solidus_api 2.2.2 → 2.3.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of solidus_api might be problematic. Click here for more details.

Files changed (51) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/spree/api/images_controller.rb +2 -2
  3. data/app/controllers/spree/api/line_items_controller.rb +2 -10
  4. data/app/controllers/spree/api/orders_controller.rb +2 -12
  5. data/app/controllers/spree/api/payments_controller.rb +0 -1
  6. data/app/controllers/spree/api/promotions_controller.rb +1 -1
  7. data/app/controllers/spree/api/variants_controller.rb +2 -1
  8. data/app/views/spree/api/orders/show.v1.rabl +2 -1
  9. data/lib/spree/api/testing_support/setup.rb +1 -1
  10. data/spec/controllers/spree/api/base_controller_spec.rb +7 -7
  11. data/spec/controllers/spree/api/resource_controller_spec.rb +16 -16
  12. data/spec/requests/api/address_books_spec.rb +1 -1
  13. data/spec/{controllers → requests}/spree/api/addresses_controller_spec.rb +6 -9
  14. data/spec/{controllers → requests}/spree/api/checkouts_controller_spec.rb +38 -69
  15. data/spec/{controllers → requests}/spree/api/classifications_controller_spec.rb +4 -4
  16. data/spec/{controllers → requests}/spree/api/config_controller_spec.rb +3 -4
  17. data/spec/{controllers → requests}/spree/api/countries_controller_spec.rb +6 -7
  18. data/spec/{controllers → requests}/spree/api/credit_cards_controller_spec.rb +8 -9
  19. data/spec/{controllers → requests}/spree/api/images_controller_spec.rb +19 -16
  20. data/spec/{controllers → requests}/spree/api/inventory_units_controller_spec.rb +17 -14
  21. data/spec/{controllers → requests}/spree/api/line_items_controller_spec.rb +32 -32
  22. data/spec/{controllers → requests}/spree/api/option_types_controller_spec.rb +27 -27
  23. data/spec/{controllers → requests}/spree/api/option_values_controller_spec.rb +32 -29
  24. data/spec/{controllers → requests}/spree/api/orders_controller_spec.rb +103 -133
  25. data/spec/{controllers → requests}/spree/api/payments_controller_spec.rb +30 -44
  26. data/spec/{controllers → requests}/spree/api/product_properties_controller_spec.rb +15 -17
  27. data/spec/{controllers → requests}/spree/api/products_controller_spec.rb +44 -43
  28. data/spec/{controllers → requests}/spree/api/promotion_application_spec.rb +3 -4
  29. data/spec/{controllers → requests}/spree/api/promotions_controller_spec.rb +8 -6
  30. data/spec/{controllers → requests}/spree/api/properties_controller_spec.rb +15 -16
  31. data/spec/{controllers → requests}/spree/api/return_authorizations_controller_spec.rb +19 -21
  32. data/spec/requests/spree/api/shipments_controller_spec.rb +394 -88
  33. data/spec/{controllers → requests}/spree/api/states_controller_spec.rb +8 -9
  34. data/spec/{controllers → requests}/spree/api/stock_items_controller_spec.rb +21 -21
  35. data/spec/{controllers → requests}/spree/api/stock_locations_controller_spec.rb +18 -20
  36. data/spec/{controllers → requests}/spree/api/stock_movements_controller_spec.rb +9 -12
  37. data/spec/{controllers → requests}/spree/api/stock_transfers_controller_spec.rb +2 -3
  38. data/spec/requests/spree/api/store_credit_events_controller_spec.rb +57 -0
  39. data/spec/{controllers → requests}/spree/api/stores_controller_spec.rb +19 -20
  40. data/spec/{controllers → requests}/spree/api/taxonomies_controller_spec.rb +14 -15
  41. data/spec/{controllers → requests}/spree/api/taxons_controller_spec.rb +17 -18
  42. data/spec/{controllers → requests}/spree/api/transfer_items_controller_spec.rb +7 -9
  43. data/spec/{controllers → requests}/spree/api/unauthenticated_products_controller_spec.rb +2 -3
  44. data/spec/{controllers → requests}/spree/api/users_controller_spec.rb +18 -19
  45. data/spec/{controllers → requests}/spree/api/variants_controller_spec.rb +70 -37
  46. data/spec/{controllers → requests}/spree/api/zones_controller_spec.rb +13 -14
  47. data/spec/shared_examples/protect_product_actions.rb +3 -3
  48. data/spec/spec_helper.rb +4 -1
  49. metadata +70 -72
  50. data/spec/controllers/spree/api/shipments_controller_spec.rb +0 -301
  51. data/spec/controllers/spree/api/store_credit_events_controller_spec.rb +0 -66
@@ -1,8 +1,7 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  module Spree
4
- describe Api::OptionTypesController, type: :controller do
5
- render_views
4
+ describe Api::OptionTypesController, type: :request do
6
5
 
7
6
  let(:attributes) { [:id, :name, :position, :presentation] }
8
7
  let!(:option_value) { create(:option_value) }
@@ -19,7 +18,7 @@ module Spree
19
18
  end
20
19
 
21
20
  it "can list all option types" do
22
- api_get :index
21
+ get spree.api_option_types_path
23
22
  expect(json_response.count).to eq(1)
24
23
  expect(json_response.first).to have_attributes(attributes)
25
24
 
