RubyGems - solidus_api - Versions diffs - 1.2.3 → 1.3.0.beta1 - Mend

solidus_api 1.2.3 → 1.3.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (87) hide show

data/spec/controllers/spree/api/orders_controller_spec.rb CHANGED Viewed

@@ -2,23 +2,25 @@ require 'spec_helper'
 require 'spree/testing_support/bar_ability'
 module Spree
-  describe Api::OrdersController, :type => :controller do
+  describe Api::OrdersController, type: :controller do
     render_views
     let!(:order) { create(:order) }
     let(:variant) { create(:variant) }
     let(:line_item) { create(:line_item) }
-    let(:attributes) { [:number, :item_total, :display_total, :total,
-                        :state, :adjustment_total,
-                        :user_id, :created_at, :updated_at,
-                        :completed_at, :payment_total, :shipment_state,
-                        :payment_state, :email, :special_instructions,
-                        :total_quantity, :display_item_total, :currency] }
+    let(:attributes) {
+      [:number, :item_total, :display_total, :total,
+       :state, :adjustment_total,
+       :user_id, :created_at, :updated_at,
+       :completed_at, :payment_total, :shipment_state,
+       :payment_state, :email, :special_instructions,
+       :total_quantity, :display_item_total, :currency]
+    }
-    let(:address_params) { { :country_id => Country.first.id, :state_id => State.first.id } }
+    let(:address_params) { { country_id: Country.first.id, state_id: State.first.id } }
     let(:current_api_user) do
-      user = Spree.user_class.new(:email => "spree@example.com")
+      user = Spree.user_class.new(email: "spree@example.com")
       user.generate_spree_api_key!
       user
     end
@@ -29,62 +31,46 @@ module Spree
     describe "POST create" do
       let(:target_user) { create :user }
-      let(:date_override) { Time.parse('2015-01-01') }
-      let(:attributes) { { user_id: target_user.id, created_at: date_override, email: target_user.email } }
+      let(:date_override) { 3.days.ago }
-      subject { api_post :create, order: attributes }
+      before do
+        allow_any_instance_of(Spree::Ability).to receive(:can?).
+          and_return(true)
+        allow_any_instance_of(Spree::Ability).to receive(:can?).
+          with(:admin, Spree::Order).
+          and_return(can_admin)
+        allow(Spree.user_class).to receive(:find).
+          with(target_user.id).
+          and_return(target_user)
+      end
+      subject { api_post :create, order: { user_id: target_user.id, created_at: date_override, email: target_user.email } }
       context "when the current user cannot administrate the order" do
-        stub_authorization! do |_|
-          can :create, Spree::Order
-        end
+        let(:can_admin) { false }
         it "does not include unpermitted params, or allow overriding the user", focus: true do
+          expect(Spree::Core::Importer::Order).to receive(:import).
+            once.
+            with(current_api_user, { "email" => target_user.email }).
+            and_call_original
           subject
-          expect(response).to be_success
-          order = Spree::Order.last
-          expect(order.user).to eq current_api_user
-          expect(order.email).to eq target_user.email
         end
         it { is_expected.to be_success }
-        context 'creating payment' do
-          let(:attributes) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
-          context "with allowed payment method" do
-            let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
-            it { is_expected.to be_success }
-            it "creates a payment" do
-              expect {
-                subject
-              }.to change { Spree::Payment.count }.by(1)
-            end
-          end
-          context "with disallowed payment method" do
-            let!(:payment_method) { create(:check_payment_method, name: "forbidden", display_on: "back_end") }
-            it { is_expected.to be_not_found }
-            it "creates no payments" do
-              expect {
-                subject
-              }.not_to change { Spree::Payment.count }
-            end
-          end
-        end
       end
       context "when the current user can administrate the order" do
-        stub_authorization! do |_|
-          can [:admin, :create], Spree::Order
-        end
+        let(:can_admin) { true }
         it "it permits all params and allows overriding the user" do
+          expect(Spree::Core::Importer::Order).to receive(:import).
+            once.
+            with(target_user, { "user_id" => target_user.id, "created_at" => date_override, "email" => target_user.email }).
