solidus_api 2.10.5 → 2.11.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (99) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/app/controllers/spree/api/addresses_controller.rb +1 -1
  4. data/app/controllers/spree/api/base_controller.rb +11 -3
  5. data/app/controllers/spree/api/checkouts_controller.rb +1 -11
  6. data/app/controllers/spree/api/countries_controller.rb +2 -2
  7. data/app/controllers/spree/api/credit_cards_controller.rb +2 -2
  8. data/app/controllers/spree/api/customer_returns_controller.rb +67 -0
  9. data/app/controllers/spree/api/images_controller.rb +4 -4
  10. data/app/controllers/spree/api/inventory_units_controller.rb +1 -1
  11. data/app/controllers/spree/api/option_types_controller.rb +3 -3
  12. data/app/controllers/spree/api/option_values_controller.rb +2 -2
  13. data/app/controllers/spree/api/orders_controller.rb +1 -1
  14. data/app/controllers/spree/api/payments_controller.rb +1 -1
  15. data/app/controllers/spree/api/product_properties_controller.rb +9 -14
  16. data/app/controllers/spree/api/promotions_controller.rb +3 -12
  17. data/app/controllers/spree/api/properties_controller.rb +3 -3
  18. data/app/controllers/spree/api/resource_controller.rb +2 -2
  19. data/app/controllers/spree/api/return_authorizations_controller.rb +3 -3
  20. data/app/controllers/spree/api/shipments_controller.rb +1 -1
  21. data/app/controllers/spree/api/states_controller.rb +3 -3
  22. data/app/controllers/spree/api/stock_items_controller.rb +2 -2
  23. data/app/controllers/spree/api/stock_locations_controller.rb +3 -3
  24. data/app/controllers/spree/api/stock_movements_controller.rb +3 -3
  25. data/app/controllers/spree/api/stores_controller.rb +3 -3
  26. data/app/controllers/spree/api/taxonomies_controller.rb +2 -2
  27. data/app/controllers/spree/api/taxons_controller.rb +4 -4
  28. data/app/controllers/spree/api/users_controller.rb +13 -0
  29. data/app/controllers/spree/api/variants_controller.rb +3 -3
  30. data/app/controllers/spree/api/zones_controller.rb +2 -2
  31. data/app/helpers/spree/api/api_helpers.rb +18 -5
  32. data/app/views/spree/api/customer_returns/index.json.jbuilder +6 -0
  33. data/app/views/spree/api/customer_returns/new.json.jbuilder +4 -0
  34. data/app/views/spree/api/customer_returns/show.json.jbuilder +3 -0
  35. data/app/views/spree/api/errors/could_not_transition.json.jbuilder +4 -0
  36. data/app/views/spree/api/orders/could_not_transition.json.jbuilder +5 -0
  37. data/config/locales/en.yml +2 -0
  38. data/config/routes.rb +6 -3
  39. data/lib/spree/api/testing_support/helpers.rb +1 -1
  40. data/openapi/authentication.md +9 -1
  41. data/openapi/checkout-flow.md +17 -4
  42. data/openapi/main.hub.yml +1 -1
  43. data/openapi/solidus-api.oas.yml +6753 -0
  44. data/solidus_api.gemspec +19 -19
  45. metadata +14 -114
  46. data/openapi/api.oas2.yml +0 -6108
  47. data/script/rails +0 -10
  48. data/spec/controllers/spree/api/base_controller_spec.rb +0 -118
  49. data/spec/controllers/spree/api/resource_controller_spec.rb +0 -190
  50. data/spec/features/checkout_spec.rb +0 -192
  51. data/spec/fixtures/thinking-cat.jpg +0 -0
  52. data/spec/lib/spree_api_responders_spec.rb +0 -10
  53. data/spec/models/spree/legacy_user_spec.rb +0 -103
  54. data/spec/requests/api/address_books_spec.rb +0 -240
  55. data/spec/requests/jbuilder_cache_spec.rb +0 -34
  56. data/spec/requests/ransackable_attributes_spec.rb +0 -79
  57. data/spec/requests/spree/api/addresses_controller_spec.rb +0 -57
  58. data/spec/requests/spree/api/checkouts_controller_spec.rb +0 -484