@@ -28,7 +27,7 @@ module Spree
28
27
 
29
28
  it "can search for an option type" do
30
29
  create(:option_type, name: "buzz")
31
- api_get :index, q: { name_cont: option_type.name }
30
+ get spree.api_option_types_path, params: { q: { name_cont: option_type.name } }
32
31
  expect(json_response.count).to eq(1)
33
32
  expect(json_response.first).to have_attributes(attributes)
34
33
  end
@@ -36,38 +35,41 @@ module Spree
36
35
  it "can retrieve a list of specific option types" do
37
36
  option_type_1 = create(:option_type)
38
37
  create(:option_type)
39
- api_get :index, ids: "#{option_type.id},#{option_type_1.id}"
38
+ get spree.api_option_types_path, params: { ids: "#{option_type.id},#{option_type_1.id}" }
40
39
  expect(json_response.count).to eq(2)
41
40
 
42
41
  check_option_values(json_response.first["option_values"])
43
42
  end
44
43
 
45
44
  it "can list a single option type" do
46
- api_get :show, id: option_type.id
45
+ get spree.api_option_type_path(option_type)
47
46
  expect(json_response).to have_attributes(attributes)
48
47
  check_option_values(json_response["option_values"])
49
48
  end
50
49
 
51
50
  it "cannot create a new option type" do
52
- api_post :create, option_type: {
53
- name: "Option Type",
54
- presentation: "Option Type"
55
- }
51
+ post spree.api_option_types_path, params: {
52
+ option_type: {
53
+ name: "Option Type",
54
+ presentation: "Option Type"
55
+ }
56
+ }
56
57
  assert_unauthorized!
57
58
  end
58
59
 
59
60
  it "cannot alter an option type" do
60
61
  original_name = option_type.name
61
- api_put :update, id: option_type.id,
62
- option_type: {
63
- name: "Option Type"
64
- }
62
+ put spree.api_option_type_path(option_type), params: {
63
+ option_type: {
64
+ name: "Option Type"
65
+ }
66
+ }
65
67
  assert_not_found!
66
68
  expect(option_type.reload.name).to eq(original_name)
67
69
  end
68
70
 
69
71
  it "cannot delete an option type" do
70
- api_delete :destroy, id: option_type.id
72
+ delete spree.api_option_type_path(option_type)
71
73
  assert_not_found!
72
74
  expect { option_type.reload }.not_to raise_error
73
75
  end
@@ -76,23 +78,23 @@ module Spree
76
78
  sign_in_as_admin!
77
79
 
78
80
  it "can create an option type" do
79
- api_post :create, option_type: {
80
- name: "Option Type",
81
- presentation: "Option Type"
82
- }
81
+ post spree.api_option_types_path, params: {
82
+ option_type: {
83
+ name: "Option Type",
84
+ presentation: "Option Type"
85
+ }
86
+ }
83
87
  expect(json_response).to have_attributes(attributes)
84
88
  expect(response.status).to eq(201)
85
89
  end
86
90
 
87
91
  it "cannot create an option type with invalid attributes" do
88
- api_post :create, option_type: {}
92
+ post spree.api_option_types_path, params: { option_type: {} }
89
93
  expect(response.status).to eq(422)
90
94
  end
91
95
 
92
96
  it "can update an option type" do
93
- api_put :update, id: option_type.id, option_type: {
94
- name: "Option Type"
95
- }
97
+ put spree.api_option_type_path(option_type.id), params: { option_type: { name: "Option Type" } }
96
98
  expect(response.status).to eq(200)
97
99
 
98
100
  option_type.reload
@@ -100,14 +102,12 @@ module Spree
100
102
  end
101
103
 
102
104
  it "cannot update an option type with invalid attributes" do
103
- api_put :update, id: option_type.id, option_type: {
104
- name: ""
105
- }
105
+ put spree.api_option_type_path(option_type.id), params: { option_type: { name: "" } }
106
106
  expect(response.status).to eq(422)
107
107
  end
108
108
 
109
109
  it "can delete an option type" do
110
- api_delete :destroy, id: option_type.id
110
+ delete spree.api_option_type_path(option_type.id)
111
111
  expect(response.status).to eq(204)
112
112
  end
113
113
  end
@@ -1,8 +1,7 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  module Spree
4
- describe Api::OptionValuesController, type: :controller do
5
- render_views
4
+ describe Api::OptionValuesController, type: :request do
6
5
 
7
6
  let(:attributes) { [:id, :name, :presentation, :option_type_name, :option_type_name] }
8
7
  let!(:option_value) { create(:option_value) }
@@ -25,7 +24,7 @@ module Spree
25
24
  end
26
25
 
27
26
  it "can retrieve a list of all option values" do
28
- api_get :index
27
+ get spree.api_option_values_path
29
28
  expect(json_response.count).to eq(2)
30
29
  expect(json_response.first).to have_attributes(attributes)
31
30
  end
@@ -35,14 +34,14 @@ module Spree
35
34
  let(:resource_scoping) { { option_type_id: option_type.id } }
36
35
 
37
36
  it "can list all option values" do
38
- api_get :index
37
+ get spree.api_option_values_path
39
38
  expect(json_response.count).to eq(1)
40
39
  expect(json_response.first).to have_attributes(attributes)
41
40
  end
42
41
 
