solidus_api 2.2.2 → 2.3.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of solidus_api might be problematic. Click here for more details.

Files changed (51) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/spree/api/images_controller.rb +2 -2
  3. data/app/controllers/spree/api/line_items_controller.rb +2 -10
  4. data/app/controllers/spree/api/orders_controller.rb +2 -12
  5. data/app/controllers/spree/api/payments_controller.rb +0 -1
  6. data/app/controllers/spree/api/promotions_controller.rb +1 -1
  7. data/app/controllers/spree/api/variants_controller.rb +2 -1
  8. data/app/views/spree/api/orders/show.v1.rabl +2 -1
  9. data/lib/spree/api/testing_support/setup.rb +1 -1
  10. data/spec/controllers/spree/api/base_controller_spec.rb +7 -7
  11. data/spec/controllers/spree/api/resource_controller_spec.rb +16 -16
  12. data/spec/requests/api/address_books_spec.rb +1 -1
  13. data/spec/{controllers → requests}/spree/api/addresses_controller_spec.rb +6 -9
  14. data/spec/{controllers → requests}/spree/api/checkouts_controller_spec.rb +38 -69
  15. data/spec/{controllers → requests}/spree/api/classifications_controller_spec.rb +4 -4
  16. data/spec/{controllers → requests}/spree/api/config_controller_spec.rb +3 -4
  17. data/spec/{controllers → requests}/spree/api/countries_controller_spec.rb +6 -7
  18. data/spec/{controllers → requests}/spree/api/credit_cards_controller_spec.rb +8 -9
  19. data/spec/{controllers → requests}/spree/api/images_controller_spec.rb +19 -16
  20. data/spec/{controllers → requests}/spree/api/inventory_units_controller_spec.rb +17 -14
  21. data/spec/{controllers → requests}/spree/api/line_items_controller_spec.rb +32 -32
  22. data/spec/{controllers → requests}/spree/api/option_types_controller_spec.rb +27 -27
  23. data/spec/{controllers → requests}/spree/api/option_values_controller_spec.rb +32 -29
  24. data/spec/{controllers → requests}/spree/api/orders_controller_spec.rb +103 -133
  25. data/spec/{controllers → requests}/spree/api/payments_controller_spec.rb +30 -44
  26. data/spec/{controllers → requests}/spree/api/product_properties_controller_spec.rb +15 -17
  27. data/spec/{controllers → requests}/spree/api/products_controller_spec.rb +44 -43
  28. data/spec/{controllers → requests}/spree/api/promotion_application_spec.rb +3 -4
  29. data/spec/{controllers → requests}/spree/api/promotions_controller_spec.rb +8 -6
  30. data/spec/{controllers → requests}/spree/api/properties_controller_spec.rb +15 -16
  31. data/spec/{controllers → requests}/spree/api/return_authorizations_controller_spec.rb +19 -21
  32. data/spec/requests/spree/api/shipments_controller_spec.rb +394 -88
  33. data/spec/{controllers → requests}/spree/api/states_controller_spec.rb +8 -9
  34. data/spec/{controllers → requests}/spree/api/stock_items_controller_spec.rb +21 -21
  35. data/spec/{controllers → requests}/spree/api/stock_locations_controller_spec.rb +18 -20
  36. data/spec/{controllers → requests}/spree/api/stock_movements_controller_spec.rb +9 -12
  37. data/spec/{controllers → requests}/spree/api/stock_transfers_controller_spec.rb +2 -3
  38. data/spec/requests/spree/api/store_credit_events_controller_spec.rb +57 -0
  39. data/spec/{controllers → requests}/spree/api/stores_controller_spec.rb +19 -20
  40. data/spec/{controllers → requests}/spree/api/taxonomies_controller_spec.rb +14 -15
  41. data/spec/{controllers → requests}/spree/api/taxons_controller_spec.rb +17 -18
  42. data/spec/{controllers → requests}/spree/api/transfer_items_controller_spec.rb +7 -9
  43. data/spec/{controllers → requests}/spree/api/unauthenticated_products_controller_spec.rb +2 -3
  44. data/spec/{controllers → requests}/spree/api/users_controller_spec.rb +18 -19
  45. data/spec/{controllers → requests}/spree/api/variants_controller_spec.rb +70 -37
  46. data/spec/{controllers → requests}/spree/api/zones_controller_spec.rb +13 -14
  47. data/spec/shared_examples/protect_product_actions.rb +3 -3
  48. data/spec/spec_helper.rb +4 -1
  49. metadata +70 -72
  50. data/spec/controllers/spree/api/shipments_controller_spec.rb +0 -301
  51. data/spec/controllers/spree/api/store_credit_events_controller_spec.rb +0 -66
@@ -1,8 +1,7 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  module Spree::Api
4
- describe OrdersController, type: :controller do
5
- render_views
4
+ describe OrdersController, type: :request do
6
5
 
7
6
  before do
8
7
  stub_authentication!
@@ -20,7 +19,7 @@ module Spree::Api
20
19
 
