solidus_api 2.0.3 → 2.1.0.beta1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 78fbd4104f28d1ed8a435048a2ee5eb5028447e7
-  data.tar.gz: 75f60c3749c6be95085b9a9c0f97c46329cb6067
+  metadata.gz: d202cbb2d66a818ad824e739704be52b81f63d48
+  data.tar.gz: da186de43c9f9021a1a35c5ad3b4addb89fbac5f
 SHA512:
-  metadata.gz: c6f8c12cfcf3b7a8ea41c49d6e97b1cfe53057fdd9b848902abfd7e6e0a9bcdabc8fa64bb4724b17f522794d5405a0d6563ffb04d67044f3af4a4db675734c0f
-  data.tar.gz: 38cc8c501733db05e285e01c309f3ea5c5a0fa9050c4578d9bc42548853e26cabf4ba51a37d12d4b81106336f0edb88d0fe2366e2553c01413da1c3cbceb8bf6
+  metadata.gz: ea88be5b89fd4e8ab09210ad1a08c8900255492134bf6e072cef9bdb0f2e610bce615f2f622f6c22be9f43fddf3a83657575845e9afc15c576f64a6bb6ac7363
+  data.tar.gz: 1e7bf9f59a65a1df20263f901cafd1793f50cabd4157ef2baf51fa94d24d586abbef35b5881ad343ce87089043360df09a4b5c5e2f98bcc378d92940c0f2fb66

data/app/controllers/spree/api/base_controller.rb

@@ -161,6 +161,16 @@ module Spree
           status: 422
         )
       end
+
+      def paginate(resource)
+        resource.
+          page(params[:page]).
+          per(params[:per_page] || default_per_page)
+      end
+
+      def default_per_page
+        Kaminari.config.default_per_page
+      end
     end
   end
 end

data/app/controllers/spree/api/countries_controller.rb

@@ -4,11 +4,16 @@ module Spree
       skip_before_action :authenticate_user
 
       def index
-        @countries = Country.accessible_by(current_ability, :read).ransack(params[:q]).result.
-                     includes(:states).order('name ASC').
-                     page(params[:page]).per(params[:per_page])
+        @countries = Country.
+          accessible_by(current_ability, :read).
+          ransack(params[:q]).
+          result.
+          order('name ASC')
+
         country = Country.order("updated_at ASC").last
+
         if stale?(country)
+          @countries = paginate(@countries)
           respond_with(@countries)
         end
       end

data/app/controllers/spree/api/credit_cards_controller.rb

@@ -9,7 +9,9 @@ module Spree
           .credit_cards
           .accessible_by(current_ability, :read)
           .with_payment_profile
-          .ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+          .ransack(params[:q]).result
+
+        @credit_cards = paginate(@credit_cards)
         respond_with(@credit_cards)
       end
 

data/app/controllers/spree/api/orders_controller.rb

@@ -27,18 +27,8 @@ module Spree
 
       def create
         authorize! :create, Order
-
-        if can?(:admin, Order)
-          @order = Spree::Core::Importer::Order.import(determine_order_user, order_params)
-          respond_with(@order, default_template: :show, status: 201)
-        else
-          @order = Spree::Order.create!(user: current_api_user, store: current_store)
-          if OrderUpdateAttributes.new(@order, order_params).apply
-            respond_with(@order, default_template: :show, status: 201)
-          else
-            invalid_resource!(@order)
-          end
-        end
+        @order = Spree::Core::Importer::Order.import(determine_order_user, order_params)
+        respond_with(@order, default_template: :show, status: 201)
       end
 
       def empty
@@ -49,7 +39,7 @@ module Spree
 
       def index
         authorize! :index, Order
-        @orders = Order.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+        @orders = paginate(Order.ransack(params[:q]).result)
         respond_with(@orders)
       end
 