43
42
  it "can search for an option type" do
44
43
  create(:option_value, name: "buzz")
45
- api_get :index, q: { name_cont: option_value.name }
44
+ get spree.api_option_values_path, params: { q: { name_cont: option_value.name } }
46
45
  expect(json_response.count).to eq(1)
47
46
  expect(json_response.first).to have_attributes(attributes)
48
47
  end
@@ -50,35 +49,39 @@ module Spree
50
49
  it "can retrieve a list of option types" do
51
50
  option_value_1 = create(:option_value, option_type: option_type)
52
51
  create(:option_value, option_type: option_type)
53
- api_get :index, ids: [option_value.id, option_value_1.id]
52
+ get spree.api_option_values_path, params: { ids: [option_value.id, option_value_1.id] }
54
53
  expect(json_response.count).to eq(2)
55
54
  end
56
55
 
57
56
  it "can list a single option value" do
58
- api_get :show, id: option_value.id
57
+ get spree.api_option_value_path(option_value.id)
59
58
  expect(json_response).to have_attributes(attributes)
60
59
  end
61
60
 
62
61
  it "cannot create a new option value" do
63
- api_post :create, option_value: {
64
- name: "Option Value",
65
- presentation: "Option Value"
66
- }
62
+ post spree.api_option_type_option_values_path(option_type), params: {
63
+ option_value: {
64
+ name: "Option Value",
65
+ presentation: "Option Value"
66
+ }
67
+ }
67
68
  assert_unauthorized!
68
69
  end
69
70
 
70
71
  it "cannot alter an option value" do
71
72
  original_name = option_type.name
72
- api_put :update, id: option_type.id,
73
- option_value: {
74
- name: "Option Value"
73
+ put spree.api_option_value_path(option_value.id), params: {
74
+ id: option_type.id,
75
+ option_value: {
76
+ name: "Option Value"
77
+ }
75
78
  }
76
79
  assert_not_found!
77
80
  expect(option_type.reload.name).to eq(original_name)
78
81
  end
79
82
 
80
83
  it "cannot delete an option value" do
81
- api_delete :destroy, id: option_type.id
84
+ delete spree.api_option_value_path(option_value)
82
85
  assert_not_found!
83
86
  expect { option_type.reload }.not_to raise_error
84
87
  end
@@ -87,23 +90,25 @@ module Spree
87
90
  sign_in_as_admin!
88
91
 
89
92
  it "can create an option value" do
90
- api_post :create, option_value: {
91
- name: "Option Value",
92
- presentation: "Option Value"
93
- }
93
+ post spree.api_option_type_option_values_path(option_type), params: {
94
+ option_value: {
95
+ name: "Option Value",
96
+ presentation: "Option Value",
97
+ }
98
+ }
94
99
  expect(json_response).to have_attributes(attributes)
95
100
  expect(response.status).to eq(201)
96
101
  end
97
102
 
98
103
  it "cannot create an option type with invalid attributes" do
99
- api_post :create, option_value: {}
104
+ post spree.api_option_type_option_values_path(option_type), params: { option_value: {name: ""} }
100
105
  expect(response.status).to eq(422)
101
106
  end
102
107
 
103
108
  it "can update an option value" do
104
- api_put :update, id: option_value.id, option_value: {
109
+ put spree.api_option_value_path(option_value.id), params: { option_value: {
105
110
  name: "Option Value"
106
- }
111
+ } }
107
112
  expect(response.status).to eq(200)
108
113
 
109
114
  option_value.reload
@@ -111,21 +116,19 @@ module Spree
111
116
  end
112
117
 
113
118
  it "permits the correct attributes" do
114
- expect(controller).to receive(:permitted_option_value_attributes)
115
- api_put :update, id: option_value.id, option_value: {
116
- name: ""
117
- }
119
+ expect_any_instance_of(Spree::Api::OptionValuesController).to receive(:permitted_option_value_attributes)
120
+ put spree.api_option_value_path(option_value), params: { option_value: { name: "" } }
118
121
  end
119
122
 
120
123
  it "cannot update an option value with invalid attributes" do
121
- api_put :update, id: option_value.id, option_value: {
124
+ put spree.api_option_value_path(option_value), params: { option_value: {
122
125
  name: ""
123
- }
126
+ } }
124
127
  expect(response.status).to eq(422)
125
128
  end
126
129
 
127
130
  it "can delete an option value" do
128
- api_delete :destroy, id: option_value.id
131
+ delete spree.api_option_value_path(option_value)
129
132
  expect(response.status).to eq(204)
130
133
  end
131
134
  end
@@ -2,8 +2,7 @@ require 'spec_helper'
2
2
  require 'spree/testing_support/bar_ability'
3
3
 
4
4
  module Spree
5
- describe Api::OrdersController, type: :controller do
6
- render_views
5
+ describe Api::OrdersController, type: :request do
7
6
  let!(:order) { create(:order) }
8
7
  let(:variant) { create(:variant) }
9
8
  let(:line_item) { create(:line_item) }
@@ -32,52 +31,29 @@ module Spree
32
31
  describe "POST create" do
33
32
  let(:target_user) { create :user }
34
33
  let(:date_override) { Time.parse('2015-01-01') }
35
- let(:attributes) { { user_id: target_user.id, created_at: date_override, email: target_user.email } }
36
34
 
37
- subject { api_post :create, order: attributes }
35
+ subject do
36
+ post spree.api_orders_path, params: { order: { user_id: target_user.id, created_at: date_override, email: target_user.email } }
37
+ response
38
+ end
38
39
 