21
20
  it "can apply a coupon code to the order" do
22
21
  expect(order.total).to eq(110.00)
23
- api_put :apply_coupon_code, id: order.to_param, coupon_code: "10off", order_token: order.guest_token
22
+ put spree.apply_coupon_code_api_order_path(order), params: { coupon_code: "10off", order_token: order.guest_token }
24
23
  expect(response.status).to eq(200)
25
24
  expect(order.reload.total).to eq(109.00)
26
25
  expect(json_response["success"]).to eq("The coupon code was successfully applied to your order.")
@@ -37,7 +36,7 @@ module Spree::Api
37
36
  end
38
37
 
39
38
  it "fails to apply" do
40
- api_put :apply_coupon_code, id: order.to_param, coupon_code: "10off", order_token: order.guest_token
39
+ put spree.apply_coupon_code_api_order_path(order), params: { coupon_code: "10off", order_token: order.guest_token }
41
40
  expect(response.status).to eq(422)
42
41
  expect(json_response["success"]).to be_blank
43
42
  expect(json_response["error"]).to eq("The coupon code is expired")
@@ -1,16 +1,17 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  module Spree
4
- describe Spree::Api::PromotionsController, type: :controller do
5
- render_views
4
+ describe Spree::Api::PromotionsController, type: :request do
6
5
 
7
6
  shared_examples "a JSON response" do
8
7
  it 'should be ok' do
9
- expect(subject).to be_ok
8
+ subject
9
+ expect(response).to be_ok
10
10
  end
11
11
 
12
12
  it 'should return JSON' do
13
- payload = HashWithIndifferentAccess.new(JSON.parse(subject.body))
13
+ subject
14
+ payload = HashWithIndifferentAccess.new(JSON.parse(response.body))
14
15
  expect(payload).to_not be_nil
15
16
  Spree::Api::ApiHelpers.promotion_attributes.each do |attribute|
16
17
  expect(payload).to be_has_key(attribute)
@@ -25,7 +26,7 @@ module Spree
25
26
  let(:promotion) { create :promotion, code: '10off' }
26
27
 
27
28
  describe 'GET #show' do
28
- subject { api_get :show, id: id }
29
+ subject { get spree.api_promotion_path(id) }
29
30
 
30
31
  context 'when admin' do
31
32
  sign_in_as_admin!
@@ -46,7 +47,8 @@ module Spree
46
47
  let(:id) { 'argh' }
47
48
 
48
49
  it 'should be 404' do
49
- expect(subject.status).to eq(404)
50
+ subject
51
+ expect(response.status).to eq(404)
50
52
  end
51
53
  end
52
54
  end
@@ -1,7 +1,6 @@
1
1
  require 'spec_helper'
2
2
  module Spree
3
- describe Spree::Api::PropertiesController, type: :controller do
4
- render_views
3
+ describe Spree::Api::PropertiesController, type: :request do
5
4
 
6
5
  let!(:property_1) { Property.create!(name: "foo", presentation: "Foo") }
7
6
  let!(:property_2) { Property.create!(name: "bar", presentation: "Bar") }
@@ -13,65 +12,65 @@ module Spree
13
12
  end
14
13
 
15
14
  it "can see a list of all properties" do
16
- api_get :index
15
+ get spree.api_properties_path
17
16
  expect(json_response["properties"].count).to eq(2)
18
17
  expect(json_response["properties"].first).to have_attributes(attributes)
19
18
  end
20
19
 
21
20
  it "can control the page size through a parameter" do
22
- api_get :index, per_page: 1
21
+ get spree.api_properties_path, params: { per_page: 1 }
23
22
  expect(json_response['properties'].count).to eq(1)
24
23
  expect(json_response['current_page']).to eq(1)
25
24
  expect(json_response['pages']).to eq(2)
26
25
  end
27
26
 
28
27
  it 'can query the results through a parameter' do
29
- api_get :index, q: { name_cont: 'ba' }
28
+ get spree.api_properties_path, params: { q: { name_cont: 'ba' } }
30
29
  expect(json_response['count']).to eq(1)
31
30
  expect(json_response['properties'].first['presentation']).to eq property_2.presentation
32
31
  end
33
32
 
34
33
  it "retrieves a list of properties by id" do
35
- api_get :index, ids: [property_1.id]
34
+ get spree.api_properties_path, params: { ids: [property_1.id] }
36
35
  expect(json_response["properties"].first).to have_attributes(attributes)
37
36
  expect(json_response["count"]).to eq(1)
38
37
  end
39
38
 
40
39
  it "retrieves a list of properties by ids string" do
41
- api_get :index, ids: [property_1.id, property_2.id].join(",")
40
+ get spree.api_properties_path, params: { ids: [property_1.id, property_2.id].join(",") }
42
41
  expect(json_response["properties"].first).to have_attributes(attributes)
43
42
  expect(json_response["properties"][1]).to have_attributes(attributes)
44
43
  expect(json_response["count"]).to eq(2)
45
44
  end
46
45
 