@@ -82,7 +72,8 @@ module Spree
 
       def mine
         if current_api_user
-          @orders = current_api_user.orders.by_store(current_store).reverse_chronological.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+          @orders = current_api_user.orders.by_store(current_store).reverse_chronological.ransack(params[:q]).result
+          @orders = paginate(@orders)
         else
           render "spree/api/errors/unauthorized", status: :unauthorized
         end

data/app/controllers/spree/api/payments_controller.rb

@@ -6,17 +6,16 @@ module Spree
       before_action :find_payment, only: [:update, :show, :authorize, :purchase, :capture, :void, :credit]
 
       def index
-        @payments = @order.payments.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+        @payments = paginate(@order.payments.ransack(params[:q]).result)
         respond_with(@payments)
       end
 
       def new
-        @payment_methods = Spree::PaymentMethod.available
+        @payment_methods = Spree::PaymentMethod.available_to_users.available_to_admin
         respond_with(@payment_method)
       end
 
       def create
-        @order.validate_payments_attributes(payment_params)
         @payment = PaymentCreate.new(@order, payment_params).build
         if @payment.save
           respond_with(@payment, status: 201, default_template: :show)

data/app/controllers/spree/api/product_properties_controller.rb

@@ -5,9 +5,14 @@ module Spree
       before_action :product_property, only: [:show, :update, :destroy]
 
       def index
-        @product_properties = @product.product_properties.accessible_by(current_ability, :read).
-                              ransack(params[:q]).result.
-                              page(params[:page]).per(params[:per_page])
+        @product_properties = @product.
+          product_properties.
+          accessible_by(current_ability, :read).
+          ransack(params[:q]).
+          result
+
+        @product_properties = paginate(@product_properties)
+
         respond_with(@product_properties)
       end
 

data/app/controllers/spree/api/products_controller.rb

@@ -9,7 +9,7 @@ module Spree
           @products = product_scope.ransack(params[:q]).result
         end
 
-        @products = @products.distinct.page(params[:page]).per(params[:per_page])
+        @products = paginate(@products.distinct)
         expires_in 15.minutes, public: true
         headers['Surrogate-Control'] = "max-age=#{15.minutes}"
         respond_with(@products)

data/app/controllers/spree/api/properties_controller.rb

@@ -13,7 +13,7 @@ module Spree
           @properties = @properties.ransack(params[:q]).result
         end
 
-        @properties = @properties.page(params[:page]).per(params[:per_page])
+        @properties = paginate(@properties)
         respond_with(@properties)
       end
 

data/app/controllers/spree/api/resource_controller.rb

@@ -10,7 +10,7 @@ class Spree::Api::ResourceController < Spree::Api::BaseController
       collection_scope = collection_scope.ransack(params[:q]).result
     end
 
-    @collection = collection_scope.page(params[:page]).per(params[:per_page])
+    @collection = paginate(collection_scope)
     instance_variable_set("@#{controller_name}", @collection)
 
     respond_with(@collection)

data/app/controllers/spree/api/return_authorizations_controller.rb

@@ -24,9 +24,15 @@ module Spree
 
       def index
         authorize! :admin, ReturnAuthorization
-        @return_authorizations = @order.return_authorizations.accessible_by(current_ability, :read).
-                                 ransack(params[:q]).result.
-                                 page(params[:page]).per(params[:per_page])
+
+        @return_authorizations = @order.
+          return_authorizations.
+          accessible_by(current_ability, :read).
+          ransack(params[:q]).
+          result
+
+        @return_authorizations = paginate(@return_authorizations)
+
         respond_with(@return_authorizations)
       end
 

data/app/controllers/spree/api/shipments_controller.rb

@@ -14,7 +14,9 @@ module Spree
             .joins(:order)
             .where(spree_orders: { user_id: current_api_user.id })
             .includes(mine_includes)
-            .ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+            .ransack(params[:q]).result
+
+          @shipments = paginate(@shipments)
         else
           render "spree/api/errors/unauthorized", status: :unauthorized
         end

data/app/controllers/spree/api/states_controller.rb

@@ -8,7 +8,7 @@ module Spree
                     includes(:country).order('name ASC')
 
         if params[:page] || params[:per_page]
-          @states = @states.page(params[:page]).per(params[:per_page])
+          @states = paginate(@states)
         end
 
         respond_with(@states)

data/app/controllers/spree/api/stock_items_controller.rb

@@ -4,7 +4,7 @@ module Spree
       before_action :load_stock_location, only: [:index, :show, :create]
 
       def index
-        @stock_items = scope.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+        @stock_items = paginate(scope.ransack(params[:q]).result)
         respond_with(@stock_items)
       end
 

