solidus_api 2.10.1 → 2.11.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/app/controllers/spree/api/addresses_controller.rb +1 -1
- data/app/controllers/spree/api/base_controller.rb +11 -3
- data/app/controllers/spree/api/checkouts_controller.rb +18 -15
- data/app/controllers/spree/api/countries_controller.rb +2 -2
- data/app/controllers/spree/api/credit_cards_controller.rb +2 -2
- data/app/controllers/spree/api/customer_returns_controller.rb +67 -0
- data/app/controllers/spree/api/images_controller.rb +4 -4
- data/app/controllers/spree/api/inventory_units_controller.rb +1 -1
- data/app/controllers/spree/api/option_types_controller.rb +3 -3
- data/app/controllers/spree/api/option_values_controller.rb +2 -2
- data/app/controllers/spree/api/orders_controller.rb +8 -2
- data/app/controllers/spree/api/payments_controller.rb +1 -1
- data/app/controllers/spree/api/product_properties_controller.rb +9 -14
- data/app/controllers/spree/api/promotions_controller.rb +3 -12
- data/app/controllers/spree/api/properties_controller.rb +3 -3
- data/app/controllers/spree/api/resource_controller.rb +2 -2
- data/app/controllers/spree/api/return_authorizations_controller.rb +3 -3
- data/app/controllers/spree/api/shipments_controller.rb +1 -1
- data/app/controllers/spree/api/states_controller.rb +3 -3
- data/app/controllers/spree/api/stock_items_controller.rb +2 -2
- data/app/controllers/spree/api/stock_locations_controller.rb +3 -3
- data/app/controllers/spree/api/stock_movements_controller.rb +3 -3
- data/app/controllers/spree/api/stores_controller.rb +3 -3
- data/app/controllers/spree/api/taxonomies_controller.rb +2 -2
- data/app/controllers/spree/api/taxons_controller.rb +4 -4
- data/app/controllers/spree/api/users_controller.rb +13 -0
- data/app/controllers/spree/api/variants_controller.rb +3 -3
- data/app/controllers/spree/api/zones_controller.rb +2 -2
- data/app/helpers/spree/api/api_helpers.rb +18 -5
- data/app/views/spree/api/customer_returns/index.json.jbuilder +6 -0
- data/app/views/spree/api/customer_returns/new.json.jbuilder +4 -0
- data/app/views/spree/api/customer_returns/show.json.jbuilder +3 -0
- data/app/views/spree/api/errors/could_not_transition.json.jbuilder +4 -0
- data/app/views/spree/api/orders/could_not_transition.json.jbuilder +5 -0
- data/config/locales/en.yml +2 -0
- data/config/routes.rb +6 -3
- data/lib/spree/api/testing_support/helpers.rb +11 -2
- data/openapi/authentication.md +9 -1
- data/openapi/checkout-flow.md +17 -4
- data/openapi/main.hub.yml +1 -1
- data/openapi/solidus-api.oas.yml +6753 -0
- data/solidus_api.gemspec +19 -19
- metadata +17 -117
- data/openapi/api.oas2.yml +0 -6105
- data/script/rails +0 -10
- data/spec/controllers/spree/api/base_controller_spec.rb +0 -118
- data/spec/controllers/spree/api/resource_controller_spec.rb +0 -190
- data/spec/features/checkout_spec.rb +0 -192
- data/spec/fixtures/thinking-cat.jpg +0 -0
- data/spec/lib/spree_api_responders_spec.rb +0 -10
- data/spec/models/spree/legacy_user_spec.rb +0 -103
- data/spec/requests/api/address_books_spec.rb +0 -240
- data/spec/requests/jbuilder_cache_spec.rb +0 -34
- data/spec/requests/ransackable_attributes_spec.rb +0 -79
- data/spec/requests/spree/api/addresses_controller_spec.rb +0 -57
- data/spec/requests/spree/api/checkouts_controller_spec.rb +0 -456
- data/spec/requests/spree/api/classifications_controller_spec.rb +0 -50
- data/spec/requests/spree/api/config_controller_spec.rb +0 -26