47
46
  it "can see a single property" do
48
- api_get :show, id: property_1.id
47
+ get spree.api_property_path(property_1.id)
49
48
  expect(json_response).to have_attributes(attributes)
50
49
  end
51
50
 
52
51
  it "can see a property by name" do
53
- api_get :show, id: property_1.name
52
+ get spree.api_property_path(property_1.name)
54
53
  expect(json_response).to have_attributes(attributes)
55
54
  end
56
55
 
57
56
  it "can learn how to create a new property" do
58
- api_get :new
57
+ get spree.new_api_property_path
59
58
  expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
60
59
  expect(json_response["required_attributes"]).to be_empty
61
60
  end
62
61
 
63
62
  it "cannot create a new property if not an admin" do
64
- api_post :create, property: { name: "My Property 3" }
63
+ post spree.api_properties_path, params: { property: { name: "My Property 3" } }
65
64
  assert_unauthorized!
66
65
  end
67
66
 
68
67
  it "cannot update a property" do
69
- api_put :update, id: property_1.name, property: { presentation: "my value 456" }
68
+ put spree.api_property_path(property_1.name), params: { property: { presentation: "my value 456" } }
70
69
  assert_unauthorized!
71
70
  end
72
71
 
73
72
  it "cannot delete a property" do
74
- api_delete :destroy, id: property_1.id
73
+ delete spree.api_property_path(property_1.name)
75
74
  assert_unauthorized!
76
75
  expect { property_1.reload }.not_to raise_error
77
76
  end
@@ -81,19 +80,19 @@ module Spree
81
80
 
82
81
  it "can create a new property" do
83
82
  expect(Spree::Property.count).to eq(2)
84
- api_post :create, property: { name: "My Property 3", presentation: "my value 3" }
83
+ post spree.api_properties_path, params: { property: { name: "My Property 3", presentation: "my value 3" } }
85
84
  expect(json_response).to have_attributes(attributes)
86
85
  expect(response.status).to eq(201)
87
86
  expect(Spree::Property.count).to eq(3)
88
87
  end
89
88
 
90
89
  it "can update a property" do
91
- api_put :update, id: property_1.name, property: { presentation: "my value 456" }
90
+ put spree.api_property_path(property_1.name), params: { property: { presentation: "my value 456" } }
92
91
  expect(response.status).to eq(200)
93
92
  end
94
93
 
95
94
  it "can delete a property" do
96
- api_delete :destroy, id: property_1.name
95
+ delete spree.api_property_path(property_1.name)
97
96
  expect(response.status).to eq(204)
98
97
  expect { property_1.reload }.to raise_error(ActiveRecord::RecordNotFound)
99
98
  end
@@ -1,14 +1,12 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  module Spree
4
- describe Api::ReturnAuthorizationsController, type: :controller do
5
- render_views
4
+ describe Api::ReturnAuthorizationsController, type: :request do
6
5
 
7
6
  let!(:order) { create(:shipped_order) }
8
7
 
9
8
  let(:product) { create(:product) }
10
9
  let(:attributes) { [:id, :memo, :state] }
11
- let(:resource_scoping) { { order_id: order.to_param } }
12
10
 
13
11
  before do
14
12
  stub_authentication!
@@ -21,7 +19,7 @@ module Spree
21
19
  rma_params = { stock_location_id: stock_location.id,
22
20
  return_reason_id: reason.id,
23
21
  memo: "Defective" }
24
- api_post :create, order_id: order.number, return_authorization: rma_params
22
+ post spree.api_order_return_authorizations_path(order), params: { order_id: order.number, return_authorization: rma_params }
25
23
  expect(response.status).to eq(201)
26
24
  expect(json_response).to have_attributes(attributes)
27
25
  expect(json_response["state"]).not_to be_blank
@@ -34,29 +32,29 @@ module Spree
34
32
  end
35
33
 
36
34
  it "cannot see any return authorizations" do
37
- api_get :index
35
+ get spree.api_order_return_authorizations_path(order)
38
36
  assert_unauthorized!
39
37
  end
40
38
 
41
39
  it "cannot see a single return authorization" do
42
- api_get :show, id: 1
40
+ get spree.api_order_return_authorization_path(order, 1)
43
41
  assert_unauthorized!
44
42
  end
45
43
 
46
44
  it "cannot learn how to create a new return authorization" do
47
- api_get :new
45
+ get spree.new_api_order_return_authorization_path(order)
48
46
  assert_unauthorized!
49
47
  end
50
48
 
51
49
  it_behaves_like "a return authorization creator"
52
50
 
53
51
  it "cannot update a return authorization" do
54
- api_put :update, id: 0
52
+ put spree.api_order_return_authorization_path(order, 0)
55
53
  assert_not_found!
56
54
  end
57
55
 