data/app/controllers/spree/api/stock_locations_controller.rb

@@ -3,7 +3,15 @@ module Spree
     class StockLocationsController < Spree::Api::BaseController
       def index
         authorize! :read, StockLocation
-        @stock_locations = StockLocation.accessible_by(current_ability, :read).order('name ASC').ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+
+        @stock_locations = StockLocation.
+          accessible_by(current_ability, :read).
+          order('name ASC').
+          ransack(params[:q]).
+          result
+
+        @stock_locations = paginate(@stock_locations)
+
         respond_with(@stock_locations)
       end
 

data/app/controllers/spree/api/stock_movements_controller.rb

@@ -5,7 +5,7 @@ module Spree
 
       def index
         authorize! :read, StockMovement
-        @stock_movements = scope.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+        @stock_movements = paginate(scope.ransack(params[:q]).result)
         respond_with(@stock_movements)
       end
 

data/app/controllers/spree/api/store_credit_events_controller.rb

@@ -1,7 +1,9 @@
 class Spree::Api::StoreCreditEventsController < Spree::Api::BaseController
   def mine
     if current_api_user
-      @store_credit_events = current_api_user.store_credit_events.exposed_events.page(params[:page]).per(params[:per_page]).reverse_chronological
+      @store_credit_events = paginate(
+        current_api_user.store_credit_events.exposed_events
+      ).reverse_chronological
     else
       render "spree/api/errors/unauthorized", status: :unauthorized
     end

data/app/controllers/spree/api/taxonomies_controller.rb

@@ -2,7 +2,8 @@ module Spree
   module Api
     class TaxonomiesController < Spree::Api::BaseController
       def index
-        respond_with(taxonomies)
+        @taxonomies = paginate(taxonomies)
+        respond_with(@taxonomies)
       end
 
       def new
@@ -45,9 +46,12 @@ module Spree
       private
 
       def taxonomies
-        @taxonomies = Taxonomy.accessible_by(current_ability, :read).order('name').includes(root: :children).
-                      ransack(params[:q]).result.
-                      page(params[:page]).per(params[:per_page])
+        @taxonomies = Taxonomy.
+          accessible_by(current_ability, :read).
+          order('name').
+          includes(root: :children).
+          ransack(params[:q]).
+          result
       end
 
       def taxonomy

data/app/controllers/spree/api/taxons_controller.rb

@@ -10,7 +10,7 @@ module Spree
           @taxons = Spree::Taxon.accessible_by(current_ability, :read).order(:taxonomy_id, :lft).ransack(params[:q]).result
         end
 
-        @taxons = @taxons.page(params[:page]).per(params[:per_page])
+        @taxons = paginate(@taxons)
         respond_with(@taxons)
       end
 
@@ -65,13 +65,27 @@ module Spree
         # Returns the products sorted by their position with the classification
         # Products#index does not do the sorting.
         taxon = Spree::Taxon.find(params[:id])
-        @products = taxon.products.ransack(params[:q]).result
-        @products = @products.page(params[:page]).per(params[:per_page] || 500)
+        @products = paginate(taxon.products.ransack(params[:q]).result)
+        @products = @products.includes(master: :default_price)
+
+        if params[:simple]
+          @exclude_data = {
+            variants: true,
+            option_types: true,
+            product_properties: true,
+            classifications: true
+          }
+          @product_attributes = %i(id name display_price)
+        end
         render "spree/api/products/index"
       end
 
       private
 
+      def default_per_page
+        500
+      end
+
       def taxonomy
         if params[:taxonomy_id].present?
           @taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :read).find(params[:taxonomy_id])

data/app/controllers/spree/api/variants_controller.rb

@@ -24,7 +24,9 @@ module Spree
       # or removed from the views.
       def index
         @variants = scope.includes({ option_values: :option_type }, :product, :default_price, :images, { stock_items: :stock_location })
-          .ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+          .ransack(params[:q]).result
+
+        @variants = paginate(@variants)
         respond_with(@variants)
       end
 

data/app/controllers/spree/api/zones_controller.rb

@@ -18,7 +18,14 @@ module Spree
       end
 
       def index
-        @zones = Zone.accessible_by(current_ability, :read).order('name ASC').ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
+        @zones = Zone.
+          accessible_by(current_ability, :read).
+          order('name ASC').
+          ransack(params[:q]).
+          result
+
+        @zones = paginate(@zones)
+
         respond_with(@zones)
       end
 