+            and_call_original
           subject
-          order = Spree::Order.last
-          expect(order.user).to eq target_user
-          expect(order.email).to eq target_user.email
-          expect(order.created_at).to eq date_override
         end
         it { is_expected.to be_success }
@@ -97,72 +83,59 @@ module Spree
       let(:can_admin) { false }
       subject { api_put :update, id: order.to_param, order: order_params }
-      context "when the user cannot administer the order" do
-        stub_authorization! do |_|
-          can [:update], Spree::Order
-        end
-        it "updates the user's email" do
-          expect {
-            subject
-          }.to change { order.reload.email }.to("foo@foobar.com")
-        end
-        it { is_expected.to be_success }
-        it "does not associate users" do
-          expect {
-            subject
-          }.not_to change { order.reload.user }
-        end
+      before do
+        allow_any_instance_of(Spree::Ability).to receive(:can?).
+          and_return(true)
-        it "does not change forbidden attributes" do
-          expect {
-            subject
-          }.to_not change{ order.reload.number }
-        end
+        allow(Spree::Order).to receive(:find_by!).
+          with(number: order.number).
+          and_return(order)
-        context 'creating payment' do
-          let(:order_params) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
+        allow(Spree.user_class).to receive(:find).
+          with(user.id).
+          and_return(user)
-          context "with allowed payment method" do
-            let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
-            it { is_expected.to be_success }
-            it "creates a payment" do
-              expect {
-                subject
-              }.to change { Spree::Payment.count }.by(1)
-            end
-          end
+        allow_any_instance_of(Spree::Ability).to receive(:can?).
+          with(:admin, Spree::Order).
+          and_return(can_admin)
+      end
-          context "with disallowed payment method" do
-            let!(:payment_method) { create(:check_payment_method, name: "forbidden", display_on: "back_end") }
-            it { is_expected.to be_not_found }
-            it "creates no payments" do
-              expect {
-                subject
-              }.not_to change { Spree::Payment.count }
-            end
-          end
-        end
+      it "updates the cart contents" do
+        expect(order.contents).to receive(:update_cart).
+          once.
+          with({ "email" => "foo@foobar.com" })
+        subject
       end
+      it { is_expected.to be_success }
       context "when the user can administer the order" do
-        stub_authorization! do |_|
-          can [:admin, :update], Spree::Order
-        end
+        let(:can_admin) { true }
         it "will associate users" do
-          expect {
-            subject
-          }.to change { order.reload.user }.to(user)
+          expect(order).to receive(:associate_user!).
+            once.
+            with(user)
+          subject
         end
         it "updates the otherwise forbidden attributes" do
-          expect{subject}.to change{order.reload.number}.
+          expect{ subject }.to change{ order.reload.number }.
             to("anothernumber")
         end
       end
+      context "when the user cannot administer the order" do
+        it "does not associate users" do
+          expect(order).to_not receive(:associate_user!)
+          subject
+        end
+        it "does not change forbidden attributes" do
+          expect{ subject }.to_not change{ order.reload.number }
+        end
+      end
     end
     it "cannot view all orders" do
@@ -207,7 +180,7 @@ module Spree
       it "can filter the returned results" do
         request.env['SERVER_NAME'] = store.url
-        api_get :mine, q: {completed_at_not_null: 1}
+        api_get :mine, q: { completed_at_not_null: 1 }
         expect(response.status).to eq(200)
         expect(json_response["orders"].length).to eq(0)
@@ -246,8 +219,8 @@ module Spree
     end
     it "can view their own order" do
-      allow_any_instance_of(Order).to receive_messages :user => current_api_user
-      api_get :show, :id => order.to_param
+      allow_any_instance_of(Order).to receive_messages user: current_api_user
+      api_get :show, id: order.to_param
       expect(response.status).to eq(200)
       expect(json_response).to have_attributes(attributes)
       expect(json_response["adjustments"]).to be_empty
@@ -260,7 +233,7 @@ module Spree
       subject { api_get :show, id: order.to_param }
       before do
-        allow_any_instance_of(Order).to receive_messages :user => current_api_user
+        allow_any_instance_of(Order).to receive_messages user: current_api_user
       end
       context 'when inventory information is present' do
@@ -307,33 +280,33 @@ module Spree
     end
     it "orders contain the basic checkout steps" do
-      allow_any_instance_of(Order).to receive_messages :user => current_api_user
-      api_get :show, :id => order.to_param
+      allow_any_instance_of(Order).to receive_messages user: current_api_user
+      api_get :show, id: order.to_param
       expect(response.status).to eq(200)
       expect(json_response["checkout_steps"]).to eq(%w[address delivery confirm complete])
     end
     # Regression test for https://github.com/spree/spree/issues/1992
     it "can view an order not in a standard state" do
-      allow_any_instance_of(Order).to receive_messages :user => current_api_user
+      allow_any_instance_of(Order).to receive_messages user: current_api_user
       order.update_column(:state, 'shipped')
-      api_get :show, :id => order.to_param
+      api_get :show, id: order.to_param
     end
     it "can not view someone else's order" do
-      allow_any_instance_of(Order).to receive_messages :user => stub_model(Spree::LegacyUser)
-      api_get :show, :id => order.to_param
+      allow_any_instance_of(Order).to receive_messages user: stub_model(Spree::LegacyUser)
+      api_get :show, id: order.to_param
       assert_unauthorized!