58
56
  it "cannot delete a return authorization" do
59
- api_delete :destroy, id: 0
57
+ delete spree.api_order_return_authorization_path(order, 0)
60
58
  assert_not_found!
61
59
  end
62
60
  end
@@ -67,7 +65,7 @@ module Spree
67
65
  end
68
66
 
69
67
  it "cannot create a new return authorization" do
70
- api_post :create
68
+ post spree.api_order_return_authorizations_path(order)
71
69
  assert_unauthorized!
72
70
  end
73
71
  end
@@ -78,7 +76,7 @@ module Spree
78
76
  it "can show return authorization" do
79
77
  FactoryGirl.create(:return_authorization, order: order)
80
78
  return_authorization = order.return_authorizations.first
81
- api_get :show, order_id: order.number, id: return_authorization.id
79
+ get spree.api_order_return_authorization_path(order, return_authorization.id)
82
80
  expect(response.status).to eq(200)
83
81
  expect(json_response).to have_attributes(attributes)
84
82
  expect(json_response["state"]).not_to be_blank
@@ -87,7 +85,7 @@ module Spree
87
85
  it "can get a list of return authorizations" do
88
86
  FactoryGirl.create(:return_authorization, order: order)
89
87
  FactoryGirl.create(:return_authorization, order: order)
90
- api_get :index, { order_id: order.number }
88
+ get spree.api_order_return_authorizations_path(order), params: { order_id: order.number }
91
89
  expect(response.status).to eq(200)
92
90
  return_authorizations = json_response["return_authorizations"]
93
91
  expect(return_authorizations.first).to have_attributes(attributes)
@@ -97,7 +95,7 @@ module Spree
97
95
  it 'can control the page size through a parameter' do
98
96
  FactoryGirl.create(:return_authorization, order: order)
99
97
  FactoryGirl.create(:return_authorization, order: order)
100
- api_get :index, order_id: order.number, per_page: 1
98
+ get spree.api_order_return_authorizations_path(order), params: { order_id: order.number, per_page: 1 }
101
99
  expect(json_response['count']).to eq(1)
102
100
  expect(json_response['current_page']).to eq(1)
103
101
  expect(json_response['pages']).to eq(2)
@@ -107,13 +105,13 @@ module Spree
107
105
  FactoryGirl.create(:return_authorization, order: order)
108
106
  expected_result = create(:return_authorization, memo: 'damaged')
109
107
  order.return_authorizations << expected_result
110
- api_get :index, q: { memo_cont: 'damaged' }
108
+ get spree.api_order_return_authorizations_path(order), params: { q: { memo_cont: 'damaged' } }
111
109
  expect(json_response['count']).to eq(1)
112
110
  expect(json_response['return_authorizations'].first['memo']).to eq expected_result.memo
113
111
  end
114
112
 
115
113
  it "can learn how to create a new return authorization" do
116
- api_get :new
114
+ get spree.new_api_order_return_authorization_path(order)
117
115
  expect(json_response["attributes"]).to eq(["id", "number", "state", "order_id", "memo", "created_at", "updated_at"])
118
116
  required_attributes = json_response["required_attributes"]
119
117
  expect(required_attributes).to include("order")
@@ -122,7 +120,7 @@ module Spree
122
120
  it "can update a return authorization on the order" do
123
121
  FactoryGirl.create(:return_authorization, order: order)
124
122
  return_authorization = order.return_authorizations.first
125
- api_put :update, id: return_authorization.id, return_authorization: { memo: "ABC" }
123
+ put spree.api_order_return_authorization_path(order, return_authorization.id), params: { return_authorization: { memo: "ABC" } }
126
124
  expect(response.status).to eq(200)
127
125
  expect(json_response).to have_attributes(attributes)
128
126
  end
@@ -131,7 +129,7 @@ module Spree
131
129
  FactoryGirl.create(:new_return_authorization, order: order)
132
130
  return_authorization = order.return_authorizations.first
133
131
  expect(return_authorization.state).to eq("authorized")
134
- api_delete :cancel, id: return_authorization.id
132
+ put spree.cancel_api_order_return_authorization_path(order, return_authorization.id)
135
133
  expect(response.status).to eq(200)
136
134
  expect(return_authorization.reload.state).to eq("canceled")
137
135
  end
@@ -139,7 +137,7 @@ module Spree
139
137
  it "can delete a return authorization on the order" do
140
138
  FactoryGirl.create(:return_authorization, order: order)
141
139
  return_authorization = order.return_authorizations.first
142
- api_delete :destroy, id: return_authorization.id
140
+ delete spree.api_order_return_authorization_path(order, return_authorization.id)
143
141
  expect(response.status).to eq(204)
144
142
  expect { return_authorization.reload }.to raise_error(ActiveRecord::RecordNotFound)
145
143
  end
@@ -149,14 +147,14 @@ module Spree
149
147
 
150
148
  context "as just another user" do
151
149
  it "cannot add a return authorization to the order" do
152
- api_post :create, return_autorization: { order_id: order.number, memo: "Defective" }
150
+ post spree.api_order_return_authorizations_path(order), params: { return_autorization: { order_id: order.number, memo: "Defective" } }
153
151
  assert_unauthorized!
154
152
  end
155
153
 