- data/spec/requests/spree/api/countries_controller_spec.rb +0 -48
- data/spec/requests/spree/api/coupon_codes_controller_spec.rb +0 -105
- data/spec/requests/spree/api/credit_cards_controller_spec.rb +0 -105
- data/spec/requests/spree/api/images_controller_spec.rb +0 -99
- data/spec/requests/spree/api/inventory_units_controller_spec.rb +0 -55
- data/spec/requests/spree/api/line_items_controller_spec.rb +0 -213
- data/spec/requests/spree/api/option_types_controller_spec.rb +0 -116
- data/spec/requests/spree/api/option_values_controller_spec.rb +0 -138
- data/spec/requests/spree/api/orders_controller_spec.rb +0 -931
- data/spec/requests/spree/api/payments_controller_spec.rb +0 -259
- data/spec/requests/spree/api/product_properties_controller_spec.rb +0 -114
- data/spec/requests/spree/api/products_controller_spec.rb +0 -422
- data/spec/requests/spree/api/promotion_application_spec.rb +0 -50
- data/spec/requests/spree/api/promotions_controller_spec.rb +0 -67
- data/spec/requests/spree/api/properties_controller_spec.rb +0 -102
- data/spec/requests/spree/api/return_authorizations_controller_spec.rb +0 -180
- data/spec/requests/spree/api/shipments_controller_spec.rb +0 -532
- data/spec/requests/spree/api/states_controller_spec.rb +0 -69
- data/spec/requests/spree/api/stock_items_controller_spec.rb +0 -311
- data/spec/requests/spree/api/stock_locations_controller_spec.rb +0 -170
- data/spec/requests/spree/api/stock_movements_controller_spec.rb +0 -81
- data/spec/requests/spree/api/store_credit_events_controller_spec.rb +0 -59
- data/spec/requests/spree/api/stores_controller_spec.rb +0 -134
- data/spec/requests/spree/api/taxonomies_controller_spec.rb +0 -114
- data/spec/requests/spree/api/taxons_controller_spec.rb +0 -217
- data/spec/requests/spree/api/unauthenticated_products_controller_spec.rb +0 -27
- data/spec/requests/spree/api/users_controller_spec.rb +0 -151
- data/spec/requests/spree/api/variants_controller_spec.rb +0 -340
- data/spec/requests/spree/api/zones_controller_spec.rb +0 -89
- data/spec/shared_examples/protect_product_actions.rb +0 -18
- data/spec/spec_helper.rb +0 -73
- data/spec/support/be_paginated_matcher.rb +0 -9
- data/spec/support/controller_hacks.rb +0 -43
- data/spec/support/database_cleaner.rb +0 -16
- data/spec/support/have_attributes_matcher.rb +0 -11
- data/spec/test_views/spree/api/widgets/_widget.json.jbuilder +0 -3
- data/spec/test_views/spree/api/widgets/index.json.jbuilder +0 -9
- data/spec/test_views/spree/api/widgets/new.json.jbuilder +0 -3
- data/spec/test_views/spree/api/widgets/show.json.jbuilder +0 -3
|
@@ -6,7 +6,7 @@ module Spree
|
|
|
6
6
|
before_action :find_property, only: [:show, :update, :destroy]
|
|
7
7
|
|
|
8
8
|
def index
|
|
9
|
-
@properties = Spree::Property.accessible_by(current_ability
|
|
9
|
+
@properties = Spree::Property.accessible_by(current_ability)
|
|
10
10
|
|
|
11
11
|
if params[:ids]
|
|
12
12
|
ids = params[:ids].split(",").flatten
|
|
@@ -59,9 +59,9 @@ module Spree
|
|
|
59
59
|
private
|
|
60
60
|
|
|
61
61
|
def find_property
|
|
62
|
-
@property = Spree::Property.accessible_by(current_ability, :
|
|
62
|
+
@property = Spree::Property.accessible_by(current_ability, :show).find(params[:id])
|
|
63
63
|
rescue ActiveRecord::RecordNotFound
|
|
64
|
-
@property = Spree::Property.accessible_by(current_ability, :
|
|
64
|
+
@property = Spree::Property.accessible_by(current_ability, :show).find_by!(name: params[:id])