39
40
  context "when the current user cannot administrate the order" do
40
- stub_authorization! do |_|
41
+ custom_authorization! do |_|
41
42
  can :create, Spree::Order
42
43
  end
43
44
 
44
- it "does not include unpermitted params, or allow overriding the user", focus: true do
45
+ it "does not include unpermitted params, or allow overriding the user" do
45
46
  subject
46
- expect(response).to be_success
47
47
  order = Spree::Order.last
48
48
  expect(order.user).to eq current_api_user
49
49
  expect(order.email).to eq target_user.email
50
50
  end
51
51
 
52
52
  it { is_expected.to be_success }
53
-
54
- context 'creating payment' do
55
- let(:attributes) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
56
-
57
- context "with allowed payment method" do
58
- let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
59
- it { is_expected.to be_success }
60
- it "creates a payment" do
61
- expect {
62
- subject
63
- }.to change { Spree::Payment.count }.by(1)
64
- end
65
- end
66
-
67
- context "with disallowed payment method" do
68
- let!(:payment_method) { create(:check_payment_method, name: "forbidden", available_to_users: false) }
69
- it { is_expected.to be_not_found }
70
- it "creates no payments" do
71
- expect {
72
- subject
73
- }.not_to change { Spree::Payment.count }
74
- end
75
- end
76
- end
77
53
  end
78
54
 
79
55
  context "when the current user can administrate the order" do
80
- stub_authorization! do |_|
56
+ custom_authorization! do |_|
81
57
  can [:admin, :create], Spree::Order
82
58
  end
83
59
 
@@ -91,16 +67,30 @@ module Spree
91
67
 
92
68
  it { is_expected.to be_success }
93
69
  end
70
+
71
+ context 'when the line items have custom attributes' do
72
+ it "can create an order with line items that have custom permitted attributes" do
73
+ PermittedAttributes.line_item_attributes << { options: [:some_option] }
74
+ expect_any_instance_of(Spree::LineItem).to receive(:some_option=).once.with('4')
75
+ post spree.api_orders_path, params: { order: { line_items: { "0" => { variant_id: variant.to_param, quantity: 5, options: { some_option: 4 } } } } }
76
+ expect(response.status).to eq(201)
77
+ order = Order.last
78
+ expect(order.line_items.count).to eq(1)
79
+ end
80
+ end
94
81
  end
95
82
 
96
83
  describe "PUT update" do
97
84
  let(:user) { create :user }
98
85
  let(:order_params) { { number: "anothernumber", user_id: user.id, email: "foo@foobar.com" } }
99
86
  let(:can_admin) { false }
100
- subject { api_put :update, id: order.to_param, order: order_params }
87
+ subject do
88
+ put spree.api_order_path(order), params: { order: order_params }
89
+ response
90
+ end
101
91
 
102
92
  context "when the user cannot administer the order" do
103
- stub_authorization! do |_|
93
+ custom_authorization! do |_|
104
94
  can [:update], Spree::Order
105
95
  end
106
96
 
@@ -123,34 +113,10 @@ module Spree
123
113
  subject
124
114
  }.to_not change{ order.reload.number }
125
115
  end
126
-
127
- context 'creating payment' do
128
- let(:order_params) { super().merge(payments_attributes: [{ payment_method_id: payment_method.id }]) }
129
-
130
- context "with allowed payment method" do
131
- let!(:payment_method) { create(:check_payment_method, name: "allowed" ) }
132
- it { is_expected.to be_success }
133
- it "creates a payment" do
134
- expect {
135
- subject
136
- }.to change { Spree::Payment.count }.by(1)
137
- end
138
- end
139
-
140
- context "with disallowed payment method" do
141
- let!(:payment_method) { create(:check_payment_method, name: "forbidden", available_to_users: false) }
142
- it { is_expected.to be_not_found }
143
- it "creates no payments" do
144
- expect {
145
- subject
146
- }.not_to change { Spree::Payment.count }
147
- end
148
- end
149
- end
150
116
  end
151
117
 
152
118
  context "when the user can administer the order" do
153
- stub_authorization! do |_|
119
+ custom_authorization! do |_|
154
120
  can [:admin, :update], Spree::Order
155
121
  end
156
122
 
@@ -168,7 +134,7 @@ module Spree
168
134
  end
169
135
 
170
136
  it "cannot view all orders" do
171
- api_get :index
137
+ get spree.api_orders_path
172
138
  assert_unauthorized!
173
139
  end
174
140
 
@@ -176,7 +142,7 @@ module Spree
176
142
  let(:current_api_user) { nil }
177
143
 
178
144
  it "returns a 401" do
179
- api_get :mine
145
+ get spree.api_my_orders_path
180
146
  expect(response.status).to eq(401)
181
147
  end
182
148
  end
@@ -187,8 +153,7 @@ module Spree
187
153
  let(:order) { create(:order, line_items: [line_item], store: store) }
188
154
 
189
155
  it "can view all of their own orders for the current store" do
190
- request.env['SERVER_NAME'] = store.url
191
- api_get :mine
156
+ get spree.api_my_orders_path, headers: { 'SERVER_NAME' => store.url }
192
157
 
193
158
  expect(response.status).to eq(200)
194
159
  expect(json_response["pages"]).to eq(1)
@@ -200,16 +165,14 @@ module Spree
200
165
  end
201
166
 