156
154
  it "cannot update a return authorization on the order" do
157
155
  FactoryGirl.create(:return_authorization, order: order)
158
156
  return_authorization = order.return_authorizations.first
159
- api_put :update, id: return_authorization.id, return_authorization: { memo: "ABC" }
157
+ put spree.api_order_return_authorization_path(order, return_authorization.id), params: { return_authorization: { memo: "ABC" } }
160
158
  assert_unauthorized!
161
159
  expect(return_authorization.reload.memo).not_to eq("ABC")
162
160
  end
@@ -164,7 +162,7 @@ module Spree
164
162
  it "cannot delete a return authorization on the order" do
165
163
  FactoryGirl.create(:return_authorization, order: order)
166
164
  return_authorization = order.return_authorizations.first
167
- api_delete :destroy, id: return_authorization.id
165
+ delete spree.api_order_return_authorization_path(order, return_authorization.id)
168
166
  assert_unauthorized!
169
167
  expect { return_authorization.reload }.not_to raise_error
170
168
  end
@@ -1,135 +1,441 @@
1
1
  require 'spec_helper'
2
2
 
3
- RSpec.describe Spree::Api::ShipmentsController, type: :request do
4
- let(:user) { create(:admin_user, spree_api_key: 'abc123') }
5
- let(:stock_item) { create(:stock_item, backorderable: false) }
6
- let(:variant) { stock_item.variant }
7
-
8
- let(:order) do
9
- create(
10
- :completed_order_with_totals,
11
- user: user,
12
- line_items_attributes: [
13
- {
14
- variant: variant
15
- }
16
- ]
17
- )
3
+ describe Spree::Api::ShipmentsController, type: :request do
4
+ let!(:shipment) { create(:shipment, inventory_units: [build(:inventory_unit, shipment: nil)]) }
5
+ let!(:attributes) { [:id, :tracking, :tracking_url, :number, :cost, :shipped_at, :stock_location_name, :order_id, :shipping_rates, :shipping_methods] }
6
+
7
+ before do
8
+ stub_authentication!
18
9
  end
19
10
 
20
- let(:shipment) { order.shipments.first }
11
+ let!(:resource_scoping) { { id: shipment.to_param, shipment: { order_id: shipment.order.to_param } } }
21
12
 
22
- describe "POST /api/shipments/transfer_to_location" do
23
- let(:stock_location) { create(:stock_location) }
24
- let(:source_shipment) { order.shipments.first }
25
- let(:parsed_response) { JSON.parse(response.body) }
26
- let(:stock_location_id) { stock_location.id }
13
+ context "as a non-admin" do
14
+ it "cannot make a shipment ready" do
15
+ put spree.ready_api_shipment_path(shipment)
16
+ assert_unauthorized!
17
+ end
27
18
 
28
- subject do
29
- post "/api/shipments/transfer_to_location.json",
30
- params: {
31
- original_shipment_number: source_shipment.number,
32
- stock_location_id: stock_location_id,
33
- quantity: 1,
34
- variant_id: variant.id,
35
- token: user.spree_api_key
36
- }
19
+ it "cannot make a shipment shipped" do
20
+ put spree.ship_api_shipment_path(shipment)
21
+ assert_unauthorized!
37
22
  end
38
23
 
39
- context "for a successful transfer" do
40
- before do
41
- stock_location.restock(variant, 1)
24
+ it "cannot remove order contents from shipment" do
25
+ put spree.remove_api_shipment_path(shipment)
26
+ assert_unauthorized!
27
+ end
28
+
29
+ it "cannot add contents to the shipment" do
30
+ put spree.add_api_shipment_path(shipment)
31
+ assert_unauthorized!
32
+ end
33
+
34
+ it "cannot update the shipment" do
35
+ put spree.api_shipment_path(shipment)
36
+ assert_unauthorized!
37
+ end
38
+ end
39
+
40
+ context "as an admin" do
41
+ let!(:order) { shipment.order }
42
+ let!(:stock_location) { create(:stock_location_with_items) }
43
+ let!(:variant) { create(:variant) }
44
+
45
+ sign_in_as_admin!
46
+
47
+ # Start writing this spec a bit differently than before....
48
+ describe 'POST #create' do
49
+ let(:params) do
50
+ {
51
+ variant_id: stock_location.stock_items.first.variant.to_param,
52
+ shipment: { order_id: order.number },
53
+ stock_location_id: stock_location.to_param
54
+ }
55
+ end
56
+
57
+ subject do
58
+ post spree.api_shipments_path, params: params
42
59
  end
43
60
 
