solidus_api 2.2.2 → 2.3.0.beta1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of solidus_api might be problematic. Click here for more details.

Files changed (51) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/spree/api/images_controller.rb +2 -2
  3. data/app/controllers/spree/api/line_items_controller.rb +2 -10
  4. data/app/controllers/spree/api/orders_controller.rb +2 -12
  5. data/app/controllers/spree/api/payments_controller.rb +0 -1
  6. data/app/controllers/spree/api/promotions_controller.rb +1 -1
  7. data/app/controllers/spree/api/variants_controller.rb +2 -1
  8. data/app/views/spree/api/orders/show.v1.rabl +2 -1
  9. data/lib/spree/api/testing_support/setup.rb +1 -1
  10. data/spec/controllers/spree/api/base_controller_spec.rb +7 -7
  11. data/spec/controllers/spree/api/resource_controller_spec.rb +16 -16
  12. data/spec/requests/api/address_books_spec.rb +1 -1
  13. data/spec/{controllers → requests}/spree/api/addresses_controller_spec.rb +6 -9
  14. data/spec/{controllers → requests}/spree/api/checkouts_controller_spec.rb +38 -69
  15. data/spec/{controllers → requests}/spree/api/classifications_controller_spec.rb +4 -4
  16. data/spec/{controllers → requests}/spree/api/config_controller_spec.rb +3 -4
  17. data/spec/{controllers → requests}/spree/api/countries_controller_spec.rb +6 -7
  18. data/spec/{controllers → requests}/spree/api/credit_cards_controller_spec.rb +8 -9
  19. data/spec/{controllers → requests}/spree/api/images_controller_spec.rb +19 -16
  20. data/spec/{controllers → requests}/spree/api/inventory_units_controller_spec.rb +17 -14
  21. data/spec/{controllers → requests}/spree/api/line_items_controller_spec.rb +32 -32
  22. data/spec/{controllers → requests}/spree/api/option_types_controller_spec.rb +27 -27
  23. data/spec/{controllers → requests}/spree/api/option_values_controller_spec.rb +32 -29
  24. data/spec/{controllers → requests}/spree/api/orders_controller_spec.rb +103 -133
  25. data/spec/{controllers → requests}/spree/api/payments_controller_spec.rb +30 -44
  26. data/spec/{controllers → requests}/spree/api/product_properties_controller_spec.rb +15 -17
  27. data/spec/{controllers → requests}/spree/api/products_controller_spec.rb +44 -43
  28. data/spec/{controllers → requests}/spree/api/promotion_application_spec.rb +3 -4
  29. data/spec/{controllers → requests}/spree/api/promotions_controller_spec.rb +8 -6
  30. data/spec/{controllers → requests}/spree/api/properties_controller_spec.rb +15 -16
  31. data/spec/{controllers → requests}/spree/api/return_authorizations_controller_spec.rb +19 -21
  32. data/spec/requests/spree/api/shipments_controller_spec.rb +394 -88
  33. data/spec/{controllers → requests}/spree/api/states_controller_spec.rb +8 -9
  34. data/spec/{controllers → requests}/spree/api/stock_items_controller_spec.rb +21 -21
  35. data/spec/{controllers → requests}/spree/api/stock_locations_controller_spec.rb +18 -20
  36. data/spec/{controllers → requests}/spree/api/stock_movements_controller_spec.rb +9 -12
  37. data/spec/{controllers → requests}/spree/api/stock_transfers_controller_spec.rb +2 -3
  38. data/spec/requests/spree/api/store_credit_events_controller_spec.rb +57 -0
  39. data/spec/{controllers → requests}/spree/api/stores_controller_spec.rb +19 -20
  40. data/spec/{controllers → requests}/spree/api/taxonomies_controller_spec.rb +14 -15
  41. data/spec/{controllers → requests}/spree/api/taxons_controller_spec.rb +17 -18
  42. data/spec/{controllers → requests}/spree/api/transfer_items_controller_spec.rb +7 -9
  43. data/spec/{controllers → requests}/spree/api/unauthenticated_products_controller_spec.rb +2 -3
  44. data/spec/{controllers → requests}/spree/api/users_controller_spec.rb +18 -19
  45. data/spec/{controllers → requests}/spree/api/variants_controller_spec.rb +70 -37
  46. data/spec/{controllers → requests}/spree/api/zones_controller_spec.rb +13 -14
  47. data/spec/shared_examples/protect_product_actions.rb +3 -3
  48. data/spec/spec_helper.rb +4 -1
  49. metadata +70 -72
  50. data/spec/controllers/spree/api/shipments_controller_spec.rb +0 -301
  51. data/spec/controllers/spree/api/store_credit_events_controller_spec.rb +0 -66
data/spec/{controllers → requests}/spree/api/option_types_controller_spec.rb RENAMED
@@ -1,8 +1,7 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  module Spree
4
- describe Api::OptionTypesController, type: :controller do
5
- render_views
4
+ describe Api::OptionTypesController, type: :request do
6
5
 
7
6
  let(:attributes) { [:id, :name, :position, :presentation] }
8
7
  let!(:option_value) { create(:option_value) }
@@ -19,7 +18,7 @@ module Spree
19
18
  end
20
19
 
21
20
  it "can list all option types" do
22
- api_get :index
21
+ get spree.api_option_types_path
23
22
  expect(json_response.count).to eq(1)
24
23
  expect(json_response.first).to have_attributes(attributes)
25
24
 
