+      url: 'https://shop2.myshopify.com/admin/oauth/access_scopes.json',
+      method: :get,
+      status: 201,
+      body: load_fixture('access_scopes'),
+      extension: false
+    )
+
+    unstable_version = ShopifyAPI::Session.new(domain: 'shop2.myshopify.com', token: 'token2', api_version: :unstable)
+
+    ShopifyAPI::Base.activate_session(unstable_version)
+
+    scope_handles = ShopifyAPI::AccessScope.find(:all).map(&:handle)
+
+    assert_equal(['write_product_listings', 'read_shipping'], scope_handles)
+  end
+end