solidus_api 2.10.3 → 2.11.0

data/spec/lib/spree_api_responders_spec.rb

@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-
-require "spec_helper"
-
-describe "Spree Api Responders" do
-  it "RablTemplate is deprecated Use JbuilderTemplate" do
-    warning_message = /DEPRECATION WARNING: RablTemplate is deprecated! Use JbuilderTemplate instead/
-    expect{ Spree::Api::Responders::RablTemplate.methods }.to output(warning_message).to_stderr
-  end
-end

data/spec/models/spree/legacy_user_spec.rb

@@ -1,103 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-module Spree
-  describe LegacyUser, type: :model do
-    let(:user) { LegacyUser.new }
-
-    it "can generate an API key" do
-      expect(user).to receive(:save!)
-      expect { user.generate_spree_api_key! }.to change(user, :spree_api_key).to be_present
-    end
-
-    it "can generate an API key without persisting" do
-      expect(user).not_to receive(:save!)
-      expect { user.generate_spree_api_key }.to change(user, :spree_api_key).to be_present
-    end
-
-    it "can clear an API key" do
-      user.spree_api_key = 'abc123'
-      expect(user).to receive(:save!)
-      expect { user.clear_spree_api_key! }.to change(user, :spree_api_key).to be_blank
-    end
-
-    it "can clear an api key without persisting" do
-      user.spree_api_key = 'abc123'
-      expect(user).not_to receive(:save!)
-      expect { user.clear_spree_api_key }.to change(user, :spree_api_key).to be_blank
-    end
-
-    context "auto-api-key grant" do
-      context "after role user create" do
-        let(:user) { create(:user) }
-        before { expect(user.spree_roles).to be_blank }
-        subject { user.spree_roles << role }
-
-        context "roles_for_auto_api_key default" do
-          let(:role) { create(:role, name: "admin") }
-
-          context "the user has no api key" do
-            before { user.clear_spree_api_key! }
-            it { expect { subject }.to change { user.reload.spree_api_key }.from(nil) }
-          end
-
-          context "the user already has an api key" do
-            before { user.generate_spree_api_key! }
-            it { expect { subject }.not_to change { user.reload.spree_api_key } }
-          end
-        end
-
-        context "roles_for_auto_api_key is defined" do
-          let(:role) { create(:role, name: 'hobbit') }
-          let(:undesired_role) { create(:role, name: "foo") }
-
-          before {
-            user.clear_spree_api_key!
-            stub_spree_preferences(roles_for_auto_api_key: ['hobbit'])
-          }
-
-          it { expect { subject }.to change { user.reload.spree_api_key }.from(nil) }
-          it { expect { user.spree_roles << undesired_role }.not_to change { user.reload.spree_api_key } }
-        end
-
-        context "for all roles" do
-          let(:role) { create(:role, name: 'hobbit') }
-          let(:other_role) { create(:role, name: 'wizard') }
-          let(:other_user) { create(:user) }
-
-          before {
-            user.clear_spree_api_key!
-            other_user.clear_spree_api_key!
-            stub_spree_preferences(generate_api_key_for_all_roles: true)
-          }
-
-          it { expect { subject }.to change { user.reload.spree_api_key }.from(nil) }
-          it { expect { other_user.spree_roles << other_role }.to change { other_user.reload.spree_api_key }.from(nil) }
-        end
-      end
-
-      context "after user create" do
-        let(:user) { LegacyUser.new }
-
-        context "generate_api_key_for_all_roles" do
-          it "does not grant api key default" do
-            expect(user.spree_api_key).to eq(nil)
-
-            user.save!
-            expect(user.spree_api_key).to eq(nil)
-          end
-
-          it "grants an api key on create when set to true" do
-            stub_spree_preferences(generate_api_key_for_all_roles: true)
-
-            expect(user.spree_api_key).to eq(nil)
-
-            user.save!
-            expect(user.spree_api_key).not_to eq(nil)
-          end
-        end
-      end
-    end
-  end
-end