  59. data/spec/requests/spree/api/classifications_controller_spec.rb +0 -50
  60. data/spec/requests/spree/api/config_controller_spec.rb +0 -26
  61. data/spec/requests/spree/api/countries_controller_spec.rb +0 -48
  62. data/spec/requests/spree/api/coupon_codes_controller_spec.rb +0 -105
  63. data/spec/requests/spree/api/credit_cards_controller_spec.rb +0 -105
  64. data/spec/requests/spree/api/images_controller_spec.rb +0 -99
  65. data/spec/requests/spree/api/inventory_units_controller_spec.rb +0 -55
  66. data/spec/requests/spree/api/line_items_controller_spec.rb +0 -213
  67. data/spec/requests/spree/api/option_types_controller_spec.rb +0 -116
  68. data/spec/requests/spree/api/option_values_controller_spec.rb +0 -138
  69. data/spec/requests/spree/api/orders_controller_spec.rb +0 -954
  70. data/spec/requests/spree/api/payments_controller_spec.rb +0 -259
  71. data/spec/requests/spree/api/product_properties_controller_spec.rb +0 -114
  72. data/spec/requests/spree/api/products_controller_spec.rb +0 -422
  73. data/spec/requests/spree/api/promotion_application_spec.rb +0 -50
  74. data/spec/requests/spree/api/promotions_controller_spec.rb +0 -67
  75. data/spec/requests/spree/api/properties_controller_spec.rb +0 -102
  76. data/spec/requests/spree/api/return_authorizations_controller_spec.rb +0 -180
  77. data/spec/requests/spree/api/shipments_controller_spec.rb +0 -532
  78. data/spec/requests/spree/api/states_controller_spec.rb +0 -69
  79. data/spec/requests/spree/api/stock_items_controller_spec.rb +0 -311
  80. data/spec/requests/spree/api/stock_locations_controller_spec.rb +0 -170
  81. data/spec/requests/spree/api/stock_movements_controller_spec.rb +0 -81
  82. data/spec/requests/spree/api/store_credit_events_controller_spec.rb +0 -59
  83. data/spec/requests/spree/api/stores_controller_spec.rb +0 -134
  84. data/spec/requests/spree/api/taxonomies_controller_spec.rb +0 -114
  85. data/spec/requests/spree/api/taxons_controller_spec.rb +0 -217
  86. data/spec/requests/spree/api/unauthenticated_products_controller_spec.rb +0 -27
  87. data/spec/requests/spree/api/users_controller_spec.rb +0 -151
  88. data/spec/requests/spree/api/variants_controller_spec.rb +0 -340
  89. data/spec/requests/spree/api/zones_controller_spec.rb +0 -89
  90. data/spec/shared_examples/protect_product_actions.rb +0 -18
  91. data/spec/spec_helper.rb +0 -73
  92. data/spec/support/be_paginated_matcher.rb +0 -9
  93. data/spec/support/controller_hacks.rb +0 -43
  94. data/spec/support/database_cleaner.rb +0 -16
  95. data/spec/support/have_attributes_matcher.rb +0 -11
  96. data/spec/test_views/spree/api/widgets/_widget.json.jbuilder +0 -3
  97. data/spec/test_views/spree/api/widgets/index.json.jbuilder +0 -9
  98. data/spec/test_views/spree/api/widgets/new.json.jbuilder +0 -3
  99. data/spec/test_views/spree/api/widgets/show.json.jbuilder +0 -3
Binary file
@@ -1,10 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe "Spree Api Responders" do
6
- it "RablTemplate is deprecated Use JbuilderTemplate" do
7
- warning_message = /DEPRECATION WARNING: RablTemplate is deprecated! Use JbuilderTemplate instead/
8
- expect{ Spree::Api::Responders::RablTemplate.methods }.to output(warning_message).to_stderr
9
- end
10
- end
@@ -1,103 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'spec_helper'
4
-
5
- module Spree
6
- describe LegacyUser, type: :model do
7
- let(:user) { LegacyUser.new }
8
-
9
- it "can generate an API key" do
10
- expect(user).to receive(:save!)