|
|
65
65
|
end
|
|
66
66
|
|
|
67
67
|
def property_params
|
|
@@ -4,7 +4,7 @@ class Spree::Api::ResourceController < Spree::Api::BaseController
|
|
|
4
4
|
before_action :load_resource, only: [:show, :update, :destroy]
|
|
5
5
|
|
|
6
6
|
def index
|
|
7
|
-
collection_scope = model_class.accessible_by(current_ability
|
|
7
|
+
collection_scope = model_class.accessible_by(current_ability)
|
|
8
8
|
if params[:ids]
|
|
9
9
|
ids = params[:ids].split(",").flatten
|
|
10
10
|
collection_scope = collection_scope.where(id: ids)
|
|
@@ -65,7 +65,7 @@ class Spree::Api::ResourceController < Spree::Api::BaseController
|
|
|
65
65
|
protected
|
|
66
66
|
|
|
67
67
|
def load_resource
|
|
68
|
-
@object = model_class.accessible_by(current_ability, :
|
|
68
|
+
@object = model_class.accessible_by(current_ability, :show).find(params[:id])
|
|
69
69
|
instance_variable_set("@#{object_name}", @object)
|
|
70
70
|
end
|
|
71
71
|
|
|
@@ -29,7 +29,7 @@ module Spree
|
|
|
29
29
|
|
|
30
30
|
@return_authorizations = @order.
|
|
31
31
|
return_authorizations.
|
|
32
|
-
accessible_by(current_ability
|
|
32
|
+
accessible_by(current_ability).
|
|
33
33
|
ransack(params[:q]).
|
|
34
34
|
result
|
|
35
35
|
|
|
@@ -44,7 +44,7 @@ module Spree
|
|
|
44
44
|
|
|
45
45
|
def show
|
|
46
46
|
authorize! :admin, ReturnAuthorization
|
|
47
|
-
@return_authorization = @order.return_authorizations.accessible_by(current_ability, :
|
|
47
|
+
@return_authorization = @order.return_authorizations.accessible_by(current_ability, :show).find(params[:id])
|
|
48
48
|
respond_with(@return_authorization)
|
|
49
49
|
end
|
|
50
50
|
|
|
@@ -70,7 +70,7 @@ module Spree
|
|
|
70
70
|
|
|
71
71
|
def load_order
|
|
72
72
|
@order ||= Spree::Order.find_by!(number: order_id)
|
|
73
|
-
authorize! :
|
|
73
|
+
authorize! :show, @order
|
|
74
74
|
end
|
|
75
75
|
|
|
76
76
|
def return_authorization_params
|
|
@@ -25,10 +25,10 @@ module Spree
|
|
|
25
25
|
|
|
26
26
|
def scope
|
|
27
27
|
if params[:country_id]
|
|
28
|
-
@country = Spree::Country.accessible_by(current_ability, :
|
|
29
|
-
@country.states.accessible_by(current_ability
|
|
28
|
+
@country = Spree::Country.accessible_by(current_ability, :show).find(params[:country_id])
|
|
29
|
+
@country.states.accessible_by(current_ability)
|
|
30
30
|
else
|
|
31
|
-
Spree::State.accessible_by(current_ability
|
|
31
|
+
Spree::State.accessible_by(current_ability)
|
|
32
32
|
end
|
|
33
33
|
end
|
|
34
34
|
end
|
|
@@ -58,12 +58,12 @@ module Spree
|
|
|
58
58
|
private
|
|
59
59
|
|
|
60
60
|
def load_stock_location
|
|
61
|
-
@stock_location ||= Spree::StockLocation.accessible_by(current_ability).find(params.fetch(:stock_location_id))
|
|
61
|
+
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :show).find(params.fetch(:stock_location_id))
|
|
62
62
|
end
|
|
63
63
|
|
|
64
64
|
def scope
|
|
65
65
|
includes = { variant: [{ option_values: :option_type }, :product] }
|
|
66
|
-
@stock_location.stock_items.accessible_by(current_ability
|
|
66
|
+
@stock_location.stock_items.accessible_by(current_ability).includes(includes)
|
|
67
67
|
end
|
|
68
68
|
|
|
69
69
|
def stock_item_params
|
|
@@ -4,10 +4,10 @@ module Spree
|
|
|
4
4
|
module Api
|
|
5
5
|
class StockLocationsController < Spree::Api::BaseController
|
|
6
6
|
def index
|
|
7
|
-
authorize! :
|
|
7
|
+
authorize! :index, StockLocation
|
|
8
8
|
|
|
9
9
|
@stock_locations = StockLocation.