44
- it "returns the correct message" do
61
+ [:variant_id, :stock_location_id].each do |field|
62
+ context "when #{field} is missing" do
63
+ before do
64
+ params.delete(field)
65
+ end
66
+
67
+ it 'should return proper error' do
68
+ subject
69
+ expect(response.status).to eq(422)
70
+ expect(json_response['exception']).to eq("param is missing or the value is empty: #{field}")
71
+ end
72
+ end
73
+ end
74
+
75
+ it 'should create a new shipment' do
45
76
  subject
46
- expect(response).to be_success
47
- expect(parsed_response["success"]).to be true
48
- expect(parsed_response["message"]).to eq("Variants successfully transferred")
77
+ expect(response).to be_ok
78
+ expect(json_response).to have_attributes(attributes)
49
79
  end
50
80
  end
51
81
 
52
- context "if the source shipment can not be found" do
53
- let(:stock_location_id) { 9999 }
82
+ it 'can update a shipment' do
83
+ params = {
84
+ shipment: {
85
+ stock_location_id: stock_location.to_param
86
+ }
87
+ }
54
88
 
55
- it "returns a 404" do
56
- subject
57
- expect(response).to be_not_found
58
- expect(parsed_response["error"]).to eq("The resource you were looking for could not be found.")
89
+ put spree.api_shipment_path(shipment), params: params
90
+ expect(response.status).to eq(200)
91
+ expect(json_response['stock_location_name']).to eq(stock_location.name)
92
+ end
93
+
94
+ it "can make a shipment ready" do
95
+ allow_any_instance_of(Spree::Order).to receive_messages(paid?: true, complete?: true)
96
+ put spree.ready_api_shipment_path(shipment)
97
+ expect(json_response).to have_attributes(attributes)
98
+ expect(json_response["state"]).to eq("ready")
99
+ expect(shipment.reload.state).to eq("ready")
100
+ end
101
+
102
+ it "cannot make a shipment ready if the order is unpaid" do
103
+ allow_any_instance_of(Spree::Order).to receive_messages(paid?: false)
104
+ put spree.ready_api_shipment_path(shipment)
105
+ expect(json_response["error"]).to eq("Cannot ready shipment.")
106
+ expect(response.status).to eq(422)
107
+ end
108
+
109
+ context 'for completed orders' do
110
+ let(:order) { create :completed_order_with_totals }
111
+ let(:shipment) { order.shipments.first }
112
+
113
+ it 'adds a variant to a shipment' do
114
+ put spree.add_api_shipment_path(shipment), params: { variant_id: variant.to_param, quantity: 2 }
115
+ expect(response.status).to eq(200)
116
+ expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(2)
117
+ end
118
+
119
+ it 'removes a variant from a shipment' do
120
+ order.contents.add(variant, 2)
121
+
122
+ put spree.remove_api_shipment_path(shipment), params: { variant_id: variant.to_param, quantity: 1 }
123
+ expect(response.status).to eq(200)
124
+ expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(1)
125
+ end
126
+
127
+ it 'removes a destroyed variant from a shipment' do
128
+ order.contents.add(variant, 2)
129
+ variant.destroy
130
+
131
+ put spree.remove_api_shipment_path(shipment), params: { variant_id: variant.to_param, quantity: 1 }
132
+ expect(response.status).to eq(200)
133
+ expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(1)
59
134
  end
60
135
  end
61
136
 
62
- context "if the user can not update shipments" do
63
- let(:user) { create(:user, spree_api_key: 'abc123') }
137
+ context "for shipped shipments" do
138
+ let(:order) { create :shipped_order }
139
+ let(:shipment) { order.shipments.first }
64
140
 
65
- custom_authorization! do |_|
66
- can :read, Spree::Shipment
67
- cannot :update, Spree::Shipment
68
- can :create, Spree::Shipment
69
- can :destroy, Spree::Shipment
141
+ it 'adds a variant to a shipment' do
142
+ put spree.add_api_shipment_path(shipment), params: { variant_id: variant.to_param, quantity: 2 }
143
+ expect(response.status).to eq(200)
144
+ expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(2)
70
145
  end
71
146
 
72
- it "is not authorized" do
73
- subject
74
- expect(response).to be_unauthorized
147
+ it 'cannot remove a variant from a shipment' do
148
+ put spree.remove_api_shipment_path(shipment), params: { variant_id: variant.to_param, quantity: 1 }
149
+ expect(response.status).to eq(422)
150
+ expect(json_response['errors']['base'].join).to match /Cannot remove items/
75
151
  end
76
152
  end
77
153
 
