solidus_api 2.10.1 → 2.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 37c6c38d0717708d6c9949df354f48f7c86c45a1f9a6100489959c566b1baa27
4
- data.tar.gz: a60e6f0ec9eeb721e3744527d4ca20ad5682889d20ac5d689af88eef5949d7c6
3
+ metadata.gz: b7afcbef6dfdc19f02d26c7b3e410f072dc0d6be5a5b7d476b64b3725b1b24b7
4
+ data.tar.gz: ac898e6b9d5df7e526a5cd9af63a240aed5e2ab46c7ac75ca583b0fb7eb599b1
5
5
  SHA512:
6
- metadata.gz: 705cef07a794cfce8a220a5a0010a70d7f6d6dd4740f0bc0c640002814581f0de14c99f57255c36d9fbedcee6d7bbdb80fefef88f9e4b392d732667c870585bb
7
- data.tar.gz: b019d1f77b2fe581040fc4978486e7338880d33cdad57c1ed9c824705bd699c659b36ece692aff9be6204385cc178a4ec20a089f5bbf1076abfb9c4adbd9e0a8
6
+ metadata.gz: ce175516b04998e778b53e3d1ae47fc1a04c2ef4146a68000bc8745d5e267e423054d0e96fb1b02a03fa26ac186210012b84b54fa7592d15df7cf4fcf8e8d39a
7
+ data.tar.gz: 197562fcd0ea03c6593c21bfb8cb6f8d2424c6ddc3b12cbbc5b83a501976fe724c448a341de063a630daa3cb0f1309687503f5f35ee27536ad4d0a715392c3ea
@@ -76,11 +76,24 @@ module Spree
76
76
  end
77
77
 
78
78
  def update_params
79
- if update_params = massaged_params[:order]
80
- update_params.permit(permitted_checkout_attributes)
79
+ state = @order.state
80
+ case state.to_sym
81
+ when :cart, :address
82
+ massaged_params.fetch(:order, {}).permit(
83
+ permitted_checkout_address_attributes
84
+ )
85
+ when :delivery
86
+ massaged_params.require(:order).permit(
87
+ permitted_checkout_delivery_attributes
88
+ )
89
+ when :payment
90
+ massaged_params.require(:order).permit(
91
+ permitted_checkout_payment_attributes
92
+ )
81
93
  else
82
- # We current allow update requests without any parameters in them.
83
- {}
94
+ massaged_params.fetch(:order, {}).permit(
95
+ permitted_checkout_confirm_attributes
96
+ )
84
97
  end
85
98
  end
86
99
 
@@ -130,7 +130,13 @@ module Spree
130
130
  end
131
131
 
132
132
  def normalize_params
133
- params[:order][:payments_attributes] = params[:order].delete(:payments) if params[:order][:payments]
133
+ if params[:order][:payments]
134
+ payments_params = params[:order].delete(:payments)
135
+ params[:order][:payments_attributes] = payments_params.map do |payment_params|
136
+ payment_params[:source_attributes] = payment_params.delete(:source) if payment_params[:source].present?
137
+ payment_params
138
+ end
139
+ end
134
140
  params[:order][:shipments_attributes] = params[:order].delete(:shipments) if params[:order][:shipments]
135
141
  params[:order][:line_items_attributes] = params[:order].delete(:line_items) if params[:order][:line_items]
136
142
  params[:order][:ship_address_attributes] = params[:order].delete(:ship_address) if params[:order][:ship_address].present?
@@ -545,7 +545,7 @@ paths:
545
545
  - Variants
546
546
  security:
547
547
  - api-key: []
548
- post:
548
+ put:
549
549
  responses:
550
550
  '200':
551
551
  description: ''
@@ -4264,7 +4264,7 @@ paths:
4264
4264
  type: string
4265
4265
  required: true
4266
4266
  '/shipments/{shipment_number}/select_shipping_method':
4267
- get:
4267
+ put:
4268
4268
  responses:
4269
4269
  '200':
4270
4270
  description: ''
@@ -4553,10 +4553,13 @@ paths:
4553
4553
  - Products
4554
4554
  parameters:
4555
4555
  - in: query
4556
- name: taxon_id
4556
+ name: id
4557
4557
  type: integer
4558
4558
  - $ref: '#/parameters/page'
4559
4559
  - $ref: '#/parameters/per_page'
4560
+ - type: boolean
4561
+ in: query
4562
+ name: simple
4560
4563
  security:
4561
4564
  - api-key: []
4562
4565
  schemes:
@@ -172,6 +172,7 @@ module Spree
172
172
  end
173
173
 
