solidus_api 1.0.7 → 1.1.0.beta1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of solidus_api might be problematic. Click here for more details.

Files changed (43) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/spree/api/address_books_controller.rb +38 -0
  3. data/app/controllers/spree/api/addresses_controller.rb +19 -15
  4. data/app/controllers/spree/api/base_controller.rb +7 -28
  5. data/app/controllers/spree/api/checkouts_controller.rb +17 -8
  6. data/app/controllers/spree/api/option_values_controller.rb +1 -1
  7. data/app/controllers/spree/api/orders_controller.rb +13 -18
  8. data/app/controllers/spree/api/payments_controller.rb +0 -1
  9. data/app/controllers/spree/api/resource_controller.rb +75 -0
  10. data/app/controllers/spree/api/shipments_controller.rb +1 -0
  11. data/app/controllers/spree/api/stock_items_controller.rb +1 -3
  12. data/app/controllers/spree/api/stock_transfers_controller.rb +1 -0
  13. data/app/controllers/spree/api/users_controller.rb +13 -49
  14. data/app/controllers/spree/api/zones_controller.rb +7 -3
  15. data/app/helpers/spree/api/api_helpers.rb +9 -4
  16. data/app/views/spree/api/address_books/show.v1.rabl +4 -0
  17. data/app/views/spree/api/orders/show.v1.rabl +2 -2
  18. data/app/views/spree/api/variants/big.v1.rabl +3 -0
  19. data/config/locales/en.yml +0 -1
  20. data/config/routes.rb +3 -0
  21. data/lib/spree/api/testing_support/helpers.rb +1 -1
  22. data/lib/spree/api/testing_support/setup.rb +1 -4
  23. data/spec/controllers/spree/api/address_books_controller_spec.rb +60 -0
  24. data/spec/controllers/spree/api/addresses_controller_spec.rb +22 -9
  25. data/spec/controllers/spree/api/base_controller_spec.rb +0 -12
  26. data/spec/controllers/spree/api/checkouts_controller_spec.rb +107 -45
  27. data/spec/controllers/spree/api/credit_cards_controller_spec.rb +4 -11
  28. data/spec/controllers/spree/api/orders_controller_spec.rb +75 -105
  29. data/spec/controllers/spree/api/payments_controller_spec.rb +0 -11
  30. data/spec/controllers/spree/api/products_controller_spec.rb +2 -2
  31. data/spec/controllers/spree/api/resource_controller_spec.rb +157 -0
  32. data/spec/controllers/spree/api/shipments_controller_spec.rb +12 -13
  33. data/spec/controllers/spree/api/stock_items_controller_spec.rb +2 -2
  34. data/spec/controllers/spree/api/users_controller_spec.rb +2 -2
  35. data/spec/controllers/spree/api/variants_controller_spec.rb +32 -3
  36. data/spec/models/spree/legacy_user_spec.rb +8 -2
  37. data/spec/spec_helper.rb +8 -3
  38. data/spec/test_views/spree/api/widgets/index.v1.rabl +7 -0
  39. data/spec/test_views/spree/api/widgets/new.v1.rabl +2 -0
  40. data/spec/test_views/spree/api/widgets/show.v1.rabl +2 -0
  41. metadata +20 -9
  42. data/CHANGELOG.md +0 -1
  43. data/app/views/spree/api/shared/stock_location_required.v1.rabl +0 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c108e552ec6ec720a0b101802d36eaf5d9aa4761
4
- data.tar.gz: e376f6d8e98c28a0f193b012a3f9e62476adb5d4
3
+ metadata.gz: 75a42cb0d36debac691c8f4f6cd0bf1fb2df5e63
4
+ data.tar.gz: 14ba98e1a06d1c1ba6e4c6c36455997a5c9d3d32
5
5
  SHA512:
6
- metadata.gz: 3deada5b7463920279f00169107d3afd9279ab8f019928b7a109731f803b515327b4486e73d84e4e7d53746999741bb8e4a48328b1aaf019fa239c6f4feb7b87
7
- data.tar.gz: 3907075dabb2ed39ce27230ddea643aa16a8c40b48252b4d545f7d8df9f75b08dcaadf54e7ab2e48a5d85e7fa645ab9d70872e5c944ad3e51b98e65e67b0a7da
6
+ metadata.gz: 138f2b8e9e0b57c26eb0303ef2c53a39e65fe6544bf3eb3ee1183d8018fd9c59fed68d63a70c61163246f0a1028f19b6d63645fbb9fa52e587d18013cd911394
7
+ data.tar.gz: 85ef69fd76f30f4514ffa7df05f3dd5bf49314d5b26339c7ad20f84a50288830a2cc5601db4220812375875d676e79b48de9e257af11aa29a2f27cbe7aba9615
@@ -0,0 +1,38 @@
1
+ module Spree
2
+ module Api
3
+ class AddressBooksController < Spree::Api::BaseController
4
+ # Note: the AddressBook is the resource to think about here, not individual addresses
5
+
6
+ def show
7
+ render_address_book
8
+ end
9
+
10
+ def update
11
+ address_params = address_book_params
12
+ default_flag = address_params.delete(:default)
13
+ address = current_api_user.save_in_address_book(address_params, default_flag)
14
+ if address.valid?
15
+ render_address_book
16
+ else
17
+ invalid_resource!(address)
18
+ end
19
+ end
20
+
21
+ def destroy
22
+ current_api_user.remove_from_address_book(params[:address_id])
23
+ render_address_book
24
+ end
25
+
26
+ private
27
+
28
+ def render_address_book
29
+ @user_addresses = current_api_user.user_addresses
30
+ render :show, status: :ok
31
+ end
32
+
33
+ def address_book_params
34
+ params.require(:address_book).permit(permitted_address_book_attributes)
35
+ end
36
+ end
37
+ end
38
+ end
@@ -13,31 +13,35 @@ module Spree
13
13
  authorize! :update, @order, order_token
14
14
  find_address
15
15
 