78
- context "if the user can not destroy shipments" do
79
- let(:user) { create(:user, spree_api_key: 'abc123') }
154
+ describe '#mine' do
155
+ subject do
156
+ get spree.mine_api_shipments_path, params: params
157
+ end
158
+
159
+ let(:params) { {} }
160
+
161
+ context "the current api user is authenticated and has orders" do
162
+ let(:current_api_user) { shipped_order.user }
163
+ let!(:shipped_order) { create(:shipped_order) }
164
+
165
+ it 'succeeds' do
166
+ subject
167
+ expect(response.status).to eq 200
168
+ end
169
+
170
+ describe 'json output' do
171
+ let(:rendered_shipment_ids) { json_response['shipments'].map { |s| s['id'] } }
172
+
173
+ it 'contains the shipments' do
174
+ subject
175
+ expect(rendered_shipment_ids).to match_array current_api_user.orders.flat_map(&:shipments).map(&:id)
176
+ end
177
+
178
+ context "credit card payment" do
179
+ before { subject }
180
+
181
+ it 'contains the id and cc_type of the credit card' do
182
+ expect(json_response['shipments'][0]['order']['payments'][0]['source'].keys).to match_array ["id", "cc_type"]
183
+ end
184
+ end
185
+
186
+ context "store credit payment" do
187
+ let(:current_api_user) { shipped_order.user }
188
+ let(:shipped_order) { create(:shipped_order, payment_type: :store_credit_payment) }
189
+
190
+ before { subject }
191
+
192
+ it 'only contains the id of the payment source' do
193
+ expect(json_response['shipments'][0]['order']['payments'][0]['source'].keys).to match_array ["id"]
194
+ end
195
+ end
196
+ end
197
+
198
+ context 'with filtering' do
199
+ let(:params) { { q: { order_completed_at_not_null: 1 } } }
80
200
 
81
- custom_authorization! do |_|
82
- can :read, Spree::Shipment
83
- can :update, Spree::Shipment
84
- cannot :destroy, Spree::Shipment
85
- can :create, Spree::Shipment
201
+ let!(:incomplete_order) { create(:order_with_line_items, user: current_api_user) }
202
+
203
+ it 'filters' do
204
+ subject
205
+ expect(assigns(:shipments).map(&:id)).to match_array current_api_user.orders.complete.flat_map(&:shipments).map(&:id)
206
+ end
207
+ end
86
208
  end
87
209
 
88
- it "is not authorized" do
89
- subject
90
- expect(response).to be_unauthorized
210
+ context "the current api user does not exist" do
211
+ let(:current_api_user) { nil }
212
+
213
+ it "returns a 401" do
214
+ subject
215
+ expect(response.status).to eq(401)
216
+ end
91
217
  end
92
218
  end
93
219
  end
94
220
 
95
- describe "POST /api/shipments/transfer_to_shipment" do
96
- let(:stock_location) { create(:stock_location) }
97
- let(:source_shipment) { order.shipments.first }
98
- let(:target_shipment) { order.shipments.create(stock_location: stock_location) }
99
- let(:parsed_response) { JSON.parse(response.body) }
100
- let(:source_shipment_number) { source_shipment.number }
221
+ describe "#ship" do
222
+ let(:shipment) { create(:order_ready_to_ship).shipments.first }
223
+
224
+ let(:send_mailer) { nil }
101
225
 
102
226
  subject do
103
- post "/api/shipments/transfer_to_shipment.json",
104
- params: {
105
- original_shipment_number: source_shipment_number,
106
- target_shipment_number: target_shipment.number,
107
- quantity: 1,
108
- variant_id: variant.id,
109
- token: user.spree_api_key
110
- }
227
+ put spree.ship_api_shipment_path(shipment), params: { send_mailer: send_mailer }
228
+ end
229
+
230
+ context "the user is allowed to ship the shipment" do
231
+ sign_in_as_admin!
232
+ it "ships the shipment" do
233
+ Timecop.freeze do
234
+ subject
235
+ shipment.reload
236
+ expect(shipment.state).to eq 'shipped'
237
+ expect(shipment.shipped_at.to_i).to eq Time.current.to_i
238
+ end
239
+ end
240
+
241
+ describe 'sent emails' do
242
+ subject { perform_enqueued_jobs { super() } }
243
+
244
+ context "send_mailer not present" do
245
+ it "sends the shipped shipments mailer" do
246
+ expect { subject }.to change { ActionMailer::Base.deliveries.size }.by(1)
247
+ expect(ActionMailer::Base.deliveries.last.subject).to match /Shipment Notification/
248
+ end
249
+ end
250
+
251
+ context "send_mailer set to false" do
252
+ let(:send_mailer) { 'false' }
253
+ it "does not send the shipped shipments mailer" do
254
+ expect { subject }.to_not change { ActionMailer::Base.deliveries.size }
255
+ end
256
+ end
257
+
258
+ context "send_mailer set to true" do
259
+ let(:send_mailer) { 'true' }
260
+ it "sends the shipped shipments mailer" do
261
+ expect { subject }.to change { ActionMailer::Base.deliveries.size }.by(1)
262
+ expect(ActionMailer::Base.deliveries.last.subject).to match /Shipment Notification/
263
+ end
264
+ end
265
+ end
111
266
  end
112
267
 