11
- expect { user.generate_spree_api_key! }.to change(user, :spree_api_key).to be_present
12
- end
13
-
14
- it "can generate an API key without persisting" do
15
- expect(user).not_to receive(:save!)
16
- expect { user.generate_spree_api_key }.to change(user, :spree_api_key).to be_present
17
- end
18
-
19
- it "can clear an API key" do
20
- user.spree_api_key = 'abc123'
21
- expect(user).to receive(:save!)
22
- expect { user.clear_spree_api_key! }.to change(user, :spree_api_key).to be_blank
23
- end
24
-
25
- it "can clear an api key without persisting" do
26
- user.spree_api_key = 'abc123'
27
- expect(user).not_to receive(:save!)
28
- expect { user.clear_spree_api_key }.to change(user, :spree_api_key).to be_blank
29
- end
30
-
31
- context "auto-api-key grant" do
32
- context "after role user create" do
33
- let(:user) { create(:user) }
34
- before { expect(user.spree_roles).to be_blank }
35
- subject { user.spree_roles << role }
36
-
37
- context "roles_for_auto_api_key default" do
38
- let(:role) { create(:role, name: "admin") }
39
-
40
- context "the user has no api key" do
41
- before { user.clear_spree_api_key! }
42
- it { expect { subject }.to change { user.reload.spree_api_key }.from(nil) }
43
- end
44
-
45
- context "the user already has an api key" do
46
- before { user.generate_spree_api_key! }
47
- it { expect { subject }.not_to change { user.reload.spree_api_key } }
48
- end
49
- end
50
-
51
- context "roles_for_auto_api_key is defined" do
52
- let(:role) { create(:role, name: 'hobbit') }
53
- let(:undesired_role) { create(:role, name: "foo") }
54
-
55
- before {
56
- user.clear_spree_api_key!
57
- stub_spree_preferences(roles_for_auto_api_key: ['hobbit'])
58
- }
59
-
60
- it { expect { subject }.to change { user.reload.spree_api_key }.from(nil) }
61
- it { expect { user.spree_roles << undesired_role }.not_to change { user.reload.spree_api_key } }
62
- end
63
-
64
- context "for all roles" do
65
- let(:role) { create(:role, name: 'hobbit') }
66
- let(:other_role) { create(:role, name: 'wizard') }
67
- let(:other_user) { create(:user) }
68
-
69
- before {
70
- user.clear_spree_api_key!
71
- other_user.clear_spree_api_key!
72
- stub_spree_preferences(generate_api_key_for_all_roles: true)
73
- }
74
-
75
- it { expect { subject }.to change { user.reload.spree_api_key }.from(nil) }
76
- it { expect { other_user.spree_roles << other_role }.to change { other_user.reload.spree_api_key }.from(nil) }
77
- end
78
- end
79
-
80
- context "after user create" do
81
- let(:user) { LegacyUser.new }
82
-
83
- context "generate_api_key_for_all_roles" do
84
- it "does not grant api key default" do
85
- expect(user.spree_api_key).to eq(nil)
86
-
87
- user.save!
88
- expect(user.spree_api_key).to eq(nil)
89
- end
90
-
91
- it "grants an api key on create when set to true" do
92
- stub_spree_preferences(generate_api_key_for_all_roles: true)
93
-
94
- expect(user.spree_api_key).to eq(nil)
95
-
96
- user.save!