@@ -28,7 +27,7 @@ module Spree
28
27
 
29
28
  it "can search for an option type" do
30
29
  create(:option_type, name: "buzz")
31
- api_get :index, q: { name_cont: option_type.name }
30
+ get spree.api_option_types_path, params: { q: { name_cont: option_type.name } }
32
31
  expect(json_response.count).to eq(1)
33
32
  expect(json_response.first).to have_attributes(attributes)
34
33
  end
@@ -36,38 +35,41 @@ module Spree
36
35
  it "can retrieve a list of specific option types" do
37
36
  option_type_1 = create(:option_type)
38
37
  create(:option_type)
39
- api_get :index, ids: "#{option_type.id},#{option_type_1.id}"
38
+ get spree.api_option_types_path, params: { ids: "#{option_type.id},#{option_type_1.id}" }
40
39
  expect(json_response.count).to eq(2)
41
40
 
42
41
  check_option_values(json_response.first["option_values"])
43
42
  end
44
43
 
45
44
  it "can list a single option type" do
46
- api_get :show, id: option_type.id
45
+ get spree.api_option_type_path(option_type)
47
46
  expect(json_response).to have_attributes(attributes)
48
47
  check_option_values(json_response["option_values"])
49
48
  end
50
49
 
51
50
  it "cannot create a new option type" do
52
- api_post :create, option_type: {
53
- name: "Option Type",
54
- presentation: "Option Type"
55
- }
51
+ post spree.api_option_types_path, params: {
52
+ option_type: {
53
+ name: "Option Type",
54
+ presentation: "Option Type"
55
+ }
56
+ }
56
57
  assert_unauthorized!
57
58
  end
58
59
 
59
60
  it "cannot alter an option type" do
60
61
  original_name = option_type.name
61
- api_put :update, id: option_type.id,
62
- option_type: {
63
- name: "Option Type"
64
- }
62
+ put spree.api_option_type_path(option_type), params: {
63
+ option_type: {
64
+ name: "Option Type"
65
+ }
66
+ }
65
67
  assert_not_found!
66
68
  expect(option_type.reload.name).to eq(original_name)
67
69
  end
68
70
 
69
71
  it "cannot delete an option type" do
70
- api_delete :destroy, id: option_type.id
72
+ delete spree.api_option_type_path(option_type)
71
73
  assert_not_found!
72
74
  expect { option_type.reload }.not_to raise_error
73
75
  end
@@ -76,23 +78,23 @@ module Spree
76
78
  sign_in_as_admin!
77
79
 
78
80
  it "can create an option type" do
79
- api_post :create, option_type: {
80
- name: "Option Type",
81
- presentation: "Option Type"
82
- }
81
+ post spree.api_option_types_path, params: {
82
+ option_type: {
83
+ name: "Option Type",
84
+ presentation: "Option Type"
85
+ }
86
+ }
83
87
  expect(json_response).to have_attributes(attributes)
84
88
  expect(response.status).to eq(201)
85
89
  end
86
90
 
87
91
  it "cannot create an option type with invalid attributes" do
88
- api_post :create, option_type: {}
92
+ post spree.api_option_types_path, params: { option_type: {} }
89
93
  expect(response.status).to eq(422)
90
94
  end
91
95
 
92
96
  it "can update an option type" do
93
- api_put :update, id: option_type.id, option_type: {
94
- name: "Option Type"
95
- }
97
+ put spree.api_option_type_path(option_type.id), params: { option_type: { name: "Option Type" } }
96
98
  expect(response.status).to eq(200)
97
99
 
98
100
  option_type.reload
@@ -100,14 +102,12 @@ module Spree
100
102
  end
101
103
 
102
104
  it "cannot update an option type with invalid attributes" do
103
- api_put :update, id: option_type.id, option_type: {
104
- name: ""
105
- }
105
+ put spree.api_option_type_path(option_type.id), params: { option_type: { name: "" } }
106
106
  expect(response.status).to eq(422)
107
107
  end
108
108
 
109
109
  it "can delete an option type" do
110
- api_delete :destroy, id: option_type.id
110
+ delete spree.api_option_type_path(option_type.id)
111
111
  expect(response.status).to eq(204)
112
112
  end
113
113
  end
data/spec/{controllers → requests}/spree/api/option_values_controller_spec.rb RENAMED
@@ -1,8 +1,7 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  module Spree
4
- describe Api::OptionValuesController, type: :controller do
5
- render_views
4
+ describe Api::OptionValuesController, type: :request do
6
5
 
7
6
  let(:attributes) { [:id, :name, :presentation, :option_type_name, :option_type_name] }
8
7
  let!(:option_value) { create(:option_value) }
@@ -25,7 +24,7 @@ module Spree
25
24
  end
26
25
 
27
26
  it "can retrieve a list of all option values" do
28
- api_get :index
27
+ get spree.api_option_values_path
29
28
  expect(json_response.count).to eq(2)
30
29
  expect(json_response.first).to have_attributes(attributes)
31
30
  end
@@ -35,14 +34,14 @@ module Spree
35
34
  let(:resource_scoping) { { option_type_id: option_type.id } }
36
35
 
37
36
  it "can list all option values" do
38
- api_get :index
37
+ get spree.api_option_values_path
39
38
  expect(json_response.count).to eq(1)
40
39
  expect(json_response.first).to have_attributes(attributes)
41
40
  end
42
41
 