data/app/views/spree/api/products/index.v1.rabl

@@ -1,5 +1,5 @@
 object false
-node(:count) { @products.count }
+node(:count) { @products.size }
 node(:total_count) { @products.total_count }
 node(:current_page) { @products.current_page }
 node(:per_page) { @products.limit_value }

data/app/views/spree/api/products/show.v1.rabl

@@ -1,31 +1,42 @@
 object @product
 cache [I18n.locale, @current_user_roles.include?('admin'), current_pricing_options, root_object]
 
-attributes *product_attributes
+@product_attributes ||= product_attributes
+attributes(*@product_attributes)
 
 node(:display_price) { |p| p.display_price.to_s }
-node(:has_variants) { |p| p.has_variants? }
 
-child :master => :master do
-  extends "spree/api/variants/small"
-end
+@exclude_data ||= {}
+unless @exclude_data[:variants]
+  node(:has_variants) { |p| p.has_variants? }
+
+  child :master => :master do
+    extends "spree/api/variants/small"
+  end
 
-child :variants => :variants do
-  extends "spree/api/variants/small"
+  child :variants => :variants do
+    extends "spree/api/variants/small"
+  end
 end
 
-child :option_types => :option_types do
-  attributes *option_type_attributes
+unless @exclude_data[:option_types]
+  child :option_types => :option_types do
+    attributes(*option_type_attributes)
+  end
 end
 
-child :product_properties => :product_properties do
-  attributes *product_property_attributes
+unless @exclude_data[:product_properties]
+  child :product_properties => :product_properties do
+    attributes(*product_property_attributes)
+  end
 end
 
-child :classifications => :classifications do
-  attributes :taxon_id, :position
+unless @exclude_data[:classifications]
+  child :classifications => :classifications do
+    attributes :taxon_id, :position
 
-  child(:taxon) do
-    extends "spree/api/taxons/show"
+    child(:taxon) do
+      extends "spree/api/taxons/show"
+    end
   end
 end

data/solidus_api.gemspec

@@ -5,6 +5,7 @@ Gem::Specification.new do |gem|
   gem.author        = 'Solidus Team'
   gem.email         = 'contact@solidus.io'
   gem.homepage      = 'http://solidus.io/'
+  gem.license       = 'BSD-3-Clause'
 
   gem.summary       = 'REST API for the Solidus e-commerce framework.'
   gem.description   = gem.summary
@@ -16,6 +17,9 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.version = Spree.solidus_version
 
+  gem.required_ruby_version = '>= 2.2.2'
+  gem.required_rubygems_version = '>= 1.8.23'
+
   gem.add_dependency 'solidus_core', gem.version
   gem.add_dependency 'rabl', '0.13.0' # FIXME: update for proper rails 5 support
   gem.add_dependency 'versioncake', '~> 3.0'

data/spec/controllers/spree/api/checkouts_controller_spec.rb

@@ -163,19 +163,6 @@ module Spree
         expect(response.status).to eq(200)
       end
 
-      context "with disallowed payment method" do
-        it "returns not found" do
-          order.update_column(:state, "payment")
-          allow_any_instance_of(Spree::Gateway::Bogus).to receive(:source_required?).and_return(false)
-          @payment_method.update!(display_on: "back_end")
-          expect {
-            api_put :update, id: order.to_param, order_token: order.guest_token, order: { payments_attributes: [{ payment_method_id: @payment_method.id }] }
-          }.not_to change { Spree::Payment.count }
-          expect(response.status).to eq(404)
-        end
-      end
-
-
       it "returns errors when source is required and missing" do
         order.update_column(:state, "payment")
         api_put :update, id: order.to_param, order_token: order.guest_token,

data/spec/controllers/spree/api/orders_controller_spec.rb

@@ -32,9 +32,8 @@ module Spree
     describe "POST create" do
       let(:target_user) { create :user }
       let(:date_override) { Time.parse('2015-01-01') }
-      let(:attributes) { { user_id: target_user.id, created_at: date_override, email: target_user.email } }
 