data/spec/requests/api/address_books_spec.rb

@@ -1,240 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-module Spree
-  describe Api::AddressBooksController, type: :request do
-    let!(:state) { create(:state) }
-    let!(:harry_address_attributes) do
-      {
-        'firstname' => 'Harry',
-        'lastname' => 'Potter',
-        'address1' => '4 Privet Drive',
-        'address2' => 'cupboard under the stairs',
-        'city' => 'Surrey',
-        'zipcode' => '10010',
-        'phone' => '555-5555',
-        'state_id' => state.id,
-        'country_id' => state.country.id
-      }
-    end
-
-    let!(:ron_address_attributes) do
-      {
-        'firstname' => 'Ron',
-        'lastname' => 'Weasly',
-        'address1' => 'Ottery St. Catchpole',
-        'address2' => '4th floor',
-        'city' => 'Devon, West Country',
-        'zipcode' => '10010',
-        'phone' => '555-5555',
-        'state_id' => state.id,
-        'country_id' => state.country.id
-      }
-    end
-
-    context 'as address book owner' do
-      context 'with ability' do
-        it 'returns my address book' do
-          user = create(:user, spree_api_key: 'galleon')
-          user.save_in_address_book(harry_address_attributes, true)
-          user.save_in_address_book(ron_address_attributes, false)
-
-          get "/api/users/#{user.id}/address_book",
-            headers: { Authorization: 'Bearer galleon' }
-
-          json_response = JSON.parse(response.body)
-          expect(response.status).to eq(200)
-          expect(json_response.length).to eq(2)
-          expect(json_response).to include(
-            hash_including(harry_address_attributes.merge!('default' => true)),
-              hash_including(ron_address_attributes.merge!('default' => false))
-            )
-        end
-
-        it 'updates my address book' do
-          user = create(:user, spree_api_key: 'galleon')
-          address = user.save_in_address_book(harry_address_attributes, true)
-          harry_address_attributes['firstname'] = 'Ron'
-
-          expect {
-            put "/api/users/#{user.id}/address_book",
-              params:  { address_book: harry_address_attributes.merge('id' => address.id) },
-              headers: { Authorization: 'Bearer galleon' }
-          }.to change { UserAddress.count }.from(1).to(2)
-
-          expect(response.status).to eq(200)
-          expect(JSON.parse(response.body).first).to include(harry_address_attributes)
-        end
-
-        context 'when creating an address' do
-          it 'marks the update_target' do
-            user = create(:user, spree_api_key: 'galleon')
-
-            expect {
-              put "/api/users/#{user.id}/address_book",
-                params:  { address_book: harry_address_attributes },
-                headers: { Authorization: 'Bearer galleon' }
-            }.to change { UserAddress.count }.by(1)
-
-            user_address = UserAddress.last
-
-            expect(response.status).to eq(200)
-            update_target_ids = JSON.parse(response.body).select { |target| target['update_target'] }.map { |location| location['id'] }
-            expect(update_target_ids).to eq([user_address.address_id])
-          end
-        end
-
-        context 'when updating an address' do
-          it 'marks the update_target' do
-            user = create(:user, spree_api_key: 'galleon')
-            address = user.save_in_address_book(harry_address_attributes, true)
-
-            expect {
-              put "/api/users/#{user.id}/address_book",
-                params:  { address_book: harry_address_attributes },
-                headers: { Authorization: 'Bearer galleon' }
-            }.to_not change { UserAddress.count }
-
-            expect(response.status).to eq(200)
-            update_target_ids = JSON.parse(response.body).select { |target| target['update_target'] }.map { |location| location['id'] }
-            expect(update_target_ids).to eq([address.id])
-          end
-        end
-
-        it 'archives my address' do
-          address = create(:address)
-          user = create(:user, spree_api_key: 'galleon')
-          user.save_in_address_book(address.attributes, false)
-
-          expect {
-            delete "/api/users/#{user.id}/address_book",
-              params:  { address_id: address.id },
-              headers: { Authorization: 'Bearer galleon' }
-          }.to change { user.reload.user_addresses.count }.from(1).to(0)
-
-          expect(response.status).to eq(200)
-        end