43
42
  it "can search for an option type" do
44
43
  create(:option_value, name: "buzz")
45
- api_get :index, q: { name_cont: option_value.name }
44
+ get spree.api_option_values_path, params: { q: { name_cont: option_value.name } }
46
45
  expect(json_response.count).to eq(1)
47
46
  expect(json_response.first).to have_attributes(attributes)
48
47
  end
@@ -50,35 +49,39 @@ module Spree
50
49
  it "can retrieve a list of option types" do
51
50
  option_value_1 = create(:option_value, option_type: option_type)
52
51
  create(:option_value, option_type: option_type)
53
- api_get :index, ids: [option_value.id, option_value_1.id]
52
+ get spree.api_option_values_path, params: { ids: [option_value.id, option_value_1.id] }
54
53
  expect(json_response.count).to eq(2)
55
54
  end
56
55
 
57
56
  it "can list a single option value" do
58
- api_get :show, id: option_value.id
57
+ get spree.api_option_value_path(option_value.id)
59
58
  expect(json_response).to have_attributes(attributes)
60
59
  end
61
60
 
62
61
  it "cannot create a new option value" do
63
- api_post :create, option_value: {
64
- name: "Option Value",
65
- presentation: "Option Value"
66
- }
62
+ post spree.api_option_type_option_values_path(option_type), params: {
63
+ option_value: {
64
+ name: "Option Value",
65
+ presentation: "Option Value"
66
+ }
67
+ }
67
68
  assert_unauthorized!
68
69
  end
69
70
 
70
71
  it "cannot alter an option value" do
71
72
  original_name = option_type.name
72
- api_put :update, id: option_type.id,
73
- option_value: {
74
- name: "Option Value"
73
+ put spree.api_option_value_path(option_value.id), params: {
74
+ id: option_type.id,
75
+ option_value: {
76
+ name: "Option Value"
77
+ }
75
78
  }
76
79
  assert_not_found!
77
80
  expect(option_type.reload.name).to eq(original_name)
78
81
  end
79
82
 
80
83
  it "cannot delete an option value" do
81
- api_delete :destroy, id: option_type.id
84
+ delete spree.api_option_value_path(option_value)
82
85
  assert_not_found!
83
86
  expect { option_type.reload }.not_to raise_error
84
87
  end
@@ -87,23 +90,25 @@ module Spree
87
90
  sign_in_as_admin!
88
91
 
89
92
  it "can create an option value" do
90
- api_post :create, option_value: {
91
- name: "Option Value",
92
- presentation: "Option Value"
93
- }
93
+ post spree.api_option_type_option_values_path(option_type), params: {
94
+ option_value: {
95
+ name: "Option Value",
96
+ presentation: "Option Value",
97
+ }
98
+ }
94
99
  expect(json_response).to have_attributes(attributes)
95
100
  expect(response.status).to eq(201)
96
101
  end
97
102
 
98
103
  it "cannot create an option type with invalid attributes" do
99
- api_post :create, option_value: {}
104
+ post spree.api_option_type_option_values_path(option_type), params: { option_value: {name: ""} }
100
105
  expect(response.status).to eq(422)
101
106
  end
102
107
 
103
108
  it "can update an option value" do
104
- api_put :update, id: option_value.id, option_value: {
109
+ put spree.api_option_value_path(option_value.id), params: { option_value: {
105
110
  name: "Option Value"
106
- }
111
+ } }
107
112
  expect(response.status).to eq(200)
108
113
 
109
114
  option_value.reload
@@ -111,21 +116,19 @@ module Spree
111
116
  end
112
117
 
113
118
  it "permits the correct attributes" do
114
- expect(controller).to receive(:permitted_option_value_attributes)
115
- api_put :update, id: option_value.id, option_value: {
116
- name: ""
117
- }
119
+ expect_any_instance_of(Spree::Api::OptionValuesController).to receive(:permitted_option_value_attributes)
120
+ put spree.api_option_value_path(option_value), params: { option_value: { name: "" } }
118
121
  end
119
122
 
120
123
  it "cannot update an option value with invalid attributes" do
121
- api_put :update, id: option_value.id, option_value: {
124
+ put spree.api_option_value_path(option_value), params: { option_value: {
122
125
  name: ""
123
- }
126
+ } }
124
127
  expect(response.status).to eq(422)
125
128
  end
126
129
 
127
130
  it "can delete an option value" do
128
- api_delete :destroy, id: option_value.id
131
+ delete spree.api_option_value_path(option_value)
129
132
  expect(response.status).to eq(204)
130
133
  end
131
134
  end
data/spec/{controllers → requests}/spree/api/orders_controller_spec.rb RENAMED
@@ -2,8 +2,7 @@ require 'spec_helper'
2
2
  require 'spree/testing_support/bar_ability'
3
3
 
4
4
  module Spree
5
- describe Api::OrdersController, type: :controller do
6
- render_views
5
+ describe Api::OrdersController, type: :request do
7
6
  let!(:order) { create(:order) }
8
7
  let(:variant) { create(:variant) }
9
8
  let(:line_item) { create(:line_item) }
@@ -32,52 +31,29 @@ module Spree
32
31
  describe "POST create" do
33
32
  let(:target_user) { create :user }
34
33
  let(:date_override) { Time.parse('2015-01-01') }
35
- let(:attributes) { { user_id: target_user.id, created_at: date_override, email: target_user.email } }
36
34
 