|
|
10
|
-
accessible_by(current_ability
|
|
10
|
+
accessible_by(current_ability).
|
|
11
11
|
order('name ASC').
|
|
12
12
|
ransack(params[:q]).
|
|
13
13
|
result
|
|
@@ -49,7 +49,7 @@ module Spree
|
|
|
49
49
|
private
|
|
50
50
|
|
|
51
51
|
def stock_location
|
|
52
|
-
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :
|
|
52
|
+
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :show).find(params[:id])
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
def stock_location_params
|
|
@@ -6,7 +6,7 @@ module Spree
|
|
|
6
6
|
before_action :stock_location, except: [:update, :destroy]
|
|
7
7
|
|
|
8
8
|
def index
|
|
9
|
-
authorize! :
|
|
9
|
+
authorize! :index, StockMovement
|
|
10
10
|
@stock_movements = paginate(scope.ransack(params[:q]).result)
|
|
11
11
|
respond_with(@stock_movements)
|
|
12
12
|
end
|
|
@@ -29,11 +29,11 @@ module Spree
|
|
|
29
29
|
private
|
|
30
30
|
|
|
31
31
|
def stock_location
|
|
32
|
-
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :
|
|
32
|
+
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :show).find(params[:stock_location_id])
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def scope
|
|
36
|
-
@stock_location.stock_movements.accessible_by(current_ability
|
|
36
|
+
@stock_location.stock_movements.accessible_by(current_ability)
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
def stock_movement_params
|
|
@@ -6,8 +6,8 @@ module Spree
|
|
|
6
6
|
before_action :get_store, except: [:index, :create]
|
|
7
7
|
|
|
8
8
|
def index
|
|
9
|
-
authorize! :
|
|
10
|
-
@stores = Spree::Store.accessible_by(current_ability
|
|
9
|
+
authorize! :index, Store
|
|
10
|
+
@stores = Spree::Store.accessible_by(current_ability).all
|
|
11
11
|
respond_with(@stores)
|
|
12
12
|
end
|
|
13
13
|
|
|
@@ -32,7 +32,7 @@ module Spree
|
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
def show
|
|
35
|
-
authorize! :
|
|
35
|
+
authorize! :show, @store
|
|
36
36
|
respond_with(@store)
|
|
37
37
|
end
|
|
38
38
|
|
|
@@ -50,7 +50,7 @@ module Spree
|
|
|
50
50
|
|
|
51
51
|
def taxonomies
|
|
52
52
|
@taxonomies = Taxonomy.
|
|
53
|
-
accessible_by(current_ability
|
|
53
|
+
accessible_by(current_ability).
|
|
54
54
|
order('name').
|
|
55
55
|
includes(root: :children).
|
|
56
56
|
ransack(params[:q]).
|
|
@@ -58,7 +58,7 @@ module Spree
|
|
|
58
58
|
end
|
|
59
59
|
|
|
60
60
|
def taxonomy
|
|
61
|
-
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :
|
|
61
|
+
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :show).
|
|
62
62
|
includes(root: :children).