     end
     it "can view an order if the token is known" do
-      api_get :show, :id => order.to_param, :order_token => order.guest_token
+      api_get :show, id: order.to_param, order_token: order.guest_token
       expect(response.status).to eq(200)
     end
     it "can view an order if the token is passed in header" do
       request.headers["X-Spree-Order-Token"] = order.guest_token
-      api_get :show, :id => order.to_param
+      api_get :show, id: order.to_param
       expect(response.status).to eq(200)
     end
@@ -344,7 +317,7 @@ module Spree
       it "can view an order" do
         user = build(:user, spree_roles: [Spree::Role.new(name: 'bar')])
         allow(Spree.user_class).to receive_messages find_by: user
-        api_get :show, :id => order.to_param
+        api_get :show, id: order.to_param
         expect(response.status).to eq(200)
       end
     end
@@ -352,12 +325,12 @@ module Spree
     it "cannot cancel an order that doesn't belong to them" do
       order.update_attribute(:completed_at, Time.current)
       order.update_attribute(:shipment_state, "ready")
-      api_put :cancel, :id => order.to_param
+      api_put :cancel, id: order.to_param
       assert_unauthorized!
     end
     it "can create an order" do
-      api_post :create, :order => { :line_items => { "0" => { :variant_id => variant.to_param, :quantity => 5 } } }
+      api_post :create, order: { line_items: { "0" => { variant_id: variant.to_param, quantity: 5 } } }
       expect(response.status).to eq(201)
       order = Order.last
@@ -374,20 +347,23 @@ module Spree
     end
     it "assigns email when creating a new order" do
-      api_post :create, :order => { :email => "guest@spreecommerce.com" }
+      api_post :create, order: { email: "guest@spreecommerce.com" }
       expect(json_response['email']).not_to eq controller.current_api_user
       expect(json_response['email']).to eq "guest@spreecommerce.com"
     end
     # Regression test for https://github.com/spree/spree/issues/3404
     it "can specify additional parameters for a line item" do
-      expect_any_instance_of(Spree::LineItem).to receive(:special=).with("foo")
+      expect(Order).to receive(:create!).and_return(order = Spree::Order.new)
+      allow(order).to receive(:associate_user!)