37
- subject { api_post :create, order: attributes }
35
+ subject do
36
+ post spree.api_orders_path, params: { order: { user_id: target_user.id, created_at: date_override, email: target_user.email } }
37
+ response
38
+ end
38
39
 
39
40
  context "when the current user cannot administrate the order" do
40
- stub_authorization! do |_|
41
+ custom_authorization! do |_|
41
42
  can :create, Spree::Order
42
43
  end
43
44
 
44
- it "does not include unpermitted params, or allow overriding the user", focus: true do
45
+ it "does not include unpermitted params, or allow overriding the user" do
45
46
  subject
46
- expect(response).to be_success
47
47
  order = Spree::Order.last
48
48
  expect(order.user).to eq current_api_user
49
49
  expect(order.email).to eq target_user.email
50
50
  end
51
51
 
52
52
  it { is_expected.to be_success }
53
-
54
- context 'creating payment' do
55
- let(:attributes) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
56
-
57
- context "with allowed payment method" do
58
- let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
59
- it { is_expected.to be_success }
60
- it "creates a payment" do
61
- expect {
62
- subject
63
- }.to change { Spree::Payment.count }.by(1)
64
- end
65
- end
66
-
67
- context "with disallowed payment method" do
68
- let!(:payment_method) { create(:check_payment_method, name: "forbidden", available_to_users: false) }
69
- it { is_expected.to be_not_found }
70
- it "creates no payments" do
71
- expect {
72
- subject
73
- }.not_to change { Spree::Payment.count }
74
- end
75
- end
76
- end
77
53
  end
78
54
 
79
55
  context "when the current user can administrate the order" do
80
- stub_authorization! do |_|
56
+ custom_authorization! do |_|
81
57
  can [:admin, :create], Spree::Order
82
58
  end
83
59
 
@@ -91,16 +67,30 @@ module Spree
91
67
 
92
68
  it { is_expected.to be_success }
93
69
  end
70
+
71
+ context 'when the line items have custom attributes' do
72
+ it "can create an order with line items that have custom permitted attributes" do
73
+ PermittedAttributes.line_item_attributes << { options: [:some_option] }
74
+ expect_any_instance_of(Spree::LineItem).to receive(:some_option=).once.with('4')
75
+ post spree.api_orders_path, params: { order: { line_items: { "0" => { variant_id: variant.to_param, quantity: 5, options: { some_option: 4 } } } } }
76
+ expect(response.status).to eq(201)
77
+ order = Order.last
78
+ expect(order.line_items.count).to eq(1)
79
+ end
80
+ end
94
81
  end
95
82
 
96
83
  describe "PUT update" do
97
84
  let(:user) { create :user }
98
85
  let(:order_params) { { number: "anothernumber", user_id: user.id, email: "foo@foobar.com" } }
99
86
  let(:can_admin) { false }
100
- subject { api_put :update, id: order.to_param, order: order_params }
87
+ subject do
88
+ put spree.api_order_path(order), params: { order: order_params }
89
+ response
90
+ end
101
91
 
102
92
  context "when the user cannot administer the order" do
103
- stub_authorization! do |_|
93
+ custom_authorization! do |_|
104
94
  can [:update], Spree::Order
105
95
  end
106
96
 
@@ -123,34 +113,10 @@ module Spree
123
113
  subject
124
114
  }.to_not change{ order.reload.number }
125
115
  end
126
-
127
- context 'creating payment' do
128
- let(:order_params) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
129
-
130
- context "with allowed payment method" do
131
- let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
132
- it { is_expected.to be_success }
133
- it "creates a payment" do
134
- expect {
135
- subject
136
- }.to change { Spree::Payment.count }.by(1)
137
- end
138
- end
139
-
140
- context "with disallowed payment method" do
141
- let!(:payment_method) { create(:check_payment_method, name: "forbidden", available_to_users: false) }
142
- it { is_expected.to be_not_found }
143
- it "creates no payments" do
144
- expect {
145
- subject
146
- }.not_to change { Spree::Payment.count }
147
- end
148
- end
149
- end
150
116
  end
151
117
 
152
118
  context "when the user can administer the order" do
153
- stub_authorization! do |_|
119
+ custom_authorization! do |_|
154
120
  can [:admin, :update], Spree::Order
155
121
  end
156
122
 
@@ -168,7 +134,7 @@ module Spree
168
134
  end
169
135
 
170
136
  it "cannot view all orders" do
171
- api_get :index
137
+ get spree.api_orders_path
172
138
  assert_unauthorized!
173
139
  end
174
140
 
@@ -176,7 +142,7 @@ module Spree
176
142
  let(:current_api_user) { nil }
177
143
 
178
144
  it "returns a 401" do
179
- api_get :mine
145
+ get spree.api_my_orders_path
180
146
  expect(response.status).to eq(401)
181
147
  end
182
148
  end
@@ -187,8 +153,7 @@ module Spree
187
153
  let(:order) { create(:order, line_items: [line_item], store: store) }
188
154
 
189
155
  it "can view all of their own orders for the current store" do
190
- request.env['SERVER_NAME'] = store.url
191
- api_get :mine
156
+ get spree.api_my_orders_path, headers: { 'SERVER_NAME' => store.url }
192
157
 
193
158
  expect(response.status).to eq(200)
194
159
  expect(json_response["pages"]).to eq(1)
@@ -200,16 +165,14 @@ module Spree
200
165
  end
201
166
 