-      end
-    end
-
-    context 'on behalf of address book owner' do
-      context 'with ability' do
-        before do
-          Spree::Config.roles.assign_permissions 'Prefect', [Spree::PermissionSets::UserManagement]
-          create(:user, spree_api_key: 'galleon', spree_roles: [build(:role, name: 'Prefect')])
-        end
-
-        it "returns another user's address book" do
-          other_user = create(:user)
-          other_user.save_in_address_book(harry_address_attributes, true)
-          other_user.save_in_address_book(ron_address_attributes, false)
-
-          get "/api/users/#{other_user.id}/address_book",
-            headers: { Authorization: 'Bearer galleon' }
-
-          json_response = JSON.parse(response.body)
-          expect(response.status).to eq(200)
-          expect(json_response.length).to eq(2)
-          expect(json_response).to include(
-            hash_including(harry_address_attributes.merge!('default' => true)),
-              hash_including(ron_address_attributes.merge!('default' => false))
-            )
-        end
-
-        it "updates another user's address" do
-          other_user = create(:user)
-          address = other_user.save_in_address_book(harry_address_attributes, true)
-          updated_harry_address = harry_address_attributes.merge('firstname' => 'Ron')
-
-          expect {
-            put "/api/users/#{other_user.id}/address_book",
-            params:  { address_book: updated_harry_address.merge('id' => address.id) },
-            headers: { Authorization: 'Bearer galleon' }
-          }.to change { UserAddress.count }.from(1).to(2)
-
-          expect(response.status).to eq(200)
-          expect(JSON.parse(response.body).first).to include(updated_harry_address)
-        end
-
-        it "archives another user's address" do
-          address = create(:address)
-          other_user = create(:user)
-          other_user.save_in_address_book(address.attributes, false)
-
-          expect {
-            delete "/api/users/#{other_user.id}/address_book",
-              params:  { address_id: address.id },
-              headers: { Authorization: 'Bearer galleon' }
-          }.to change { other_user.reload.user_addresses.count }.from(1).to(0)
-
-          expect(response.status).to eq(200)
-        end
-      end
-
-      context 'without ability' do
-        it 'does not return another user address book' do
-          create(:user, spree_api_key: 'galleon')
-          other_user = create(:user)
-          other_user.save_in_address_book(harry_address_attributes, true)
-
-          get "/api/users/#{other_user.id}/address_book",
-            headers: { Authorization: 'Bearer galleon' }
-
-          expect(response.status).to eq(401)
-        end
-
-        it 'does not update another user address' do
-          address = create(:address)
-          other_user = create(:user)
-          other_user_address = other_user.save_in_address_book(address.attributes, true)
-          create(:user, spree_api_key: 'galleon')
-
-          expect {
-            put "/api/users/#{other_user.id}/address_book",
-            params:  { address_book: other_user_address.attributes.merge('address1' => 'Hogwarts') },
-            headers: { Authorization: 'Bearer galleon' }
-          }.not_to change { UserAddress.count }
-
-          expect(response.status).to eq(401)
-        end
-
-        it 'does not archive another user address' do
-          address = create(:address)
-          other_user = create(:user)
-          other_user.save_in_address_book(address.attributes, true)
-          create(:user, spree_api_key: 'galleon')
-
-          expect {
-            delete "/api/users/#{other_user.id}/address_book",
-              params:  { address_id: address.id },
-              headers: { Authorization: 'Bearer galleon' }
-          }.not_to change { other_user.user_addresses.count }
-
-          expect(response.status).to eq(401)
-        end
-      end
-    end
-
-    context 'unauthenticated' do
-      before do
-        @user = create(:user)
-      end
-
-      it 'GET returns a 401' do
-        get "/api/users/#{@user.id}/address_book"
-        expect(response.status).to eq(401)
-      end
-
-      it 'UPDATE returns a 401' do
-        put "/api/users/#{@user.id}/address_book"
-        expect(response.status).to eq(401)
-      end
-
-      it 'DELETE returns a 401' do
-        delete "/api/users/#{@user.id}/address_book"
-        expect(response.status).to eq(401)
-      end
-    end
-  end
-end