|
|
63
63
|
find(params[:id])
|
|
64
64
|
end
|
|
@@ -7,9 +7,9 @@ module Spree
|
|
|
7
7
|
if taxonomy
|
|
8
8
|
@taxons = taxonomy.root.children
|
|
9
9
|
elsif params[:ids]
|
|
10
|
-
@taxons = Spree::Taxon.accessible_by(current_ability
|
|
10
|
+
@taxons = Spree::Taxon.accessible_by(current_ability).where(id: params[:ids].split(','))
|
|
11
11
|
else
|
|
12
|
-
@taxons = Spree::Taxon.accessible_by(current_ability
|
|
12
|
+
@taxons = Spree::Taxon.accessible_by(current_ability).order(:taxonomy_id, :lft).ransack(params[:q]).result
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
unless params[:without_children]
|
|
@@ -96,12 +96,12 @@ module Spree
|
|
|
96
96
|
|
|
97
97
|
def taxonomy
|
|
98
98
|
if params[:taxonomy_id].present?
|
|
99
|
-
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :
|
|
99
|
+
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :show).find(params[:taxonomy_id])
|
|
100
100
|
end
|
|
101
101
|
end
|
|
102
102
|
|
|
103
103
|
def taxon
|
|
104
|
-
@taxon ||= taxonomy.taxons.accessible_by(current_ability, :
|
|
104
|
+
@taxon ||= taxonomy.taxons.accessible_by(current_ability, :show).find(params[:id])
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
def taxon_params
|
|
@@ -1,6 +1,19 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
class Spree::Api::UsersController < Spree::Api::ResourceController
|
|
4
|
+
def index
|
|
5
|
+
user_scope = model_class.accessible_by(current_ability, :show)
|
|
6
|
+
if params[:ids]
|
|
7
|
+
ids = params[:ids].split(",").flatten
|
|
8
|
+
@users = user_scope.where(id: ids)
|
|
9
|
+
else
|
|
10
|
+
@users = user_scope.ransack(params[:q]).result
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
@users = paginate(@users.distinct)
|
|
14
|
+
respond_with(@users)
|
|
15
|
+
end
|
|
16
|
+
|
|
4
17
|
private
|
|
5
18
|
|
|
6
19
|
attr_reader :user
|
|
@@ -53,7 +53,7 @@ module Spree
|
|
|
53
53
|
private
|
|
54
54
|
|
|
55
55
|
def product
|
|
56
|
-
@product ||= Spree::Product.accessible_by(current_ability, :
|
|
56
|
+
@product ||= Spree::Product.accessible_by(current_ability, :show).friendly.find(params[:product_id]) if params[:product_id]
|
|
57
57
|
end
|
|
58
58
|
|
|
59
59
|
def scope
|
|
@@ -64,12 +64,12 @@ module Spree
|
|
|
64
64
|
end
|
|
65
65
|
|
|
66
66
|
if current_ability.can?(:manage, Variant) && params[:show_deleted]
|
|
67
|
-
variants = variants.
|
|
67
|
+
variants = variants.with_discarded
|
|
68
68
|
end
|
|
69
69
|
|
|
70
70
|
in_stock_only = ActiveRecord::Type::Boolean.new.cast(params[:in_stock_only])
|
|
71
71
|
suppliable_only = ActiveRecord::Type::Boolean.new.cast(params[:suppliable_only])
|
|
72
|
-
variants = variants.accessible_by(current_ability
|
|
72
|
+
variants = variants.accessible_by(current_ability)
|
|
73
73
|
if in_stock_only || cannot?(:view_out_of_stock, Spree::Variant)
|
|
74
74
|
variants = variants.in_stock
|
|
75
75
|
elsif suppliable_only
|
|
@@ -21,7 +21,7 @@ module Spree
|
|
|
21
21
|
|
|
22
22
|
def index
|
|
23
23
|
@zones = Spree::Zone.
|
|
24
|
-
accessible_by(current_ability
|
|
24
|
+
accessible_by(current_ability).
|
|
25
25
|
order('name ASC').
|
|
26
26
|
ransack(params[:q]).