174
174
  describe 'setting the payment amount' do
175
+ let(:order) { create(:order_with_line_items, state: :payment) }
175
176
  let(:params) do
176
177
  {
177
178
  order_token: order.guest_token,
@@ -322,17 +323,44 @@ module Spree
322
323
  end
323
324
  end
324
325
 
326
+ it "cannot update attributes of another step" do
327
+ order.update_column(:state, "payment")
328
+
329
+ params = {
330
+ order_token: order.guest_token,
331
+ order: {
332
+ payments_attributes: [
333
+ {
334
+ payment_method_id: @payment_method.id.to_s,
335
+ source_attributes: attributes_for(:credit_card)
336
+ }
337
+ ],
338
+ ship_address_attributes: {
339
+ zipcode: 'MALICIOUS ZIPCODE'
340
+ }
341
+ }
342
+ }
343
+ expect do
344
+ put spree.api_checkout_path(order), params: params
345
+ end.not_to change { order.reload.ship_address.zipcode }
346
+ expect(response.status).to eq(200)
347
+ end
348
+
325
349
  it "returns the order if the order is already complete" do
326
350
  order.update_columns(completed_at: Time.current, state: 'complete')
327
351
  put spree.api_checkout_path(order.to_param), params: { order_token: order.guest_token }
328
352
  assert_unauthorized!
329
353
  end
330
354
 
331
- # Regression test for https://github.com/spree/spree/issues/3784
332
- it "can update the special instructions for an order" do
333
- instructions = "Don't drop it. (Please)"
334
- put spree.api_checkout_path(order.to_param), params: { order_token: order.guest_token, order: { special_instructions: instructions } }
335
- expect(json_response['special_instructions']).to eql(instructions)
355
+ context "in delivery state" do
356
+ let(:order) { create(:order_with_line_items, state: :delivery) }
357
+
358
+ # Regression test for https://github.com/spree/spree/issues/3784
359
+ it "can update the special instructions for an order" do
360
+ instructions = "Don't drop it. (Please)"
361
+ put spree.api_checkout_path(order.to_param), params: { order_token: order.guest_token, order: { special_instructions: instructions } }
362
+ expect(json_response['special_instructions']).to eql(instructions)
363
+ end
336
364
  end
337
365
 
338
366
  context "as an admin" do
@@ -156,6 +156,7 @@ module Spree
156
156
  end
157
157
 
158
158
  context 'creating payment' do
159
+ let!(:order) { create(:order_with_line_items) }
159
160
  let(:order_params) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
160
161
 
161
162
  context "with allowed payment method" do
@@ -166,6 +167,28 @@ module Spree
166
167
  subject
167
168
  }.to change { Spree::Payment.count }.by(1)
168
169
  end
170
+
171
+ context 'trying to change the address' do
172
+ let(:order_params) do
173
+ super().merge(
174
+ ship_address_attributes: {
175
+ zipcode: '90100'
176
+ }
177
+ )
178
+ end
179
+
180
+ it 'changes the address' do
181
+ expect {
182
+ subject
183
+ }.to change { order.reload.ship_address.zipcode }
184
+ end
185
+
186
+ it 'invalidates the shipments' do
187
+ expect {
188
+ subject
189
+ }.to change { order.reload.shipments }.to([])
190
+ end
191
+ end
169
192
  end
170
193
 
171
194
  context "with disallowed payment method" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: solidus_api
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.10.1
4
+ version: 2.10.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Solidus Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-14 00:00:00.000000000 Z
11
+ date: 2020-07-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jbuilder
@@ -58,14 +58,14 @@ dependencies:
58
58
  requirements:
59
59
  - - '='
60
60
  - !ruby/object:Gem::Version
61
- version: 2.10.1
61
+ version: 2.10.2
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - '='
67
67
  - !ruby/object:Gem::Version
68
- version: 2.10.1
68
+ version: 2.10.2
69
69
  description: REST API for the Solidus e-commerce framework.
70
70
  email: contact@solidus.io
71
71
  executables: []