data/spec/requests/jbuilder_cache_spec.rb

@@ -1,34 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe "Jbuilder Cache", type: :request, caching: true do
-  let!(:user)  { create(:admin_user) }
-
-  before do
-    create(:variant)
-    user.generate_spree_api_key!
-    expect(Spree::Product.count).to eq(1)
-  end
-
-  it "doesn't create a cache key collision for models with different jbuilder templates" do
-    get "/api/variants", params: { token: user.spree_api_key }
-    expect(response.status).to eq(200)
-
-    # Make sure we get a non master variant
-    variant_a = JSON.parse(response.body)['variants'].find do |v|
-      !v['is_master']
-    end
-
-    expect(variant_a['is_master']).to be false
-    expect(variant_a['stock_items']).not_to be_nil
-
-    get "/api/products/#{Spree::Product.first.id}", params: { token: user.spree_api_key }
-    expect(response.status).to eq(200)
-    variant_b = JSON.parse(response.body)['variants'].last
-    expect(variant_b['is_master']).to be false
-
-    expect(variant_a['id']).to eq(variant_b['id'])
-    expect(variant_b['stock_items']).to be_nil
-  end
-end

data/spec/requests/ransackable_attributes_spec.rb

@@ -1,79 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe "Ransackable Attributes" do
-  let(:user) { create(:user).tap(&:generate_spree_api_key!) }
-  let(:order) { create(:order_with_line_items, user: user) }
-  context "filtering by attributes one association away" do
-    it "does not allow the filtering of variants by order attributes" do
-      2.times { create(:variant) }
-
-      get "/api/variants?q[orders_email_start]=#{order.email}", params: { token: user.spree_api_key }
-
-      variants_response = JSON.parse(response.body)
-      expect(variants_response['total_count']).to eq(Spree::Variant.count)
-    end
-  end
-
-  context "filtering by attributes two associations away" do
-    it "does not allow the filtering of variants by user attributes" do
-      2.times { create(:variant) }
-
-      get "/api/variants?q[orders_user_email_start]=#{order.user.email}", params: { token: user.spree_api_key }
-
-      variants_response = JSON.parse(response.body)
-      expect(variants_response['total_count']).to eq(Spree::Variant.count)
-    end
-  end
-
-  context "it maintains desired association behavior" do
-    it "allows filtering of variants product name" do
-      product = create(:product, name: "Fritos")
-      variant = create(:variant, product: product)
-      other_variant = create(:variant)
-
-      get "/api/variants?q[product_name_or_sku_cont]=fritos", params: { token: user.spree_api_key }
-
-      skus = JSON.parse(response.body)['variants'].map { |x| x['sku'] }
-      expect(skus).to include variant.sku
-      expect(skus).not_to include other_variant.sku
-    end
-  end
-
-  context "filtering by attributes" do
-    it "most attributes are not filterable by default" do
-      create(:product, description: "special product")
-      create(:product)
-
-      get "/api/products?q[description_cont]=special", params: { token: user.spree_api_key }
-
-      products_response = JSON.parse(response.body)
-      expect(products_response['total_count']).to eq(Spree::Product.count)
-    end
-
-    it "id is filterable by default" do
-      product = create(:product)
-      other_product = create(:product)
-
-      get "/api/products?q[id_eq]=#{product.id}", params: { token: user.spree_api_key }
-
-      product_names = JSON.parse(response.body)['products'].map { |x| x['name'] }
-      expect(product_names).to include product.name
-      expect(product_names).not_to include other_product.name
-    end
-  end
-
-  context "filtering by whitelisted attributes" do
-    it "filtering is supported for whitelisted attributes" do
-      product = create(:product, name: "Fritos")
-      other_product = create(:product)
-
-      get "/api/products?q[name_cont]=fritos", params: { token: user.spree_api_key }
-
-      product_names = JSON.parse(response.body)['products'].map { |x| x['name'] }
-      expect(product_names).to include product.name
-      expect(product_names).not_to include other_product.name
-    end
-  end
-end