202
167
  it "cannot view orders for a different store" do
203
- request.env['SERVER_NAME'] = "foo"
204
- api_get :mine
168
+ get spree.api_my_orders_path, headers: { 'SERVER_NAME' => 'foo' }
205
169
 
206
170
  expect(response.status).to eq(200)
207
171
  expect(json_response["orders"].length).to eq(0)
208
172
  end
209
173
 
210
174
  it "can filter the returned results" do
211
- request.env['SERVER_NAME'] = store.url
212
- api_get :mine, q: { completed_at_not_null: 1 }
175
+ get spree.api_my_orders_path, params: { q: { completed_at_not_null: 1 } }, headers: { 'SERVER_NAME' => store.url }
213
176
 
214
177
  expect(response.status).to eq(200)
215
178
  expect(json_response["orders"].length).to eq(0)
@@ -225,8 +188,7 @@ module Spree
225
188
  order4 = Order.create user: order.user, completed_at: nil, created_at: 0.days.ago, store: store
226
189
  expect(order4.created_at).to be > order3.created_at
227
190
 
228
- request.env['SERVER_NAME'] = store.url
229
- api_get :mine
191
+ get spree.api_my_orders_path, headers: { 'SERVER_NAME' => store.url }
230
192
  expect(response.status).to eq(200)
231
193
  expect(json_response["pages"]).to eq(1)
232
194
  orders = json_response["orders"]
@@ -242,14 +204,14 @@ module Spree
242
204
  let!(:order) { create(:order, line_items: [line_item]) }
243
205
 
244
206
  it "uses the user's last_incomplete_spree_order logic with the current store" do
245
- expect(current_api_user).to receive(:last_incomplete_spree_order).with(store: controller.current_store)
246
- api_get :current, format: 'json'
207
+ expect(current_api_user).to receive(:last_incomplete_spree_order).with(store: Spree::Store.default)
208
+ get spree.api_current_order_path(format: 'json')
247
209
  end
248
210
  end
249
211
 
250
212
  it "can view their own order" do
251
213
  allow_any_instance_of(Order).to receive_messages user: current_api_user
252
- api_get :show, id: order.to_param
214
+ get spree.api_order_path(order)
253
215
  expect(response.status).to eq(200)
254
216
  expect(json_response).to have_attributes(attributes)
255
217
  expect(json_response["adjustments"]).to be_empty
@@ -259,7 +221,7 @@ module Spree
259
221
  let(:order) { create :order_with_line_items }
260
222
  let(:adjustment) { FactoryGirl.create(:adjustment, adjustable: order, order: order) }
261
223
 
262
- subject { api_get :show, id: order.to_param }
224
+ subject { get spree.api_order_path(order) }
263
225
 
264
226
  before do
265
227
  allow_any_instance_of(Order).to receive_messages user: current_api_user
@@ -310,7 +272,7 @@ module Spree
310
272
 
311
273
  it "orders contain the basic checkout steps" do
312
274
  allow_any_instance_of(Order).to receive_messages user: current_api_user
313
- api_get :show, id: order.to_param
275
+ get spree.api_order_path(order)
314
276
  expect(response.status).to eq(200)
315
277
  expect(json_response["checkout_steps"]).to eq(%w[address delivery confirm complete])
316
278
  end
@@ -319,23 +281,22 @@ module Spree
319
281
  it "can view an order not in a standard state" do
320
282
  allow_any_instance_of(Order).to receive_messages user: current_api_user
321
283
  order.update_column(:state, 'shipped')
322
- api_get :show, id: order.to_param
284
+ get spree.api_order_path(order)
323
285
  end
324
286
 
325
287
  it "can not view someone else's order" do
326
288
  allow_any_instance_of(Order).to receive_messages user: stub_model(Spree::LegacyUser)
327
- api_get :show, id: order.to_param
289
+ get spree.api_order_path(order)
328
290
  assert_unauthorized!
329
291
  end
330
292
 
331
293
  it "can view an order if the token is known" do
332
- api_get :show, id: order.to_param, order_token: order.guest_token
294
+ get spree.api_order_path(order), params: { order_token: order.guest_token }
333
295
  expect(response.status).to eq(200)
334
296
  end
335
297
 
336
298
  it "can view an order if the token is passed in header" do
337
- request.headers["X-Spree-Order-Token"] = order.guest_token
338
- api_get :show, id: order.to_param
299
+ get spree.api_order_path(order), headers: { "X-Spree-Order-Token" => order.guest_token }
339
300
  expect(response.status).to eq(200)
340
301
  end
341
302
 
@@ -346,7 +307,7 @@ module Spree
346
307
  it "can view an order" do
347
308
  user = build(:user, spree_roles: [Spree::Role.new(name: 'bar')])
348
309
  allow(Spree.user_class).to receive_messages find_by: user
349
- api_get :show, id: order.to_param
310
+ get spree.api_order_path(order)
350
311
  expect(response.status).to eq(200)
351
312
  end
352
313
  end
@@ -354,12 +315,12 @@ module Spree
354
315
  it "cannot cancel an order that doesn't belong to them" do
355
316
  order.update_attribute(:completed_at, Time.current)
356
317
  order.update_attribute(:shipment_state, "ready")
357
- api_put :cancel, id: order.to_param
318
+ put spree.cancel_api_order_path(order)
358
319
  assert_unauthorized!
359
320
  end
360
321
 