202
167
  it "cannot view orders for a different store" do
203
- request.env['SERVER_NAME'] = "foo"
204
- api_get :mine
168
+ get spree.api_my_orders_path, headers: { 'SERVER_NAME' => 'foo' }
205
169
 
206
170
  expect(response.status).to eq(200)
207
171
  expect(json_response["orders"].length).to eq(0)
208
172
  end
209
173
 
210
174
  it "can filter the returned results" do
211
- request.env['SERVER_NAME'] = store.url
212
- api_get :mine, q: { completed_at_not_null: 1 }
175
+ get spree.api_my_orders_path, params: { q: { completed_at_not_null: 1 } }, headers: { 'SERVER_NAME' => store.url }
213
176
 
214
177
  expect(response.status).to eq(200)
215
178
  expect(json_response["orders"].length).to eq(0)
@@ -225,8 +188,7 @@ module Spree
225
188
  order4 = Order.create user: order.user, completed_at: nil, created_at: 0.days.ago, store: store
226
189
  expect(order4.created_at).to be > order3.created_at
227
190
 
228
- request.env['SERVER_NAME'] = store.url
229
- api_get :mine
191
+ get spree.api_my_orders_path, headers: { 'SERVER_NAME' => store.url }
230
192
  expect(response.status).to eq(200)
231
193
  expect(json_response["pages"]).to eq(1)
232
194
  orders = json_response["orders"]
@@ -242,14 +204,14 @@ module Spree
242
204
  let!(:order) { create(:order, line_items: [line_item]) }
243
205
 
244
206
  it "uses the user's last_incomplete_spree_order logic with the current store" do
245
- expect(current_api_user).to receive(:last_incomplete_spree_order).with(store: controller.current_store)
246
- api_get :current, format: 'json'
207
+ expect(current_api_user).to receive(:last_incomplete_spree_order).with(store: Spree::Store.default)
208
+ get spree.api_current_order_path(format: 'json')
247
209
  end
248
210
  end
249
211
 
250
212
  it "can view their own order" do
251
213
  allow_any_instance_of(Order).to receive_messages user: current_api_user
252
- api_get :show, id: order.to_param
214
+ get spree.api_order_path(order)
253
215
  expect(response.status).to eq(200)
254
216
  expect(json_response).to have_attributes(attributes)
255
217
  expect(json_response["adjustments"]).to be_empty
@@ -259,7 +221,7 @@ module Spree
259
221
  let(:order) { create :order_with_line_items }
260
222
  let(:adjustment) { FactoryGirl.create(:adjustment, adjustable: order, order: order) }
261
223
 
262
- subject { api_get :show, id: order.to_param }
224
+ subject { get spree.api_order_path(order) }
263
225
 
264
226
  before do
265
227
  allow_any_instance_of(Order).to receive_messages user: current_api_user
@@ -310,7 +272,7 @@ module Spree
310
272
 
311
273
  it "orders contain the basic checkout steps" do
312
274
  allow_any_instance_of(Order).to receive_messages user: current_api_user
313
- api_get :show, id: order.to_param
275
+ get spree.api_order_path(order)
314
276
  expect(response.status).to eq(200)
315
277
  expect(json_response["checkout_steps"]).to eq(%w[address delivery confirm complete])
316
278
  end
@@ -319,23 +281,22 @@ module Spree
319
281
  it "can view an order not in a standard state" do
320
282
  allow_any_instance_of(Order).to receive_messages user: current_api_user
321
283
  order.update_column(:state, 'shipped')
322
- api_get :show, id: order.to_param
284
+ get spree.api_order_path(order)
323
285
  end
324
286
 
325
287
  it "can not view someone else's order" do
326
288
  allow_any_instance_of(Order).to receive_messages user: stub_model(Spree::LegacyUser)
327
- api_get :show, id: order.to_param
289
+ get spree.api_order_path(order)
328
290
  assert_unauthorized!
329
291
  end
330
292
 
331
293
  it "can view an order if the token is known" do
332
- api_get :show, id: order.to_param, order_token: order.guest_token
294
+ get spree.api_order_path(order), params: { order_token: order.guest_token }
333
295
  expect(response.status).to eq(200)
334
296
  end
335
297
 
336
298
  it "can view an order if the token is passed in header" do
337
- request.headers["X-Spree-Order-Token"] = order.guest_token
338
- api_get :show, id: order.to_param
299
+ get spree.api_order_path(order), headers: { "X-Spree-Order-Token" => order.guest_token }
339
300
  expect(response.status).to eq(200)
340
301
  end
341
302
 
@@ -346,7 +307,7 @@ module Spree
346
307
  it "can view an order" do
347
308
  user = build(:user, spree_roles: [Spree::Role.new(name: 'bar')])
348
309
  allow(Spree.user_class).to receive_messages find_by: user
349
- api_get :show, id: order.to_param
310
+ get spree.api_order_path(order)
350
311
  expect(response.status).to eq(200)
351
312
  end
352
313
  end
@@ -354,12 +315,12 @@ module Spree
354
315
  it "cannot cancel an order that doesn't belong to them" do
355
316
  order.update_attribute(:completed_at, Time.current)
356
317
  order.update_attribute(:shipment_state, "ready")
357
- api_put :cancel, id: order.to_param
318
+ put spree.cancel_api_order_path(order)
358
319
  assert_unauthorized!
359
320
  end
360
321
 