97
- expect(user.spree_api_key).not_to eq(nil)
98
- end
99
- end
100
- end
101
- end
102
- end
103
- end
@@ -1,240 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'spec_helper'
4
-
5
- module Spree
6
- describe Api::AddressBooksController, type: :request do
7
- let!(:state) { create(:state) }
8
- let!(:harry_address_attributes) do
9
- {
10
- 'firstname' => 'Harry',
11
- 'lastname' => 'Potter',
12
- 'address1' => '4 Privet Drive',
13
- 'address2' => 'cupboard under the stairs',
14
- 'city' => 'Surrey',
15
- 'zipcode' => '10010',
16
- 'phone' => '555-5555',
17
- 'state_id' => state.id,
18
- 'country_id' => state.country.id
19
- }
20
- end
21
-
22
- let!(:ron_address_attributes) do
23
- {
24
- 'firstname' => 'Ron',
25
- 'lastname' => 'Weasly',
26
- 'address1' => 'Ottery St. Catchpole',
27
- 'address2' => '4th floor',
28
- 'city' => 'Devon, West Country',
29
- 'zipcode' => '10010',
30
- 'phone' => '555-5555',
31
- 'state_id' => state.id,
32
- 'country_id' => state.country.id
33
- }
34
- end
35
-
36
- context 'as address book owner' do
37
- context 'with ability' do
38
- it 'returns my address book' do
39
- user = create(:user, spree_api_key: 'galleon')
40
- user.save_in_address_book(harry_address_attributes, true)
41
- user.save_in_address_book(ron_address_attributes, false)
42
-
43
- get "/api/users/#{user.id}/address_book",
44
- headers: { Authorization: 'Bearer galleon' }
45
-
46
- json_response = JSON.parse(response.body)
47
- expect(response.status).to eq(200)
48
- expect(json_response.length).to eq(2)
49
- expect(json_response).to include(
50
- hash_including(harry_address_attributes.merge!('default' => true)),
51
- hash_including(ron_address_attributes.merge!('default' => false))
52
- )
53
- end
54
-
55
- it 'updates my address book' do
56
- user = create(:user, spree_api_key: 'galleon')
57
- address = user.save_in_address_book(harry_address_attributes, true)
58
- harry_address_attributes['firstname'] = 'Ron'
59
-
60
- expect {
61
- put "/api/users/#{user.id}/address_book",
62
- params: { address_book: harry_address_attributes.merge('id' => address.id) },
63
- headers: { Authorization: 'Bearer galleon' }
64
- }.to change { UserAddress.count }.from(1).to(2)
65
-
66
- expect(response.status).to eq(200)
67
- expect(JSON.parse(response.body).first).to include(harry_address_attributes)
68
- end
69
-
70
- context 'when creating an address' do
71
- it 'marks the update_target' do
72
- user = create(:user, spree_api_key: 'galleon')
73
-
74
- expect {
75
- put "/api/users/#{user.id}/address_book",
76
- params: { address_book: harry_address_attributes },
77
- headers: { Authorization: 'Bearer galleon' }
78
- }.to change { UserAddress.count }.by(1)
79
-
80
- user_address = UserAddress.last
81
-
82
- expect(response.status).to eq(200)
83
- update_target_ids = JSON.parse(response.body).select { |target| target['update_target'] }.map { |location| location['id'] }
84
- expect(update_target_ids).to eq([user_address.address_id])
85
- end
86
- end
87
-
88
- context 'when updating an address' do
89
- it 'marks the update_target' do
90
- user = create(:user, spree_api_key: 'galleon')
91
- address = user.save_in_address_book(harry_address_attributes, true)
92
-
93
- expect {
94
- put "/api/users/#{user.id}/address_book",
95
- params: { address_book: harry_address_attributes },
96
- headers: { Authorization: 'Bearer galleon' }
97
- }.to_not change { UserAddress.count }
98
-
99
- expect(response.status).to eq(200)
100
- update_target_ids = JSON.parse(response.body).select { |target| target['update_target'] }.map { |location| location['id'] }
101
- expect(update_target_ids).to eq([address.id])
102
- end
103
- end
104
-
105
- it 'archives my address' do
106
- address = create(:address)
107
- user = create(:user, spree_api_key: 'galleon')
108
- user.save_in_address_book(address.attributes, false)
109
-
110
- expect {
111
- delete "/api/users/#{user.id}/address_book",
112
- params: { address_id: address.id },
113
- headers: { Authorization: 'Bearer galleon' }
114
- }.to change { user.reload.user_addresses.count }.from(1).to(0)
115
-
116
- expect(response.status).to eq(200)
117
- end
118
- end
119
- end
120
-
121
- context 'on behalf of address book owner' do
122
- context 'with ability' do
123
- before do
124
