solidus_api 2.1.0 → 2.1.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of solidus_api might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/app/controllers/spree/api/orders_controller.rb +12 -2
- data/app/controllers/spree/api/payments_controller.rb +1 -0
- data/spec/controllers/spree/api/checkouts_controller_spec.rb +13 -0
- data/spec/controllers/spree/api/orders_controller_spec.rb +52 -5
- data/spec/controllers/spree/api/payments_controller_spec.rb +11 -0
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1de6bd3074f0732a5a2981a9357923fdafeed688
|
4
|
+
data.tar.gz: f9c892017071238dd6677d65850650e104d179e8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c019fe80b3975012c74245da544d6ff96c13644ba271cd9ecfb34bdf993c09250d897a6ab255ade2a816cce55951ef21f8eb1c244991df9f95e2a8ef12f7a5dc
|
7
|
+
data.tar.gz: 663ae49c937ad78351ba05979a49504fa02d1925eb185b8c794ba7ae1fd76ec67f122f3e974639efb51d8780d1a10f43db9e5fb642f8a7fc333fbde1ba2922d0
|
@@ -27,8 +27,18 @@ module Spree
|
|
27
27
|
|
28
28
|
def create
|
29
29
|
authorize! :create, Order
|
30
|
-
|
31
|
-
|
30
|
+
|
31
|
+
if can?(:admin, Order)
|
32
|
+
@order = Spree::Core::Importer::Order.import(determine_order_user, order_params)
|
33
|
+
respond_with(@order, default_template: :show, status: 201)
|
34
|
+
else
|
35
|
+
@order = Spree::Order.create!(user: current_api_user, store: current_store)
|
36
|
+
if OrderUpdateAttributes.new(@order, order_params).apply
|
37
|
+
respond_with(@order, default_template: :show, status: 201)
|
38
|
+
else
|
39
|
+
invalid_resource!(@order)
|
40
|
+
end
|
41
|
+
end
|
32
42
|
end
|
33
43
|
|
34
44
|
def empty
|
@@ -163,6 +163,19 @@ module Spree
|
|
163
163
|
expect(response.status).to eq(200)
|
164
164
|
end
|
165
165
|
|
166
|
+
context "with disallowed payment method" do
|
167
|
+
it "returns not found" do
|
168
|
+
order.update_column(:state, "payment")
|
169
|
+
allow_any_instance_of(Spree::Gateway::Bogus).to receive(:source_required?).and_return(false)
|
170
|
+
@payment_method.update!(available_to_users: false)
|
171
|
+
expect {
|
172
|
+
api_put :update, id: order.to_param, order_token: order.guest_token, order: { payments_attributes: [{ payment_method_id: @payment_method.id }] }
|
173
|
+
}.not_to change { Spree::Payment.count }
|
174
|
+
expect(response.status).to eq(404)
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
178
|
+
|
166
179
|
it "returns errors when source is required and missing" do
|
167
180
|
order.update_column(:state, "payment")
|
168
181
|
api_put :update, id: order.to_param, order_token: order.guest_token,
|
@@ -32,8 +32,9 @@ module Spree
|
|
32
32
|
describe "POST create" do
|
33
33
|
let(:target_user) { create :user }
|
34
34
|
let(:date_override) { Time.parse('2015-01-01') }
|
35
|
+
let(:attributes) { { user_id: target_user.id, created_at: date_override, email: target_user.email } }
|
35
36
|
|
36
|
-
subject { api_post :create, order:
|
37
|
+
subject { api_post :create, order: attributes }
|
37
38
|
|
38
39
|
context "when the current user cannot administrate the order" do
|
39
40
|
stub_authorization! do |_|
|
@@ -42,12 +43,37 @@ module Spree
|
|
42
43
|
|
43
44
|
it "does not include unpermitted params, or allow overriding the user", focus: true do
|
44
45
|
subject
|
46
|
+
expect(response).to be_success
|
45
47
|
order = Spree::Order.last
|
46
48
|
expect(order.user).to eq current_api_user
|
47
49
|
expect(order.email).to eq target_user.email
|
48
50
|
end
|
49
51
|
|
50
52
|
it { is_expected.to be_success }
|
53
|
+
|
54
|
+
context 'creating payment' do
|
55
|
+
let(:attributes) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
|
56
|
+
|
57
|
+
context "with allowed payment method" do
|
58
|
+
let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
|
59
|
+
it { is_expected.to be_success }
|
60
|
+
it "creates a payment" do
|
61
|
+
expect {
|
62
|
+
subject
|
63
|
+
}.to change { Spree::Payment.count }.by(1)