+      allow(order).to receive_message_chain(:contents, :add).and_return(line_item = double('LineItem'))
+      expect(line_item).to receive(:update_attributes!).with("special" => true)
       allow(controller).to receive_messages(permitted_line_item_attributes: [:id, :variant_id, :quantity, :special])
-      api_post :create, :order => {
-        :line_items => {
+      api_post :create, order: {
+        line_items: {
           "0" => {
-            variant_id: variant.to_param, quantity: 5, special: "foo"
+            variant_id: variant.to_param, quantity: 5, special: true
           }
         }
       }
@@ -395,10 +371,10 @@ module Spree
     end
     it "cannot arbitrarily set the line items price" do
-      api_post :create, :order => {
-        :line_items => {
+      api_post :create, order: {
+        line_items: {
           "0" => {
-            :price => 33.0, :variant_id => variant.to_param, :quantity => 5
+            price: 33.0, variant_id: variant.to_param, quantity: 5
           }
         }
       }
@@ -411,7 +387,7 @@ module Spree
       let!(:current_api_user) { create :admin_user }
       it "is able to set any default unpermitted attribute" do
-        api_post :create, :order => { number: "WOW" }
+        api_post :create, order: { number: "WOW" }
         expect(response.status).to eq 201
         expect(json_response['number']).to eq "WOW"
       end
@@ -424,26 +400,29 @@ module Spree
     end
     context "working with an order" do
       let(:variant) { create(:variant) }
       let!(:line_item) { order.contents.add(variant, 1) }
       let!(:payment_method) { create(:check_payment_method) }
-      let(:address_params) { { :country_id => country.id } }
-      let(:billing_address) { { :firstname => "Tiago", :lastname => "Motta", :address1 => "Av Paulista",
-                                :city => "Sao Paulo", :zipcode => "01310-300", :phone => "12345678",
-                                :country_id => country.id} }
-      let(:shipping_address) { { :firstname => "Tiago", :lastname => "Motta", :address1 => "Av Paulista",
-                                 :city => "Sao Paulo", :zipcode => "01310-300", :phone => "12345678",
-                                 :country_id => country.id} }
-      let(:country) { create(:country, {name: "Brazil", iso_name: "BRAZIL", iso: "BR", iso3: "BRA", numcode: 76 })}
+      let(:address_params) { { country_id: country.id } }
+      let(:billing_address) {
+        { firstname: "Tiago", lastname: "Motta", address1: "Av Paulista",
+                                city: "Sao Paulo", zipcode: "01310-300", phone: "12345678",
+                                country_id: country.id }
+      }
+      let(:shipping_address) {
+        { firstname: "Tiago", lastname: "Motta", address1: "Av Paulista",
+                                 city: "Sao Paulo", zipcode: "01310-300", phone: "12345678",
+                                 country_id: country.id }
+      }
+      let(:country) { create(:country, { name: "Brazil", iso_name: "BRAZIL", iso: "BR", iso3: "BRA", numcode: 76 }) }
       before { allow_any_instance_of(Order).to receive_messages user: current_api_user }
       it "updates quantities of existing line items" do
-        api_put :update, :id => order.to_param, :order => {
-          :line_items => {
-            "0" => { :id => line_item.id, :quantity => 10 }
+        api_put :update, id: order.to_param, order: {
+          line_items: {
+            "0" => { id: line_item.id, quantity: 10 }
           }
         }
@@ -454,10 +433,10 @@ module Spree
       it "adds an extra line item" do
         variant2 = create(:variant)
-        api_put :update, :id => order.to_param, :order => {
-          :line_items => {
-            "0" => { :id => line_item.id, :quantity => 10 },
-            "1" => { :variant_id => variant2.id, :quantity => 1}
+        api_put :update, id: order.to_param, order: {
+          line_items: {
+            "0" => { id: line_item.id, quantity: 10 },
+            "1" => { variant_id: variant2.id, quantity: 1 }
           }
         }
@@ -469,9 +448,9 @@ module Spree
       end
       it "cannot change the price of an existing line item" do
-        api_put :update, :id => order.to_param, :order => {
-          :line_items => {
-            0 => { :id => line_item.id, :price => 0 }
+        api_put :update, id: order.to_param, order: {
+          line_items: {
+            0 => { id: line_item.id, price: 0 }
           }
         }
@@ -482,7 +461,7 @@ module Spree
       end
       it "can add billing address" do