16
- if @address.update_attributes(address_params)
16
+ if @order.update_attributes({"#{@order_source}_attributes" => address_params})
17
+ @address = @order.send(@order_source)
17
18
  respond_with(@address, :default_template => :show)
18
19
  else
20
+ @address = @order.send(@order_source)
19
21
  invalid_resource!(@address)
20
22
  end
21
23
  end
22
24
 
23
25
  private
24
- def address_params
25
- params.require(:address).permit(permitted_address_attributes)
26
- end
26
+ def address_params
27
+ params.require(:address).permit(permitted_address_attributes)
28
+ end
27
29
 
28
- def find_order
29
- @order = Spree::Order.find_by!(number: order_id)
30
- end
30
+ def find_order
31
+ @order = Spree::Order.find_by!(number: order_id)
32
+ end
31
33
 
32
- def find_address
33
- @address = if @order.bill_address_id == params[:id].to_i
34
- @order.bill_address
35
- elsif @order.ship_address_id == params[:id].to_i
36
- @order.ship_address
37
- else
38
- raise CanCan::AccessDenied
39
- end
34
+ def find_address
35
+ @address = if @order.bill_address_id == params[:id].to_i
36
+ @order_source = :bill_address
37
+ @order.bill_address
38
+ elsif @order.ship_address_id == params[:id].to_i
39
+ @order_source = :ship_address
40
+ @order.ship_address
41
+ else
42
+ raise CanCan::AccessDenied
40
43
  end
44
+ end
41
45
  end
42
46
  end
43
47
  end
@@ -3,9 +3,6 @@ require 'spree/api/responders'
3
3
  module Spree
4
4
  module Api
5
5
  class BaseController < ActionController::Base
6
- prepend_view_path Rails.root + "app/views"
7
- append_view_path File.expand_path("../../../app/views", File.dirname(__FILE__))
8
-
9
6
  self.responder = Spree::Api::Responders::AppResponder
10
7
  respond_to :json
11
8
 
@@ -20,7 +17,6 @@ module Spree
20
17
 
21
18
  class_attribute :error_notifier
22
19
 
23
- before_action :set_content_type
24
20
  before_action :load_user
25
21
  before_action :authorize_for_order, if: Proc.new { order_token.present? }
26
22
  before_action :authenticate_user
@@ -33,15 +29,6 @@ module Spree
33
29
 