361
322
  it "can create an order" do
362
- api_post :create, order: { line_items: { "0" => { variant_id: variant.to_param, quantity: 5 } } }
323
+ post spree.api_orders_path, params: { order: { line_items: { "0" => { variant_id: variant.to_param, quantity: 5 } } } }
363
324
  expect(response.status).to eq(201)
364
325
 
365
326
  order = Order.last
@@ -376,20 +337,25 @@ module Spree
376
337
  end
377
338
 
378
339
  it "assigns email when creating a new order" do
379
- api_post :create, order: { email: "guest@spreecommerce.com" }
340
+ post spree.api_orders_path, params: { order: { email: "guest@spreecommerce.com" } }
380
341
  expect(json_response['email']).not_to eq controller.current_api_user
381
342
  expect(json_response['email']).to eq "guest@spreecommerce.com"
382
343
  end
383
344
 
384
345
  # Regression test for https://github.com/spree/spree/issues/3404
385
346
  it "can specify additional parameters for a line item" do
386
- expect_any_instance_of(Spree::LineItem).to receive(:special=).with("foo")
387
-
388
- allow(controller).to receive_messages(permitted_line_item_attributes: [:id, :variant_id, :quantity, :special])
389
- api_post :create, order: {
390
- line_items: {
391
- "0" => {
392
- variant_id: variant.to_param, quantity: 5, special: "foo"
347
+ expect(Order).to receive(:create!).and_return(order = Spree::Order.new)
348
+ allow(order).to receive(:associate_user!)
349
+ allow(order).to receive_message_chain(:contents, :add).and_return(line_item = double('LineItem'))
350
+ expect(line_item).to receive(:update_attributes!).with(hash_including("special" => "foo"))
351
+
352
+ allow_any_instance_of(Spree::Api::OrdersController).to receive_messages(permitted_line_item_attributes: [:id, :variant_id, :quantity, :special])
353
+ post spree.api_orders_path, params: {
354
+ order: {
355
+ line_items: {
356
+ "0" => {
357
+ variant_id: variant.to_param, quantity: 5, special: "foo"
358
+ }
393
359
  }
394
360
  }
395
361
  }
@@ -397,10 +363,12 @@ module Spree
397
363
  end
398
364
 
399
365
  it "cannot arbitrarily set the line items price" do
400
- api_post :create, order: {
401
- line_items: {
402
- "0" => {
403
- price: 33.0, variant_id: variant.to_param, quantity: 5
366
+ post spree.api_orders_path, params: {
367
+ order: {
368
+ line_items: {
369
+ "0" => {
370
+ price: 33.0, variant_id: variant.to_param, quantity: 5
371
+ }
404
372
  }
405
373
  }
406
374
  }
@@ -413,14 +381,14 @@ module Spree
413
381
  let!(:current_api_user) { create :admin_user }
414
382
 
415
383
  it "is able to set any default unpermitted attribute" do
416
- api_post :create, order: { number: "WOW" }
384
+ post spree.api_orders_path, params: { order: { number: "WOW" } }
417
385
  expect(response.status).to eq 201
418
386
  expect(json_response['number']).to eq "WOW"
419
387
  end
420
388
  end
421
389
 
422
390
  it "can create an order without any parameters" do
423
- api_post :create
391
+ post spree.api_orders_path
424
392
  expect(response.status).to eq(201)
425
393
  expect(json_response["state"]).to eq("cart")
426
394
  end
@@ -446,11 +414,11 @@ module Spree
446
414
  before { allow_any_instance_of(Order).to receive_messages user: current_api_user }
447
415
 
448
416
  it "updates quantities of existing line items" do
449
- api_put :update, id: order.to_param, order: {
417
+ put spree.api_order_path(order), params: { order: {
450
418
  line_items: {
451
419
  "0" => { id: line_item.id, quantity: 10 }
452
420
  }
453
- }
421
+ } }
454
422
 
455
423
  expect(response.status).to eq(200)
456
424
  expect(json_response['line_items'].count).to eq(1)
@@ -459,12 +427,12 @@ module Spree
459
427
 
460
428
  it "adds an extra line item" do
461
429
  variant2 = create(:variant)
462
- api_put :update, id: order.to_param, order: {
430
+ put spree.api_order_path(order), params: { order: {
463
431
  line_items: {
464
432
  "0" => { id: line_item.id, quantity: 10 },
465
433
  "1" => { variant_id: variant2.id, quantity: 1 }
466
434
  }
467
- }
435
+ } }
468
436
 
469
437
  expect(response.status).to eq(200)
470
438
  expect(json_response['line_items'].count).to eq(2)
@@ -474,11 +442,11 @@ module Spree
474
442
  end
475
443
 
476
444
  it "cannot change the price of an existing line item" do
477
- api_put :update, id: order.to_param, order: {
445
+ put spree.api_order_path(order), params: { order: {
478
446
  line_items: {
479
447
  0 => { id: line_item.id, price: 0 }
480
448
  }
481
- }
449
+ } }
482
450
 
483
451
  expect(response.status).to eq(200)
484
452
  expect(json_response['line_items'].count).to eq(1)
@@ -487,7 +455,7 @@ module Spree
487
455
  end
488
456
 
489
457
  it "can add billing address" do
490
- api_put :update, id: order.to_param, order: { bill_address_attributes: billing_address }
458
+ put spree.api_order_path(order), params: { order: { bill_address_attributes: billing_address } }
491
459
 