-        api_put :update, :id => order.to_param, :order => { :bill_address_attributes => billing_address }
+        api_put :update, id: order.to_param, order: { bill_address_attributes: billing_address }
         expect(order.reload.bill_address).to_not be_nil
       end
@@ -490,7 +469,7 @@ module Spree
       it "receives error message if trying to add billing address with errors" do
         billing_address[:firstname] = ""
-        api_put :update, :id => order.to_param, :order => { :bill_address_attributes => billing_address }
+        api_put :update, id: order.to_param, order: { bill_address_attributes: billing_address }
         expect(json_response['error']).not_to be_nil
         expect(json_response['errors']).not_to be_nil
@@ -501,7 +480,7 @@ module Spree
         order.update_attributes!(ship_address_id: nil)
         expect {
-          api_put :update, :id => order.to_param, :order => { :ship_address_attributes => shipping_address }
+          api_put :update, id: order.to_param, order: { ship_address_attributes: shipping_address }
         }.to change { order.reload.ship_address }.from(nil)
       end
@@ -510,7 +489,7 @@ module Spree
         shipping_address[:firstname] = ""
-        api_put :update, :id => order.to_param, :order => { :ship_address_attributes => shipping_address }
+        api_put :update, id: order.to_param, order: { ship_address_attributes: shipping_address }
         expect(json_response['error']).not_to be_nil
         expect(json_response['errors']).not_to be_nil
@@ -520,7 +499,7 @@ module Spree
       it "cannot set the user_id for the order" do
         user = Spree.user_class.create
         original_id = order.user_id
-        api_post :update, :id => order.to_param, :order => { user_id: user.id }
+        api_post :update, id: order.to_param, order: { user_id: user.id }
         expect(response.status).to eq 200
         expect(json_response["user_id"]).to eq(original_id)
       end
@@ -529,10 +508,9 @@ module Spree
         before { order.create_proposed_shipments }
         it "clears out all existing shipments on line item udpate" do
-          previous_shipments = order.shipments
-          api_put :update, :id => order.to_param, :order => {
-            :line_items => {
-              0 => { :id => line_item.id, :quantity => 10 }
+          api_put :update, id: order.to_param, order: {
+            line_items: {
+              0 => { id: line_item.id, quantity: 10 }
             }
           }
           expect(order.reload.shipments).to be_empty
@@ -544,7 +522,7 @@ module Spree
         it "can empty an order" do
           create(:adjustment, order: order, adjustable: order)
-          api_put :empty, :id => order.to_param
+          api_put :empty, id: order.to_param
           expect(response.status).to eq(204)
           order.reload
           expect(order.line_items).to be_empty
@@ -552,21 +530,21 @@ module Spree
         end
         it "can list its line items with images" do
-          order.line_items.first.variant.images.create!(:attachment => image("thinking-cat.jpg"))
+          order.line_items.first.variant.images.create!(attachment: image("thinking-cat.jpg"))
-          api_get :show, :id => order.to_param
+          api_get :show, id: order.to_param
           expect(json_response['line_items'].first['variant']).to have_attributes([:images])
         end
         it "lists variants product id" do
-          api_get :show, :id => order.to_param
+          api_get :show, id: order.to_param
           expect(json_response['line_items'].first['variant']).to have_attributes([:product_id])
         end
         it "includes the tax_total in the response" do
-          api_get :show, :id => order.to_param
+          api_get :show, id: order.to_param
           expect(json_response['included_tax_total']).to eq('0.0')
           expect(json_response['additional_tax_total']).to eq('0.0')
@@ -576,11 +554,11 @@ module Spree
         it "lists line item adjustments" do
           adjustment = create(:adjustment,
-            :label => "10% off!",
-            :order => order,
-            :adjustable => order.line_items.first)
+            label: "10% off!",
+            order: order,
+            adjustable: order.line_items.first)
           adjustment.update_column(:amount, 5)
-          api_get :show, :id => order.to_param
+          api_get :show, id: order.to_param
           adjustment = json_response['line_items'].first['adjustments'].first
           expect(adjustment['label']).to eq("10% off!")