34
30
  helper Spree::Api::ApiHelpers
35
31
 
36
- def map_nested_attributes_keys(klass, attributes)
37
- nested_keys = klass.nested_attributes_options.keys
38
- attributes.inject({}) do |h, (k,v)|
39
- key = nested_keys.include?(k.to_sym) ? "#{k}_attributes" : k
40
- h[key] = v
41
- h
42
- end.with_indifferent_access
43
- end
44
-
45
32
  private
46
33
 
47
34
  # users should be able to set price when importing orders via api
@@ -53,16 +40,6 @@ module Spree
53
40
  end
54
41
  end
55
42
 
56
- def set_content_type
57
- content_type = case params[:format]
58
- when "json"
59
- "application/json; charset=utf-8"
60
- when "xml"
61
- "text/xml; charset=utf-8"
62
- end
63
- headers["Content-Type"] = content_type
64
- end
65
-
66
43
  def load_user
67
44
  @current_api_user ||= Spree.user_class.find_by(spree_api_key: api_key.to_s)
68
45
  end
@@ -70,9 +47,9 @@ module Spree
70
47
  def authenticate_user
71
48
  unless @current_api_user
72
49
  if requires_authentication? && api_key.blank? && order_token.blank?
73
- render "spree/api/errors/must_specify_api_key", :status => 401 and return
50
+ render "spree/api/errors/must_specify_api_key", :status => 401
74
51
  elsif order_token.blank? && (requires_authentication? || api_key.present?)
75
- render "spree/api/errors/invalid_api_key", :status => 401 and return
52
+ render "spree/api/errors/invalid_api_key", :status => 401
76
53
  end
77
54
  end
78
55
  end
@@ -86,7 +63,7 @@ module Spree
86
63
  end
87
64
 
88
65
  def unauthorized
89
- render "spree/api/errors/unauthorized", status: 401 and return
66
+ render "spree/api/errors/unauthorized", status: 401
90
67
  end
91
68
 
92
69
  def error_during_processing(exception)
@@ -96,7 +73,7 @@ module Spree
96
73
  error_notifier.call(exception, self) if error_notifier
97
74
 
98
75
  render text: { exception: exception.message }.to_json,
99
- status: 422 and return
76
+ status: 422
100
77
  end
101
78
 
102
79
  def gateway_error(exception)
@@ -109,7 +86,7 @@ module Spree
109
86
  end
110
87
 
111
88
  def not_found
112
- render "spree/api/errors/not_found", status: 404 and return
89
+ render "spree/api/errors/not_found", status: 404
113
90
  end
114
91
 
115
92
  def current_ability
@@ -122,6 +99,7 @@ module Spree
122
99
  helper_method :current_currency
123
100
 
124
101
  def invalid_resource!(resource)
102
+ Rails.logger.error "invalid_resouce_errors=#{resource.errors.full_messages}"
125
103
  @resource = resource
126
104
  render "spree/api/errors/invalid_resource", :status => 422
127
105
  end
@@ -179,6 +157,7 @@ module Spree
179
157
  end
180
158
 
181
159
  def insufficient_stock_error(exception)
160
+ logger.error "insufficient_stock_error #{exception.inspect}"
182
161
  render(
183
162
  json: {
184
163
  errors: [I18n.t(:quantity_is_not_available, :scope => "spree.api.order")],
@@ -8,6 +8,9 @@ module Spree
8
8
  rescue_from Spree::Order::InsufficientStock, with: :insufficient_stock_error
9
9
 
10
10
  include Spree::Core::ControllerHelpers::Order
11
+ # TODO: Remove this after deprecated usage in #update is removed
12
+ include Spree::Core::ControllerHelpers::PaymentParameters
13
+
11
14
  # This before_filter comes from Spree::Core::ControllerHelpers::Order
12
15
  skip_before_action :set_current_order
13
16
 
@@ -26,7 +29,8 @@ module Spree
26
29
  authorize! :update, @order, order_token
27
30
  @order.next!
28
31
  respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
29
- rescue StateMachines::InvalidTransition
32
+ rescue StateMachines::InvalidTransition => e
33
+ logger.error("invalid_transition #{e.event} from #{e.from} for #{e.object.class.name}. Error: #{e.inspect}")
30
34
  respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
31
35
  end
32
36
 