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
context "with disallowed payment method" do
|
68
|
+
let!(:payment_method) { create(:check_payment_method, name: "forbidden", available_to_users: false) }
|
69
|
+
it { is_expected.to be_not_found }
|
70
|
+
it "creates no payments" do
|
71
|
+
expect {
|
72
|
+
subject
|
73
|
+
}.not_to change { Spree::Payment.count }
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
51
77
|
end
|
52
78
|
|
53
79
|
context "when the current user can administrate the order" do
|
@@ -97,6 +123,30 @@ module Spree
|
|
97
123
|
subject
|
98
124
|
}.to_not change{ order.reload.number }
|
99
125
|
end
|
126
|
+
|
127
|
+
context 'creating payment' do
|
128
|
+
let(:order_params) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
|
129
|
+
|
130
|
+
context "with allowed payment method" do
|
131
|
+
let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
|
132
|
+
it { is_expected.to be_success }
|
133
|
+
it "creates a payment" do
|
134
|
+
expect {
|
135
|
+
subject
|
136
|
+
}.to change { Spree::Payment.count }.by(1)
|
137
|
+
end
|
138
|
+
end
|
139
|
+
|
140
|
+
context "with disallowed payment method" do
|
141
|
+
let!(:payment_method) { create(:check_payment_method, name: "forbidden", available_to_users: false) }
|
142
|
+
it { is_expected.to be_not_found }
|
143
|
+
it "creates no payments" do
|
144
|
+
expect {
|
145
|
+
subject
|
146
|
+
}.not_to change { Spree::Payment.count }
|
147
|
+
end
|
148
|
+
end
|
149
|
+
end
|
100
150
|
end
|
101
151
|
|
102
152
|
context "when the user can administer the order" do
|
@@ -333,10 +383,7 @@ module Spree
|
|
333
383
|
|
334
384
|
# Regression test for https://github.com/spree/spree/issues/3404
|
335
385
|
it "can specify additional parameters for a line item" do
|
336
|
-
|
337
|
-
allow(order).to receive(:associate_user!)
|
338
|
-
allow(order).to receive_message_chain(:contents, :add).and_return(line_item = double('LineItem'))
|
339
|
-
expect(line_item).to receive(:update_attributes!).with(hash_including("special" => "foo"))
|
386
|
+
expect_any_instance_of(Spree::LineItem).to receive(:special=).with("foo")
|
340
387
|
|
341
388
|
allow(controller).to receive_messages(permitted_line_item_attributes: [:id, :variant_id, :quantity, :special])
|
342
389
|
api_post :create, order: {
|
@@ -45,6 +45,17 @@ module Spree
|
|
45
45
|
expect(response.status).to eq(201)
|
46
46
|
expect(json_response).to have_attributes(attributes)
|
47
47
|
end
|
48
|
+
|
49
|
+
context "disallowed payment method" do
|
50
|
+
it "does not create a new payment" do
|
51
|
+
PaymentMethod.first.update!(available_to_users: false)
|
52
|
+
|
53
|
+
expect {
|
54
|
+
api_post :create, payment: { payment_method_id: PaymentMethod.first.id, amount: 50 }
|
55
|
+
}.not_to change { Spree::Payment.count }
|
56
|
+
expect(response.status).to eq(404)
|
57
|
+
end
|
58
|
+
end
|
48
59
|
end
|
49
60
|
|
50
61
|
context "payment source is required" do
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: solidus_api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.1.
|
4
|
+
version: 2.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Solidus Team
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-12-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: solidus_core
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 2.1.
|
19
|
+
version: 2.1.1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 2.1.
|
26
|
+
version: 2.1.1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rabl
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -280,7 +280,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
280
280
|
version: 1.8.23
|
281
281
|
requirements: []
|
282
282
|
rubyforge_project:
|
283
|
-
rubygems_version: 2.6.
|
283
|
+
rubygems_version: 2.6.11
|
284
284
|
signing_key:
|
285
285
|
specification_version: 4
|
286
286
|
summary: REST API for the Solidus e-commerce framework.
|