361
322
  it "can create an order" do
362
- api_post :create, order: { line_items: { "0" => { variant_id: variant.to_param, quantity: 5 } } }
323
+ post spree.api_orders_path, params: { order: { line_items: { "0" => { variant_id: variant.to_param, quantity: 5 } } } }
363
324
  expect(response.status).to eq(201)
364
325
 
365
326
  order = Order.last
@@ -376,20 +337,25 @@ module Spree
376
337
  end
377
338
 
378
339
  it "assigns email when creating a new order" do
379
- api_post :create, order: { email: "guest@spreecommerce.com" }
340
+ post spree.api_orders_path, params: { order: { email: "guest@spreecommerce.com" } }
380
341
  expect(json_response['email']).not_to eq controller.current_api_user
381
342
  expect(json_response['email']).to eq "guest@spreecommerce.com"
382
343
  end
383
344
 
384
345
  # Regression test for https://github.com/spree/spree/issues/3404
385
346
  it "can specify additional parameters for a line item" do
386
- expect_any_instance_of(Spree::LineItem).to receive(:special=).with("foo")
387
-
388
- allow(controller).to receive_messages(permitted_line_item_attributes: [:id, :variant_id, :quantity, :special])
389
- api_post :create, order: {
390
- line_items: {
391
- "0" => {
392
- variant_id: variant.to_param, quantity: 5, special: "foo"
347
+ expect(Order).to receive(:create!).and_return(order = Spree::Order.new)
348
+ allow(order).to receive(:associate_user!)
349
+ allow(order).to receive_message_chain(:contents, :add).and_return(line_item = double('LineItem'))
350
+ expect(line_item).to receive(:update_attributes!).with(hash_including("special" => "foo"))
351
+
352
+ allow_any_instance_of(Spree::Api::OrdersController).to receive_messages(permitted_line_item_attributes: [:id, :variant_id, :quantity, :special])
353
+ post spree.api_orders_path, params: {
354
+ order: {
355
+ line_items: {
356
+ "0" => {
357
+ variant_id: variant.to_param, quantity: 5, special: "foo"
358
+ }
393
359
  }
394
360
  }
395
361
  }
@@ -397,10 +363,12 @@ module Spree
397
363
  end
398
364
 
399
365
  it "cannot arbitrarily set the line items price" do
400
- api_post :create, order: {
401
- line_items: {
402
- "0" => {
403
- price: 33.0, variant_id: variant.to_param, quantity: 5
366
+ post spree.api_orders_path, params: {
367
+ order: {
368
+ line_items: {
369
+ "0" => {
370
+ price: 33.0, variant_id: variant.to_param, quantity: 5
371
+ }
404
372
  }
405
373
  }
406
374
  }
@@ -413,14 +381,14 @@ module Spree
413
381
  let!(:current_api_user) { create :admin_user }
414
382
 
415
383
  it "is able to set any default unpermitted attribute" do
416
- api_post :create, order: { number: "WOW" }
384
+ post spree.api_orders_path, params: { order: { number: "WOW" } }
417
385
  expect(response.status).to eq 201
418
386
  expect(json_response['number']).to eq "WOW"
419
387
  end
420
388
  end
421
389
 
422
390
  it "can create an order without any parameters" do
423
- api_post :create
391
+ post spree.api_orders_path
424
392
  expect(response.status).to eq(201)
425
393
  expect(json_response["state"]).to eq("cart")
426
394
  end
@@ -446,11 +414,11 @@ module Spree
446
414
  before { allow_any_instance_of(Order).to receive_messages user: current_api_user }
447
415
 
448
416
  it "updates quantities of existing line items" do
449
- api_put :update, id: order.to_param, order: {
417
+ put spree.api_order_path(order), params: { order: {
450
418
  line_items: {
451
419
  "0" => { id: line_item.id, quantity: 10 }
452
420
  }
453
- }
421
+ } }
454
422
 
455
423
  expect(response.status).to eq(200)
456
424
  expect(json_response['line_items'].count).to eq(1)
@@ -459,12 +427,12 @@ module Spree
459
427
 
460
428
  it "adds an extra line item" do
461
429
  variant2 = create(:variant)
462
- api_put :update, id: order.to_param, order: {
430
+ put spree.api_order_path(order), params: { order: {
463
431
  line_items: {
464
432
  "0" => { id: line_item.id, quantity: 10 },
465
433
  "1" => { variant_id: variant2.id, quantity: 1 }
466
434
  }
467
- }
435
+ } }
468
436
 
469
437
  expect(response.status).to eq(200)
470
438
  expect(json_response['line_items'].count).to eq(2)
@@ -474,11 +442,11 @@ module Spree
474
442
  end
475
443
 
476
444
  it "cannot change the price of an existing line item" do
477
- api_put :update, id: order.to_param, order: {
445
+ put spree.api_order_path(order), params: { order: {
478
446
  line_items: {
479
447
  0 => { id: line_item.id, price: 0 }
480
448
  }
481
- }
449
+ } }
482
450
 
483
451
  expect(response.status).to eq(200)
484
452
  expect(json_response['line_items'].count).to eq(1)
@@ -487,7 +455,7 @@ module Spree
487
455
  end
488
456
 
489
457
  it "can add billing address" do
490
- api_put :update, id: order.to_param, order: { bill_address_attributes: billing_address }
458
+ put spree.api_order_path(order), params: { order: { bill_address_attributes: billing_address } }
491
459
 