@@ -44,14 +48,22 @@ module Spree
44
48
  @order.complete!
45
49
  respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
46
50
  end
47
- rescue StateMachines::InvalidTransition
51
+ rescue StateMachines::InvalidTransition => e
52
+ logger.error("invalid_transition #{e.event} from #{e.from} for #{e.object.class.name}. Error: #{e.inspect}")
48
53
  respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
49
54
  end
50
55
 
51
56
  def update
52
57
  authorize! :update, @order, order_token
53
58
 
54
- if @order.update_from_params(params, permitted_checkout_attributes, request.headers.env)
59
+ update_params = if params[:payment_source].present?
60
+ ActiveSupport::Deprecation.warn("Passing payment_source is deprecated. Send source parameters inside payments_attributes[:source_attributes].", caller)
61
+ move_payment_source_into_payments_attributes(params)
62
+ else
63
+ params
64
+ end
65
+
66
+ if @order.update_from_params(update_params, permitted_checkout_attributes, request.headers.env)
55
67
  if can?(:admin, @order) && user_id.present?
56
68
  @order.associate_user!(Spree.user_class.find(user_id))
57
69
  end
@@ -62,6 +74,7 @@ module Spree
62
74
  state_callback(:after)
63
75
  respond_with(@order, default_template: 'spree/api/orders/show')
64
76
  else
77
+ logger.error("failed_to_transition_errors=#{@order.errors.full_messages}")
65
78
  respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
66
79
  end
67
80
  else
@@ -74,10 +87,6 @@ module Spree
74
87
  params[:order][:user_id] if params[:order]
75
88
  end
76
89
 
77
- def nested_params
78
- map_nested_attributes_keys Order, params[:order] || {}
79
- end
80
-
81
90
  # Should be overriden if you have areas of your checkout that don't match
82
91
  # up to a step within checkout_steps, such as a registration step
83
92
  def skip_state_validation?
@@ -99,7 +108,7 @@ module Spree
99
108
  end
100
109
 
101
110
  def after_update_attributes
102
- if nested_params && nested_params[:coupon_code].present?
111
+ if params[:order] && params[:order][:coupon_code].present?
103
112
  handler = PromotionHandler::Coupon.new(@order).apply
104
113
 
105
114
  if handler.error.present?
@@ -5,7 +5,7 @@ module Spree
5
5
  if params[:ids]
6
6
  @option_values = scope.where(:id => params[:ids])
7
7
  else
8
- @option_values = scope.ransack(params[:q]).result
8
+ @option_values = scope.ransack(params[:q]).result.distinct
9
9
  end
10
10
  respond_with(@option_values)
11
11
  end
@@ -5,7 +5,7 @@ module Spree
5
5
  self.admin_shipment_attributes = [:shipping_method, :stock_location, :inventory_units => [:variant_id, :sku]]
6
6
 
7
7
  class_attribute :admin_order_attributes
8
- self.admin_order_attributes = [:import, :number, :completed_at, :locked_at, :channel, :user_id]
8
+ self.admin_order_attributes = [:import, :number, :completed_at, :locked_at, :channel, :user_id, :created_at]
9
9
 
10
10
  skip_before_action :authenticate_user, only: :apply_coupon_code
11
11
 
@@ -28,23 +28,14 @@ module Spree
28
28
  def create
29
29
  authorize! :create, Order
30
30
 
31
- if can?(:admin, Order)
32
- order_user = if order_params[:user_id]
33
- Spree.user_class.find(order_params[:user_id])
34
- else
35
- current_api_user
36
- end
37
-
38
- @order = Spree::Core::Importer::Order.import(order_user, order_params)
39
- respond_with(@order, default_template: :show, status: 201)
31
+ order_user = if order_params[:user_id]
32
+ Spree.user_class.find(order_params[:user_id])
40
33
  else
41
- @order = Spree::Order.create!(user: current_api_user, store: current_store)
42
- if @order.contents.update_cart(order_params)
43
- respond_with(@order, default_template: :show, status: 201)
44
- else
45
- invalid_resource!(@order)
46
- end
34
+ current_api_user
47
35
  end
36
+
37
+ @order = Spree::Core::Importer::Order.import(order_user, order_params)
38
+ respond_with(@order, default_template: :show, status: 201)
48
39
  end
49
40
 