@@ -589,7 +567,7 @@ module Spree
         it "lists payments source without gateway info" do
           order.payments.push payment = create(:payment)
-          api_get :show, :id => order.to_param
+          api_get :show, id: order.to_param
           source = json_response[:payments].first[:source]
           expect(source[:name]).to eq payment.source.name
@@ -597,8 +575,8 @@ module Spree
           expect(source[:last_digits]).to eq payment.source.last_digits
           expect(source[:month]).to eq payment.source.month
           expect(source[:year]).to eq payment.source.year
-          expect(source.has_key?(:gateway_customer_profile_id)).to be false
-          expect(source.has_key?(:gateway_payment_profile_id)).to be false
+          expect(source.key?(:gateway_customer_profile_id)).to be false
+          expect(source.key?(:gateway_payment_profile_id)).to be false
         end
         context "when in delivery" do
@@ -623,7 +601,7 @@ module Spree
           end
           it "returns available shipments for an order" do
-            api_get :show, :id => order.to_param
+            api_get :show, id: order.to_param
             expect(response.status).to eq(200)
             expect(json_response["shipments"]).not_to be_empty
             shipment = json_response["shipments"][0]
@@ -686,7 +664,7 @@ module Spree
       it "lists payments source with gateway info" do
         order.payments.push payment = create(:payment)
-        api_get :show, :id => order.to_param
+        api_get :show, id: order.to_param
         source = json_response[:payments].first[:source]
         expect(source[:name]).to eq payment.source.name
@@ -711,7 +689,7 @@ module Spree
         # Test for https://github.com/spree/spree/issues/1763
         it "can control the page size through a parameter" do
-          api_get :index, :per_page => 1
+          api_get :index, per_page: 1
           expect(json_response["orders"].count).to eq(1)
           expect(json_response["orders"].first).to have_attributes(attributes)
           expect(json_response["count"]).to eq(1)
@@ -729,7 +707,7 @@ module Spree
         let(:expected_result) { Spree::Order.last }
         it "can query the results through a parameter" do
-          api_get :index, :q => { :email_cont => 'spree' }
+          api_get :index, q: { email_cont: 'spree' }
           expect(json_response["orders"].count).to eq(1)
           expect(json_response["orders"].first).to have_attributes(attributes)
           expect(json_response["orders"].first["email"]).to eq(expected_result.email)
@@ -743,15 +721,14 @@ module Spree
         it "can create an order without any parameters" do
           api_post :create
           expect(response.status).to eq(201)
-          order = Order.last
           expect(json_response["state"]).to eq("cart")
         end
         it "can arbitrarily set the line items price" do
-          api_post :create, :order => {
-            :line_items => {
+          api_post :create, order: {
+            line_items: {
               "0" => {
-                :price => 33.0, :variant_id => variant.to_param, :quantity => 5
+                price: 33.0, variant_id: variant.to_param, quantity: 5
               }
             }
           }
@@ -761,7 +738,7 @@ module Spree
         it "can set the user_id for the order" do
           user = Spree.user_class.create
-          api_post :create, :order => { user_id: user.id }
+          api_post :create, order: { user_id: user.id }
           expect(response.status).to eq 201
           expect(json_response["user_id"]).to eq(user.id)
         end
@@ -770,7 +747,7 @@ module Spree
       context "updating" do
         it "can set the user_id for the order" do
           user = Spree.user_class.create
-          api_post :update, :id => order.number, :order => { user_id: user.id }
+          api_post :update, id: order.number, order: { user_id: user.id }
           expect(response.status).to eq 200
           expect(json_response["user_id"]).to eq(user.id)
         end
@@ -787,8 +764,9 @@ module Spree
         end
         specify do
-          api_put :cancel, :id => order.to_param
+          api_put :cancel, id: order.to_param
           expect(json_response["state"]).to eq("canceled")
+          expect(json_response["canceler_id"]).to eq(current_api_user.id)
         end
       end
     end
@@ -798,7 +776,7 @@ module Spree
       let(:promo_code) { promo.codes.first }
       before do
-        allow_any_instance_of(Order).to receive_messages :user => current_api_user
+        allow_any_instance_of(Order).to receive_messages user: current_api_user
       end
       context 'when successful' do
@@ -813,7 +791,7 @@ module Spree
             "success" => Spree.t(:coupon_code_applied),
             "error" => nil,
             "successful" => true,
-            "status_code" => "coupon_code_applied",
+            "status_code" => "coupon_code_applied"
           })
         end
       end
@@ -830,7 +808,7 @@ module Spree
             "success" => nil,
             "error" => Spree.t(:coupon_code_unknown_error),
             "successful" => false,
-            "status_code" => "coupon_code_unknown_error",
+            "status_code" => "coupon_code_unknown_error"
           })
         end
       end