492
460
  expect(order.reload.bill_address).to_not be_nil
493
461
  end
@@ -495,7 +463,7 @@ module Spree
495
463
  it "receives error message if trying to add billing address with errors" do
496
464
  billing_address[:firstname] = ""
497
465
 
498
- api_put :update, id: order.to_param, order: { bill_address_attributes: billing_address }
466
+ put spree.api_order_path(order), params: { order: { bill_address_attributes: billing_address } }
499
467
 
500
468
  expect(json_response['error']).not_to be_nil
501
469
  expect(json_response['errors']).not_to be_nil
@@ -506,7 +474,7 @@ module Spree
506
474
  order.update_attributes!(ship_address_id: nil)
507
475
 
508
476
  expect {
509
- api_put :update, id: order.to_param, order: { ship_address_attributes: shipping_address }
477
+ put spree.api_order_path(order), params: { order: { ship_address_attributes: shipping_address } }
510
478
  }.to change { order.reload.ship_address }.from(nil)
511
479
  end
512
480
 
@@ -515,7 +483,7 @@ module Spree
515
483
 
516
484
  shipping_address[:firstname] = ""
517
485
 
518
- api_put :update, id: order.to_param, order: { ship_address_attributes: shipping_address }
486
+ put spree.api_order_path(order), params: { order: { ship_address_attributes: shipping_address } }
519
487
 
520
488
  expect(json_response['error']).not_to be_nil
521
489
  expect(json_response['errors']).not_to be_nil
@@ -525,7 +493,7 @@ module Spree
525
493
  it "cannot set the user_id for the order" do
526
494
  user = Spree.user_class.create
527
495
  original_id = order.user_id
528
- api_post :update, id: order.to_param, order: { user_id: user.id }
496
+ put spree.api_order_path(order), params: { order: { user_id: user.id } }
529
497
  expect(response.status).to eq 200
530
498
  expect(json_response["user_id"]).to eq(original_id)
531
499
  end
@@ -534,11 +502,11 @@ module Spree
534
502
  before { order.create_proposed_shipments }
535
503
 
536
504
  it "clears out all existing shipments on line item udpate" do
537
- api_put :update, id: order.to_param, order: {
505
+ put spree.api_order_path(order), params: { order: {
538
506
  line_items: {
539
507
  0 => { id: line_item.id, quantity: 10 }
540
508
  }
541
- }
509
+ } }
542
510
  expect(order.reload.shipments).to be_empty
543
511
  end
544
512
  end
@@ -548,7 +516,7 @@ module Spree
548
516
 
549
517
  it "can empty an order" do
550
518
  create(:adjustment, order: order, adjustable: order)
551
- api_put :empty, id: order.to_param
519
+ put spree.empty_api_order_path(order)
552
520
  expect(response.status).to eq(204)
553
521
  order.reload
554
522
  expect(order.line_items).to be_empty
@@ -558,19 +526,19 @@ module Spree
558
526
  it "can list its line items with images" do
559
527
  order.line_items.first.variant.images.create!(attachment: image("thinking-cat.jpg"))
560
528
 
561
- api_get :show, id: order.to_param
529
+ get spree.api_order_path(order)
562
530
 
563
531
  expect(json_response['line_items'].first['variant']).to have_attributes([:images])
564
532
  end
565
533
 
566
534
  it "lists variants product id" do
567
- api_get :show, id: order.to_param
535
+ get spree.api_order_path(order)
568
536
 
569
537
  expect(json_response['line_items'].first['variant']).to have_attributes([:product_id])
570
538
  end
571
539
 
572
540
  it "includes the tax_total in the response" do
573
- api_get :show, id: order.to_param
541
+ get spree.api_order_path(order)
574
542
 
575
543
  expect(json_response['included_tax_total']).to eq('0.0')
576
544
  expect(json_response['additional_tax_total']).to eq('0.0')
@@ -584,7 +552,7 @@ module Spree
584
552
  order: order,
585
553
  adjustable: order.line_items.first)
586
554
  adjustment.update_column(:amount, 5)
587
- api_get :show, id: order.to_param
555
+ get spree.api_order_path(order)
588
556
 
589
557
  adjustment = json_response['line_items'].first['adjustments'].first
590
558
  expect(adjustment['label']).to eq("10% off!")
@@ -593,7 +561,7 @@ module Spree
593
561
 
594
562
  it "lists payments source without gateway info" do
595
563
  order.payments.push payment = create(:payment)
596
- api_get :show, id: order.to_param
564
+ get spree.api_order_path(order)
597
565
 
598
566
  source = json_response[:payments].first[:source]
599
567
  expect(source[:name]).to eq payment.source.name
@@ -620,14 +588,14 @@ module Spree
620
588
  end
621
589
 
622
590
  it "includes the ship_total in the response" do
623
- api_get :show, id: order.to_param
591
+ get spree.api_order_path(order)
624
592
 
625
593
  expect(json_response['ship_total']).to eq '10.0'
626
594
  expect(json_response['display_ship_total']).to eq '$10.00'
627
595
  end
628
596
 
629
597
  it "returns available shipments for an order" do
630
- api_get :show, id: order.to_param
598
+ get spree.api_order_path(order)
631
599
  expect(response.status).to eq(200)
632
600
  expect(json_response["shipments"]).not_to be_empty
633
601
  shipment = json_response["shipments"][0]
@@ -666,7 +634,7 @@ module Spree
666
634
  context "with no orders" do
667
635
  before { Spree::Order.delete_all }
668
636
  it "still returns a root :orders key" do
669
- api_get :index
637
+ get spree.api_orders_path
670
638
  expect(json_response["orders"]).to eq([])
671
639
  end
672
640
  end
@@ -678,7 +646,7 @@ module Spree
678
646
  end
679
647
 