- Spree::Config.roles.assign_permissions 'Prefect', [Spree::PermissionSets::UserManagement]
125
- create(:user, spree_api_key: 'galleon', spree_roles: [build(:role, name: 'Prefect')])
126
- end
127
-
128
- it "returns another user's address book" do
129
- other_user = create(:user)
130
- other_user.save_in_address_book(harry_address_attributes, true)
131
- other_user.save_in_address_book(ron_address_attributes, false)
132
-
133
- get "/api/users/#{other_user.id}/address_book",
134
- headers: { Authorization: 'Bearer galleon' }
135
-
136
- json_response = JSON.parse(response.body)
137
- expect(response.status).to eq(200)
138
- expect(json_response.length).to eq(2)
139
- expect(json_response).to include(
140
- hash_including(harry_address_attributes.merge!('default' => true)),
141
- hash_including(ron_address_attributes.merge!('default' => false))
142
- )
143
- end
144
-
145
- it "updates another user's address" do
146
- other_user = create(:user)
147
- address = other_user.save_in_address_book(harry_address_attributes, true)
148
- updated_harry_address = harry_address_attributes.merge('firstname' => 'Ron')
149
-
150
- expect {
151
- put "/api/users/#{other_user.id}/address_book",
152
- params: { address_book: updated_harry_address.merge('id' => address.id) },
153
- headers: { Authorization: 'Bearer galleon' }
154
- }.to change { UserAddress.count }.from(1).to(2)
155
-
156
- expect(response.status).to eq(200)
157
- expect(JSON.parse(response.body).first).to include(updated_harry_address)
158
- end
159
-
160
- it "archives another user's address" do
161
- address = create(:address)
162
- other_user = create(:user)
163
- other_user.save_in_address_book(address.attributes, false)
164
-
165
- expect {
166
- delete "/api/users/#{other_user.id}/address_book",
167
- params: { address_id: address.id },
168
- headers: { Authorization: 'Bearer galleon' }
169
- }.to change { other_user.reload.user_addresses.count }.from(1).to(0)
170
-
171
- expect(response.status).to eq(200)
172
- end
173
- end
174
-
175
- context 'without ability' do
176
- it 'does not return another user address book' do
177
- create(:user, spree_api_key: 'galleon')
178
- other_user = create(:user)
179
- other_user.save_in_address_book(harry_address_attributes, true)
180
-
181
- get "/api/users/#{other_user.id}/address_book",
182
- headers: { Authorization: 'Bearer galleon' }
183
-
184
- expect(response.status).to eq(401)
185
- end
186
-
187
- it 'does not update another user address' do
188
- address = create(:address)
189
- other_user = create(:user)
190
- other_user_address = other_user.save_in_address_book(address.attributes, true)
191
- create(:user, spree_api_key: 'galleon')
192
-
193
- expect {
194
- put "/api/users/#{other_user.id}/address_book",
195
- params: { address_book: other_user_address.attributes.merge('address1' => 'Hogwarts') },
196
- headers: { Authorization: 'Bearer galleon' }
197
- }.not_to change { UserAddress.count }
198
-
199
- expect(response.status).to eq(401)
200
- end
201
-
202
- it 'does not archive another user address' do
203
- address = create(:address)
204
- other_user = create(:user)
205
- other_user.save_in_address_book(address.attributes, true)
206
- create(:user, spree_api_key: 'galleon')
207
-
208
- expect {
209
- delete "/api/users/#{other_user.id}/address_book",
210
- params: { address_id: address.id },
211
- headers: { Authorization: 'Bearer galleon' }
212
- }.not_to change { other_user.user_addresses.count }
213
-
214
- expect(response.status).to eq(401)
215
- end
216
- end
217
- end
218
-
219
- context 'unauthenticated' do
220
- before do
221
- @user = create(:user)
222
- end
223
-
224
- it 'GET returns a 401' do
225
- get "/api/users/#{@user.id}/address_book"
226
- expect(response.status).to eq(401)
227
- end
228
-
229
- it 'UPDATE returns a 401' do
230
- put "/api/users/#{@user.id}/address_book"
231
- expect(response.status).to eq(401)
232
- end
233
-
234
- it 'DELETE returns a 401' do
235
- delete "/api/users/#{@user.id}/address_book"
236
- expect(response.status).to eq(401)
237
- end
238
- end
239
- end
240
- end
@@ -1,34 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'spec_helper'
4
-
5
- describe "Jbuilder Cache", type: :request, caching: true do
6
- let!(:user) { create(:admin_user) }
7
-
8
- before do
9
- create(:variant)
10
- user.generate_spree_api_key!