492
460
  expect(order.reload.bill_address).to_not be_nil
493
461
  end
@@ -495,7 +463,7 @@ module Spree
495
463
  it "receives error message if trying to add billing address with errors" do
496
464
  billing_address[:firstname] = ""
497
465
 
498
- api_put :update, id: order.to_param, order: { bill_address_attributes: billing_address }
466
+ put spree.api_order_path(order), params: { order: { bill_address_attributes: billing_address } }
499
467
 
500
468
  expect(json_response['error']).not_to be_nil
501
469
  expect(json_response['errors']).not_to be_nil
@@ -506,7 +474,7 @@ module Spree
506
474
  order.update_attributes!(ship_address_id: nil)
507
475
 
508
476
  expect {
509
- api_put :update, id: order.to_param, order: { ship_address_attributes: shipping_address }
477
+ put spree.api_order_path(order), params: { order: { ship_address_attributes: shipping_address } }
510
478
  }.to change { order.reload.ship_address }.from(nil)
511
479
  end
512
480
 
@@ -515,7 +483,7 @@ module Spree
515
483
 
516
484
  shipping_address[:firstname] = ""
517
485
 
518
- api_put :update, id: order.to_param, order: { ship_address_attributes: shipping_address }
486
+ put spree.api_order_path(order), params: { order: { ship_address_attributes: shipping_address } }
519
487
 
520
488
  expect(json_response['error']).not_to be_nil
521
489
  expect(json_response['errors']).not_to be_nil
@@ -525,7 +493,7 @@ module Spree
525
493
  it "cannot set the user_id for the order" do
526
494
  user = Spree.user_class.create
527
495
  original_id = order.user_id
528
- api_post :update, id: order.to_param, order: { user_id: user.id }
496
+ put spree.api_order_path(order), params: { order: { user_id: user.id } }
529
497
  expect(response.status).to eq 200
530
498
  expect(json_response["user_id"]).to eq(original_id)
531
499
  end
@@ -534,11 +502,11 @@ module Spree
534
502
  before { order.create_proposed_shipments }
535
503
 
536
504
  it "clears out all existing shipments on line item udpate" do
537
- api_put :update, id: order.to_param, order: {
505
+ put spree.api_order_path(order), params: { order: {
538
506
  line_items: {
539
507
  0 => { id: line_item.id, quantity: 10 }
540
508
  }
541
- }
509
+ } }
542
510
  expect(order.reload.shipments).to be_empty
543
511
  end
544
512
  end
@@ -548,7 +516,7 @@ module Spree
548
516
 
549
517
  it "can empty an order" do
550
518
  create(:adjustment, order: order, adjustable: order)
551
- api_put :empty, id: order.to_param
519
+ put spree.empty_api_order_path(order)
552
520
  expect(response.status).to eq(204)
553
521
  order.reload
554
522
  expect(order.line_items).to be_empty
@@ -558,19 +526,19 @@ module Spree
558
526
  it "can list its line items with images" do
559
527
  order.line_items.first.variant.images.create!(attachment: image("thinking-cat.jpg"))
560
528
 
561
- api_get :show, id: order.to_param
529
+ get spree.api_order_path(order)
562
530
 
563
531
  expect(json_response['line_items'].first['variant']).to have_attributes([:images])
564
532
  end
565
533
 
566
534
  it "lists variants product id" do
567
- api_get :show, id: order.to_param
535
+ get spree.api_order_path(order)
568
536
 
569
537
  expect(json_response['line_items'].first['variant']).to have_attributes([:product_id])
570
538
  end
571
539
 
572
540
  it "includes the tax_total in the response" do
573
- api_get :show, id: order.to_param
541
+ get spree.api_order_path(order)
574
542
 
575
543
  expect(json_response['included_tax_total']).to eq('0.0')
576
544
  expect(json_response['additional_tax_total']).to eq('0.0')
@@ -584,7 +552,7 @@ module Spree
584
552
  order: order,
585
553
  adjustable: order.line_items.first)
586
554
  adjustment.update_column(:amount, 5)
587
- api_get :show, id: order.to_param
555
+ get spree.api_order_path(order)
588
556
 
589
557
  adjustment = json_response['line_items'].first['adjustments'].first
590
558
  expect(adjustment['label']).to eq("10% off!")
@@ -593,7 +561,7 @@ module Spree
593
561
 
594
562
  it "lists payments source without gateway info" do
595
563
  order.payments.push payment = create(:payment)
596
- api_get :show, id: order.to_param
564
+ get spree.api_order_path(order)
597
565
 
598
566
  source = json_response[:payments].first[:source]
599
567
  expect(source[:name]).to eq payment.source.name
@@ -620,14 +588,14 @@ module Spree
620
588
  end
621
589
 
622
590
  it "includes the ship_total in the response" do
623
- api_get :show, id: order.to_param
591
+ get spree.api_order_path(order)
624
592
 
625
593
  expect(json_response['ship_total']).to eq '10.0'
626
594
  expect(json_response['display_ship_total']).to eq '$10.00'
627
595
  end
628
596
 
629
597
  it "returns available shipments for an order" do
630
- api_get :show, id: order.to_param
598
+ get spree.api_order_path(order)
631
599
  expect(response.status).to eq(200)
632
600
  expect(json_response["shipments"]).not_to be_empty
633
601
  shipment = json_response["shipments"][0]
@@ -666,7 +634,7 @@ module Spree
666
634
  context "with no orders" do
667
635
  before { Spree::Order.delete_all }
668
636
  it "still returns a root :orders key" do
669
- api_get :index
637
+ get spree.api_orders_path
670
638
  expect(json_response["orders"]).to eq([])
671
639
  end
672
640
  end
@@ -678,7 +646,7 @@ module Spree
678
646
  end
679
647
 