|
|
27
27
|
result
|
|
@@ -55,7 +55,7 @@ module Spree
|
|
|
55
55
|
end
|
|
56
56
|
|
|
57
57
|
def zone
|
|
58
|
-
@zone ||= Spree::Zone.accessible_by(current_ability, :
|
|
58
|
+
@zone ||= Spree::Zone.accessible_by(current_ability, :show).find(params[:id])
|
|
59
59
|
end
|
|
60
60
|
end
|
|
61
61
|
end
|
|
@@ -22,6 +22,7 @@ module Spree
|
|
|
22
22
|
:state_attributes,
|
|
23
23
|
:adjustment_attributes,
|
|
24
24
|
:inventory_unit_attributes,
|
|
25
|
+
:customer_return_attributes,
|
|
25
26
|
:return_authorization_attributes,
|
|
26
27
|
:creditcard_attributes,
|
|
27
28
|
:payment_source_attributes,
|
|
@@ -117,16 +118,27 @@ module Spree
|
|
|
117
118
|
:id, :state, :variant_id, :shipment_id
|
|
118
119
|
]
|
|
119
120
|
|
|
121
|
+
@@customer_return_attributes = [
|
|
122
|
+
:id, :number, :stock_location_id, :created_at, :updated_at
|
|
123
|
+
]
|
|
124
|
+
|
|
120
125
|
@@return_authorization_attributes = [
|
|
121
126
|
:id, :number, :state, :order_id, :memo, :created_at, :updated_at
|
|
122
127
|
]
|
|
123
128
|
|
|
124
|
-
@@
|
|
125
|
-
:id, :
|
|
126
|
-
:
|
|
127
|
-
:
|
|
129
|
+
@@address_base_attributes = [
|
|
130
|
+
:id, :name, :address1, :address2, :city, :zipcode, :phone, :company,
|
|
131
|
+
:alternative_phone, :country_id, :country_iso, :state_id, :state_name,
|
|
132
|
+
:state_text
|
|
128
133
|
]
|
|
129
134
|
|
|
135
|
+
@@address_attributes = if Spree::Config.use_combined_first_and_last_name_in_address
|
|
136
|
+
@@address_base_attributes
|
|
137
|
+
else
|
|
138
|
+
@@address_base_attributes +
|
|
139
|
+
Spree::Address::LEGACY_NAME_ATTRS.map(&:to_sym)
|
|
140
|
+
end
|
|
141
|
+
|
|
130
142
|
@@country_attributes = [:id, :iso_name, :iso, :iso3, :name, :numcode]
|
|
131
143
|
|
|
132
144
|
@@state_attributes = [:id, :name, :abbr, :country_id]
|
|
@@ -168,7 +180,8 @@ module Spree
|
|
|
168
180
|
|
|
169
181
|
@@store_attributes = [
|
|
170
182
|
:id, :name, :url, :meta_description, :meta_keywords, :seo_title,
|
|
171
|
-
:mail_from_address, :default_currency, :code, :default, :available_locales
|
|
183
|
+
:mail_from_address, :default_currency, :code, :default, :available_locales,
|
|
184
|
+
:bcc_email
|
|
172
185
|
]
|
|
173
186
|
|
|
174
187
|
@@store_credit_history_attributes = [
|
|
@@ -1,4 +1,9 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
Spree::Deprecation.warn(
|
|
4
|
+
'spree/api/orders/could_not_transition is deprecated.' \
|
|
5
|
+
' Please use spree/api/errors/could_not_transition'
|
|
6
|
+
)
|
|
7
|
+
|
|
3
8
|
json.error(I18n.t(:could_not_transition, scope: "spree.api.order"))
|
|
4
9
|
json.errors(@order.errors.to_hash)
|
data/config/locales/en.yml
CHANGED
|
@@ -8,6 +8,8 @@ en:
|
|
|
8
8
|
invalid_resource: Invalid resource. Please fix errors and try again.
|
|
9
9
|
invalid_taxonomy_id: Invalid taxonomy id.
|
|
10
10
|
must_specify_api_key: You must specify an API key.
|
|
11
|
+
could_not_transition: The %{resource} could not be transitioned. Please fix the
|
|
12
|
+
errors and try again.