50
41
  def empty
@@ -98,8 +89,12 @@ module Spree
98
89
  authorize! :update, @order, order_token
99
90
  @order.coupon_code = params[:coupon_code]
100
91
  @handler = PromotionHandler::Coupon.new(@order).apply
101
- status = @handler.successful? ? 200 : 422
102
- render "spree/api/promotions/handler", :status => status
92
+ if @handler.successful?
93
+ render "spree/api/promotions/handler", status: 200
94
+ else
95
+ logger.error("apply_coupon_code_error=#{@handler.error.inspect}")
96
+ render "spree/api/promotions/handler", status: 422
97
+ end
103
98
  end
104
99
 
105
100
  private
@@ -17,7 +17,6 @@ module Spree
17
17
  end
18
18
 
19
19
  def create
20
- @order.validate_payments_attributes(payment_params)
21
20
  @payment = @order.payments.build(payment_params)
22
21
  if @payment.save
23
22
  respond_with(@payment, status: 201, default_template: :show)
@@ -0,0 +1,75 @@
1
+ class Spree::Api::ResourceController < Spree::Api::BaseController
2
+ before_action :load_resource, only: [:show, :update, :destroy]
3
+
4
+ def index
5
+ @collection = model_class.accessible_by(current_ability, :read).ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
6
+ instance_variable_set("@#{controller_name}", @collection)
7
+
8
+ respond_with(@collection)
9
+ end
10
+
11
+ def show
12
+ respond_with(@object)
13
+ end
14
+
15
+ def new
16
+ authorize! :new, model_class
17
+ respond_with(model_class.new)
18
+ end
19
+
20
+ def create
21
+ authorize! :create, model_class
22
+
23
+ @object = model_class.new(permitted_resource_params)
24
+ instance_variable_set("@#{object_name}", @object)
25
+
26
+ if @object.save
27
+ respond_with(@object, status: 201, default_template: :show)
28
+ else
29
+ invalid_resource!(@object)
30
+ end
31
+ end
32
+
33
+ def update
34
+ authorize! :update, @object
35
+
36
+ if @object.update_attributes(permitted_resource_params)
37
+ respond_with(@object, status: 200, default_template: :show)
38
+ else
39
+ invalid_resource!(@object)
40
+ end
41
+ end
42
+
43
+ def destroy
44
+ authorize! :destroy, @object
45
+
46
+ if @object.destroy
47
+ respond_with(@object, status: 204)
48
+ else
49
+ invalid_resource!(@object)
50
+ end
51
+ end
52
+
53
+ protected
54
+
55
+ def load_resource
56
+ @object = model_class.accessible_by(current_ability, :read).find(params[:id])
57
+ instance_variable_set("@#{object_name}", @object)
58
+ end
59
+
60
+ def permitted_resource_params
61
+ params.require(object_name).permit(permitted_resource_attributes)
62
+ end
63
+
64
+ def permitted_resource_attributes
65
+ send("permitted_#{object_name}_attributes")
66
+ end
67
+
68
+ def model_class
69
+ "Spree::#{controller_name.classify}".constantize
70
+ end
71
+
72
+ def object_name
73
+ controller_name.singularize
74
+ end
75
+ end
@@ -47,6 +47,7 @@ module Spree
47
47
  if @shipment.can_ready?
48
48
  @shipment.ready!
49
49
  else
50
+ logger.error("cannot_ready_shipment shipment_state=#{@shipment.state}")
50
51
  render 'spree/api/shipments/cannot_ready_shipment', status: 422 and return
51
52
  end
52
53
  end
@@ -15,7 +15,6 @@ module Spree
15
15
 
16
16
  def create
17
17
  authorize! :create, StockItem
18
-
19
18
  @stock_item = scope.new(stock_item_params)
20
19
 
21
20
  Spree::StockItem.transaction do
@@ -55,8 +54,7 @@ module Spree
55
54
  private
56
55
 
57
56
  def load_stock_location
58
- render 'spree/api/shared/stock_location_required', status: 422 and return unless params[:stock_location_id]
59
- @stock_location ||= StockLocation.accessible_by(current_ability, action_name.to_sym).find(params[:stock_location_id])
57
+ @stock_location ||= StockLocation.accessible_by(current_ability).find(params.fetch(:stock_location_id))
60
58
  end
61
59
 
62
60
  def scope