680
648
  it "returns unique orders" do
681
- api_get :index
649
+ get spree.api_orders_path
682
650
 
683
651
  orders = json_response[:orders]
684
652
  expect(orders.count).to be >= 3
@@ -690,7 +658,7 @@ module Spree
690
658
 
691
659
  it "lists payments source with gateway info" do
692
660
  order.payments.push payment = create(:payment)
693
- api_get :show, id: order.to_param
661
+ get spree.api_order_path(order)
694
662
 
695
663
  source = json_response[:payments].first[:source]
696
664
  expect(source[:name]).to eq payment.source.name
@@ -706,7 +674,7 @@ module Spree
706
674
  before { create(:order) }
707
675
 
708
676
  it "can view all orders" do
709
- api_get :index
677
+ get spree.api_orders_path
710
678
  expect(json_response["orders"].first).to have_attributes(attributes)
711
679
  expect(json_response["count"]).to eq(2)
712
680
  expect(json_response["current_page"]).to eq(1)
@@ -715,7 +683,7 @@ module Spree
715
683
 
716
684
  # Test for https://github.com/spree/spree/issues/1763
717
685
  it "can control the page size through a parameter" do
718
- api_get :index, per_page: 1
686
+ get spree.api_orders_path, params: { per_page: 1 }
719
687
  expect(json_response["orders"].count).to eq(1)
720
688
  expect(json_response["orders"].first).to have_attributes(attributes)
721
689
  expect(json_response["count"]).to eq(1)
@@ -733,7 +701,7 @@ module Spree
733
701
  let(:expected_result) { Spree::Order.last }
734
702
 
735
703
  it "can query the results through a parameter" do
736
- api_get :index, q: { email_cont: 'spree' }
704
+ get spree.api_orders_path, params: { q: { email_cont: 'spree' } }
737
705
  expect(json_response["orders"].count).to eq(1)
738
706
  expect(json_response["orders"].first).to have_attributes(attributes)
739
707
  expect(json_response["orders"].first["email"]).to eq(expected_result.email)
@@ -745,16 +713,18 @@ module Spree
745
713
 
746
714
  context "creation" do
747
715
  it "can create an order without any parameters" do
748
- api_post :create
716
+ post spree.api_orders_path
749
717
  expect(response.status).to eq(201)
750
718
  expect(json_response["state"]).to eq("cart")
751
719
  end
752
720
 
753
721
  it "can arbitrarily set the line items price" do
754
- api_post :create, order: {
755
- line_items: {
756
- "0" => {
757
- price: 33.0, variant_id: variant.to_param, quantity: 5
722
+ post spree.api_orders_path, params: {
723
+ order: {
724
+ line_items: {
725
+ "0" => {
726
+ price: 33.0, variant_id: variant.to_param, quantity: 5
727
+ }
758
728
  }
759
729
  }
760
730
  }
@@ -764,7 +734,7 @@ module Spree
764
734
 
765
735
  it "can set the user_id for the order" do
766
736
  user = Spree.user_class.create
767
- api_post :create, order: { user_id: user.id }
737
+ post spree.api_orders_path, params: { order: { user_id: user.id } }
768
738
  expect(response.status).to eq 201
769
739
  expect(json_response["user_id"]).to eq(user.id)
770
740
  end
@@ -773,7 +743,7 @@ module Spree
773
743
  context "updating" do
774
744
  it "can set the user_id for the order" do
775
745
  user = Spree.user_class.create
776
- api_post :update, id: order.number, order: { user_id: user.id }
746
+ put spree.api_order_path(order), params: { order: { user_id: user.id } }
777
747
  expect(response.status).to eq 200
778
748
  expect(json_response["user_id"]).to eq(user.id)
779
749
  end
@@ -790,7 +760,7 @@ module Spree
790
760
  end
791
761
 
792
762
  specify do
793
- api_put :cancel, id: order.to_param
763
+ put spree.cancel_api_order_path(order)
794
764
  expect(json_response["state"]).to eq("canceled")
795
765
  expect(json_response["canceler_id"]).to eq(current_api_user.id)
796
766
  end
@@ -809,7 +779,7 @@ module Spree
809
779
  let(:order) { create(:order_with_line_items) }
810
780
 
811
781
  it 'applies the coupon' do
812
- api_put :apply_coupon_code, id: order.to_param, coupon_code: promo_code.value
782
+ put spree.apply_coupon_code_api_order_path(order), params: { coupon_code: promo_code.value }
813
783
 
814
784
  expect(response.status).to eq 200
815
785
  expect(order.reload.promotions).to eq [promo]
@@ -826,7 +796,7 @@ module Spree
826
796
  let(:order) { create(:order) } # no line items to apply the code to
827
797
 
828
798
  it 'returns an error' do
829
- api_put :apply_coupon_code, id: order.to_param, coupon_code: promo_code.value
799
+ put spree.apply_coupon_code_api_order_path(order), params: { coupon_code: promo_code.value }
830
800
 
831
801
  expect(response.status).to eq 422
832
802
  expect(order.reload.promotions).to eq []