11
- expect(Spree::Product.count).to eq(1)
12
- end
13
-
14
- it "doesn't create a cache key collision for models with different jbuilder templates" do
15
- get "/api/variants", params: { token: user.spree_api_key }
16
- expect(response.status).to eq(200)
17
-
18
- # Make sure we get a non master variant
19
- variant_a = JSON.parse(response.body)['variants'].find do |v|
20
- !v['is_master']
21
- end
22
-
23
- expect(variant_a['is_master']).to be false
24
- expect(variant_a['stock_items']).not_to be_nil
25
-
26
- get "/api/products/#{Spree::Product.first.id}", params: { token: user.spree_api_key }
27
- expect(response.status).to eq(200)
28
- variant_b = JSON.parse(response.body)['variants'].last
29
- expect(variant_b['is_master']).to be false
30
-
31
- expect(variant_a['id']).to eq(variant_b['id'])
32
- expect(variant_b['stock_items']).to be_nil
33
- end
34
- end
@@ -1,79 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'spec_helper'
4
-
5
- describe "Ransackable Attributes" do
6
- let(:user) { create(:user).tap(&:generate_spree_api_key!) }
7
- let(:order) { create(:order_with_line_items, user: user) }
8
- context "filtering by attributes one association away" do
9
- it "does not allow the filtering of variants by order attributes" do
10
- 2.times { create(:variant) }
11
-
12
- get "/api/variants?q[orders_email_start]=#{order.email}", params: { token: user.spree_api_key }
13
-
14
- variants_response = JSON.parse(response.body)
15
- expect(variants_response['total_count']).to eq(Spree::Variant.count)
16
- end
17
- end
18
-
19
- context "filtering by attributes two associations away" do
20
- it "does not allow the filtering of variants by user attributes" do
21
- 2.times { create(:variant) }
22
-
23
- get "/api/variants?q[orders_user_email_start]=#{order.user.email}", params: { token: user.spree_api_key }
24
-
25
- variants_response = JSON.parse(response.body)
26
- expect(variants_response['total_count']).to eq(Spree::Variant.count)
27
- end
28
- end
29
-
30
- context "it maintains desired association behavior" do
31
- it "allows filtering of variants product name" do
32
- product = create(:product, name: "Fritos")
33
- variant = create(:variant, product: product)
34
- other_variant = create(:variant)
35
-
36
- get "/api/variants?q[product_name_or_sku_cont]=fritos", params: { token: user.spree_api_key }
37
-
38
- skus = JSON.parse(response.body)['variants'].map { |x| x['sku'] }
39
- expect(skus).to include variant.sku
40
- expect(skus).not_to include other_variant.sku
41
- end
42
- end
43
-
44
- context "filtering by attributes" do
45
- it "most attributes are not filterable by default" do
46
- create(:product, description: "special product")
47
- create(:product)
48
-
49
- get "/api/products?q[description_cont]=special", params: { token: user.spree_api_key }
50
-
51
- products_response = JSON.parse(response.body)
52
- expect(products_response['total_count']).to eq(Spree::Product.count)
53
- end
54
-
55
- it "id is filterable by default" do
56
- product = create(:product)
57
- other_product = create(:product)
58
-
59
- get "/api/products?q[id_eq]=#{product.id}", params: { token: user.spree_api_key }
60
-
61
- product_names = JSON.parse(response.body)['products'].map { |x| x['name'] }
62
- expect(product_names).to include product.name
63
- expect(product_names).not_to include other_product.name
64
- end
65
- end
66
-
67
- context "filtering by whitelisted attributes" do
68
- it "filtering is supported for whitelisted attributes" do
69
- product = create(:product, name: "Fritos")
70
- other_product = create(:product)
71
-
72
- get "/api/products?q[name_cont]=fritos", params: { token: user.spree_api_key }
73
-
74
- product_names = JSON.parse(response.body)['products'].map { |x| x['name'] }
75
- expect(product_names).to include product.name
76
- expect(product_names).not_to include other_product.name
77
- end
78
- end
79
- end