680
648
  it "returns unique orders" do
681
- api_get :index
649
+ get spree.api_orders_path
682
650
 
683
651
  orders = json_response[:orders]
684
652
  expect(orders.count).to be >= 3
@@ -690,7 +658,7 @@ module Spree
690
658
 
691
659
  it "lists payments source with gateway info" do
692
660
  order.payments.push payment = create(:payment)
693
- api_get :show, id: order.to_param
661
+ get spree.api_order_path(order)
694
662
 
695
663
  source = json_response[:payments].first[:source]
696
664
  expect(source[:name]).to eq payment.source.name
@@ -706,7 +674,7 @@ module Spree
706
674
  before { create(:order) }
707
675
 
708
676
  it "can view all orders" do
709
- api_get :index
677
+ get spree.api_orders_path
710
678
  expect(json_response["orders"].first).to have_attributes(attributes)
711
679
  expect(json_response["count"]).to eq(2)
712
680
  expect(json_response["current_page"]).to eq(1)
@@ -715,7 +683,7 @@ module Spree
715
683
 
716
684
  # Test for https://github.com/spree/spree/issues/1763
717
685
  it "can control the page size through a parameter" do
718
- api_get :index, per_page: 1
686
+ get spree.api_orders_path, params: { per_page: 1 }
719
687
  expect(json_response["orders"].count).to eq(1)
720
688
  expect(json_response["orders"].first).to have_attributes(attributes)
721
689
  expect(json_response["count"]).to eq(1)
@@ -733,7 +701,7 @@ module Spree
733
701
  let(:expected_result) { Spree::Order.last }
734
702
 
735
703
  it "can query the results through a parameter" do
736
- api_get :index, q: { email_cont: 'spree' }
704
+ get spree.api_orders_path, params: { q: { email_cont: 'spree' } }
737
705
  expect(json_response["orders"].count).to eq(1)
738
706
  expect(json_response["orders"].first).to have_attributes(attributes)
739
707
  expect(json_response["orders"].first["email"]).to eq(expected_result.email)
@@ -745,16 +713,18 @@ module Spree
745
713
 
746
714
  context "creation" do
747
715
  it "can create an order without any parameters" do
748
- api_post :create
716
+ post spree.api_orders_path
749
717
  expect(response.status).to eq(201)
750
718
  expect(json_response["state"]).to eq("cart")
751
719
  end
752
720
 
753
721
  it "can arbitrarily set the line items price" do
754
- api_post :create, order: {
755
- line_items: {
756
- "0" => {
757
- price: 33.0, variant_id: variant.to_param, quantity: 5
722
+ post spree.api_orders_path, params: {
723
+ order: {
724
+ line_items: {
725
+ "0" => {
726
+ price: 33.0, variant_id: variant.to_param, quantity: 5
727
+ }
758
728
  }
759
729
  }
760
730
  }
@@ -764,7 +734,7 @@ module Spree
764
734
 
765
735
  it "can set the user_id for the order" do
766
736
  user = Spree.user_class.create
767
- api_post :create, order: { user_id: user.id }
737
+ post spree.api_orders_path, params: { order: { user_id: user.id } }
768
738
  expect(response.status).to eq 201
769
739
  expect(json_response["user_id"]).to eq(user.id)
770
740
  end
@@ -773,7 +743,7 @@ module Spree
773
743
  context "updating" do
774
744
  it "can set the user_id for the order" do
775
745
  user = Spree.user_class.create
776
- api_post :update, id: order.number, order: { user_id: user.id }
746
+ put spree.api_order_path(order), params: { order: { user_id: user.id } }
777
747
  expect(response.status).to eq 200
778
748
  expect(json_response["user_id"]).to eq(user.id)
779
749
  end
@@ -790,7 +760,7 @@ module Spree
790
760
  end
791
761
 
792
762
  specify do
793
- api_put :cancel, id: order.to_param
763
+ put spree.cancel_api_order_path(order)
794
764
  expect(json_response["state"]).to eq("canceled")
795
765
  expect(json_response["canceler_id"]).to eq(current_api_user.id)
796
766
  end
@@ -809,7 +779,7 @@ module Spree
809
779
  let(:order) { create(:order_with_line_items) }
810
780
 
811
781
  it 'applies the coupon' do
812
- api_put :apply_coupon_code, id: order.to_param, coupon_code: promo_code.value
782
+ put spree.apply_coupon_code_api_order_path(order), params: { coupon_code: promo_code.value }
813
783
 
814
784
  expect(response.status).to eq 200
815
785
  expect(order.reload.promotions).to eq [promo]
@@ -826,7 +796,7 @@ module Spree
826
796
  let(:order) { create(:order) } # no line items to apply the code to
827
797
 
828
798
  it 'returns an error' do
829
- api_put :apply_coupon_code, id: order.to_param, coupon_code: promo_code.value
799
+ put spree.apply_coupon_code_api_order_path(order), params: { coupon_code: promo_code.value }
830
800
 
831
801
  expect(response.status).to eq 422
832
802
  expect(order.reload.promotions).to eq []