|
|
11
13
|
order:
|
|
12
14
|
could_not_transition: The order could not be transitioned. Please fix the
|
|
13
15
|
errors and try again.
|
data/config/routes.rb
CHANGED
|
@@ -3,9 +3,11 @@
|
|
|
3
3
|
Spree::Core::Engine.routes.draw do
|
|
4
4
|
namespace :admin do
|
|
5
5
|
resources :users do
|
|
6
|
+
resource :api_key, controller: 'users/api_key', only: [:create, :destroy]
|
|
7
|
+
|
|
6
8
|
member do
|
|
7
|
-
put :generate_api_key
|
|
8
|
-
put :clear_api_key
|
|
9
|
+
put :generate_api_key # Deprecated
|
|
10
|
+
put :clear_api_key # Deprecated
|
|
9
11
|
end
|
|
10
12
|
end
|
|
11
13
|
end
|
|
@@ -38,6 +40,8 @@ Spree::Core::Engine.routes.draw do
|
|
|
38
40
|
put :cancel
|
|
39
41
|
end
|
|
40
42
|
end
|
|
43
|
+
|
|
44
|
+
resources :customer_returns, except: :destroy
|
|
41
45
|
end
|
|
42
46
|
|
|
43
47
|
resources :checkouts, only: [:update], concerns: :order_routes do
|
|
@@ -57,7 +61,6 @@ Spree::Core::Engine.routes.draw do
|
|
|
57
61
|
end
|
|
58
62
|
resources :option_values
|
|
59
63
|
|
|
60
|
-
resources :option_values, only: :index
|
|
61
64
|
get '/orders/mine', to: 'orders#mine', as: 'my_orders'
|
|
62
65
|
get "/orders/current", to: "orders#current", as: "current_order"
|
|
63
66
|
|
|
@@ -34,11 +34,20 @@ module Spree
|
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
def image(filename)
|
|
37
|
-
File.open(
|
|
37
|
+
File.open(
|
|
38
|
+
File.join(
|
|
39
|
+
Spree::Core::Engine.root,
|
|
40
|
+
"lib",
|
|
41
|
+
"spree",
|
|
42
|
+
"testing_support",
|
|
43
|
+
"fixtures",
|
|
44
|
+
filename
|
|
45
|
+
)
|
|
46
|
+
)
|
|
38
47
|
end
|
|
39
48
|
|
|
40
49
|
def upload_image(filename)
|
|
41
|
-
|
|
50
|
+
Rack::Test::UploadedFile.new(File.open(image(filename).path), 'image/jpg')
|
|
42
51
|
end
|
|
43
52
|
end
|
|
44
53
|
end
|
data/openapi/authentication.md
CHANGED
|
@@ -10,6 +10,14 @@ You can use your API key to access all resources in the API. The API key must be
|
|
|
10
10
|
Authorization: Bearer API_KEY
|
|
11
11
|
```
|
|
12
12
|
|
|
13
|
+
As an admin, you can find your API token in the admin section under Users > Your e-email > API Access (at `admin/users/<user_id>/edit`)
|
|
14
|
+
|
|
15
|
+
Example:
|
|
16
|
+
|
|
17
|
+
```
|
|
18
|
+
curl --header "Authorization: Bearer 1a6a9936ad150a2ee345c65331da7a3ccc2de" http://www.my-solidus-site.com/api/stores
|
|
19
|
+
```
|
|
20
|
+
|
|
13
21
|
By default, API keys are only generated for admins, but you can easily customize Solidus to generate them for all users, which is useful for instance if you want users to be able to sign in and manage their profile via the API.
|
|
14
22
|
|
|
15
23
|
### Order token
|
|
@@ -22,4 +30,4 @@ The order token must be passed in the `X-Spree-Order-Token` header in the follow
|
|
|
22
30
|
X-Spree-Order-Token: ORDER_TOKEN
|
|
23
31
|
```
|
|
24
32
|
|
|
25
|
-
If you are already providing an API key, you don't need to also provide the order token (although you may do so).
|
|
33
|
+
If you are already providing an API key, you don't need to also provide the order token (although you may do so).
|