-      subject { api_post :create, order: attributes }
+      subject { api_post :create, order: { user_id: target_user.id, created_at: date_override, email: target_user.email } }
 
       context "when the current user cannot administrate the order" do
         stub_authorization! do |_|
@@ -43,37 +42,12 @@ module Spree
 
         it "does not include unpermitted params, or allow overriding the user", focus: true do
           subject
-          expect(response).to be_success
           order = Spree::Order.last
           expect(order.user).to eq current_api_user
           expect(order.email).to eq target_user.email
         end
 
         it { is_expected.to be_success }
-
-        context 'creating payment' do
-          let(:attributes) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
-
-          context "with allowed payment method" do
-            let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
-            it { is_expected.to be_success }
-            it "creates a payment" do
-              expect {
-                subject
-              }.to change { Spree::Payment.count }.by(1)
-            end
-          end
-
-          context "with disallowed payment method" do
-            let!(:payment_method) { create(:check_payment_method, name: "forbidden", display_on: "back_end") }
-            it { is_expected.to be_not_found }
-            it "creates no payments" do
-              expect {
-                subject
-              }.not_to change { Spree::Payment.count }
-            end
-          end
-        end
       end
 
       context "when the current user can administrate the order" do
@@ -123,30 +97,6 @@ module Spree
             subject
           }.to_not change{ order.reload.number }
         end
-
-        context 'creating payment' do
-          let(:order_params) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
-
-          context "with allowed payment method" do
-            let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
-            it { is_expected.to be_success }
-            it "creates a payment" do
-              expect {
-                subject
-              }.to change { Spree::Payment.count }.by(1)
-            end
-          end
-
-          context "with disallowed payment method" do
-            let!(:payment_method) { create(:check_payment_method, name: "forbidden", display_on: "back_end") }
-            it { is_expected.to be_not_found }
-            it "creates no payments" do
-              expect {
-                subject
-              }.not_to change { Spree::Payment.count }
-            end
-          end
-        end
       end
 
       context "when the user can administer the order" do
@@ -383,7 +333,10 @@ module Spree
 
     # Regression test for https://github.com/spree/spree/issues/3404
     it "can specify additional parameters for a line item" do
-      expect_any_instance_of(Spree::LineItem).to receive(:special=).with("foo")
+      expect(Order).to receive(:create!).and_return(order = Spree::Order.new)
+      allow(order).to receive(:associate_user!)
+      allow(order).to receive_message_chain(:contents, :add).and_return(line_item = double('LineItem'))
+      expect(line_item).to receive(:update_attributes!).with(hash_including("special" => "foo"))
 
       allow(controller).to receive_messages(permitted_line_item_attributes: [:id, :variant_id, :quantity, :special])
       api_post :create, order: {

data/spec/controllers/spree/api/payments_controller_spec.rb

@@ -45,17 +45,6 @@ module Spree
             expect(response.status).to eq(201)
             expect(json_response).to have_attributes(attributes)
           end
-
-          context "disallowed payment method" do
-            it "does not create a new payment" do
-              PaymentMethod.first.update!(display_on: "back_end")
-
-              expect {
-                api_post :create, payment: { payment_method_id: PaymentMethod.first.id, amount: 50 }
-              }.not_to change { Spree::Payment.count }
-              expect(response.status).to eq(404)
-            end
-          end
         end
 
         context "payment source is required" do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: solidus_api
 version: !ruby/object:Gem::Version
-  version: 2.0.3
+  version: 2.1.0.beta1
 platform: ruby
 authors:
 - Solidus Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-12-12 00:00:00.000000000 Z
+date: 2016-12-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: solidus_core
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.3
+        version: 2.1.0.beta1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.0.3
+        version: 2.1.0.beta1
 - !ruby/object:Gem::Dependency
   name: rabl
   requirement: !ruby/object:Gem::Requirement
@@ -261,7 +261,8 @@ files:
 - spec/test_views/spree/api/widgets/new.v1.rabl
 - spec/test_views/spree/api/widgets/show.v1.rabl
 homepage: http://solidus.io/
-licenses: []
+licenses:
+- BSD-3-Clause
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -271,15 +272,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.2.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.8.23
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: REST API for the Solidus e-commerce framework.