113
- context "for a successful transfer" do
268
+ context "the user is not allowed to ship the shipment" do
269
+ sign_in_as_admin!
270
+
114
271
  before do
115
- stock_location.restock(variant, 1)
272
+ ability = Spree::Ability.new(current_api_user)
273
+ ability.cannot :ship, Spree::Shipment
274
+ allow_any_instance_of(Spree::Api::ShipmentsController).to receive(:current_ability) { ability }
275
+ end
276
+
277
+ it "does nothing" do
278
+ expect {
279
+ expect {
280
+ subject
281
+ }.not_to change(shipment, :state)
282
+ }.not_to change(shipment, :shipped_at)
116
283
  end
117
284
 
118
- it "returns the correct message" do
285
+ it "responds with a 401" do
119
286
  subject
120
- expect(response).to be_success
121
- expect(parsed_response["success"]).to be true
122
- expect(parsed_response["message"]).to eq("Variants successfully transferred")
287
+ expect(response.status).to eq 401
123
288
  end
124
289
  end
125
290
 
126
- context "if the source shipment can not be found" do
127
- let(:source_shipment_number) { 9999 }
291
+ context "the user is not allowed to view the shipment" do
292
+ it "does nothing" do
293
+ expect {
294
+ expect {
295
+ subject
296
+ }.not_to change(shipment, :state)
297
+ }.not_to change(shipment, :shipped_at)
298
+ end
128
299
 
129
- it "returns a 404" do
300
+ it "responds with a 401" do
130
301
  subject
131
- expect(response).to be_not_found
132
- expect(parsed_response["error"]).to eq("The resource you were looking for could not be found.")
302
+ expect(response).to be_unauthorized
303
+ end
304
+ end
305
+ end
306
+
307
+ describe "transfers" do
308
+ let(:user) { create(:admin_user, spree_api_key: 'abc123') }
309
+ let(:current_api_user) { user }
310
+ let(:stock_item) { create(:stock_item, backorderable: false) }
311
+ let(:variant) { stock_item.variant }
312
+
313
+ let(:order) do
314
+ create(
315
+ :completed_order_with_totals,
316
+ user: user,
317
+ line_items_attributes: [
318
+ {
319
+ variant: variant
320
+ }
321
+ ]
322
+ )
323
+ end
324
+
325
+ let(:shipment) { order.shipments.first }
326
+
327
+ describe "POST /api/shipments/transfer_to_location" do
328
+ let(:stock_location) { create(:stock_location) }
329
+ let(:source_shipment) { order.shipments.first }
330
+ let(:parsed_response) { JSON.parse(response.body) }
331
+ let(:stock_location_id) { stock_location.id }
332
+
333
+ subject do
334
+ post "/api/shipments/transfer_to_location.json",
335
+ params: {
336
+ original_shipment_number: source_shipment.number,
337
+ stock_location_id: stock_location_id,
338
+ quantity: 1,
339
+ variant_id: variant.id,
340
+ token: user.spree_api_key
341
+ }
342
+ end
343
+
344
+ context "for a successful transfer" do
345
+ before do
346
+ stock_location.restock(variant, 1)
347
+ end
348
+
349
+ it "returns the correct message" do
350
+ subject
351
+ expect(response).to be_success
352
+ expect(parsed_response["success"]).to be true
353
+ expect(parsed_response["message"]).to eq("Variants successfully transferred")
354
+ end
355
+ end
356
+
357
+ context "if the source shipment can not be found" do
358
+ let(:stock_location_id) { 9999 }
359
+
360
+ it "returns a 404" do
361
+ subject
362
+ expect(response).to be_not_found
363
+ expect(parsed_response["error"]).to eq("The resource you were looking for could not be found.")
364
+ end
365
+ end
366
+
367
+ context "if the user can not update shipments" do
368
+ let(:user) { create(:user, spree_api_key: 'abc123') }
369
+
370
+ custom_authorization! do |_|
371
+ can :read, Spree::Shipment
372
+ cannot :update, Spree::Shipment
373
+ can :create, Spree::Shipment
374
+ can :destroy, Spree::Shipment
375
+ end
376
+
377
+ it "is not authorized" do
378
+ subject
379
+ expect(response).to be_unauthorized
380
+ end
381
+ end
382
+
383
+ context "if the user can not destroy shipments" do
384
+ let(:user) { create(:user, spree_api_key: 'abc123') }
385
+
386
+ custom_authorization! do |_|
387
+ can :read, Spree::Shipment
388
+ can :update, Spree::Shipment
389
+ cannot :destroy, Spree::Shipment
390
+ can :create, Spree::Shipment
391
+ end
392
+
393
+ it "is not authorized" do
394
+ subject
395
+ expect(response).to be_unauthorized
396
+ end
397
+ end
398
+ end
399
+
400
+ describe "POST /api/shipments/transfer_to_shipment" do
401
+ let(:stock_location) { create(:stock_location) }
402
+ let(:source_shipment) { order.shipments.first }
403
+ let(:target_shipment) { order.shipments.create(stock_location: stock_location) }
404
+ let(:parsed_response) { JSON.parse(response.body) }
405
+ let(:source_shipment_number) { source_shipment.number }
406
+
407
+ subject do
408
+ post "/api/shipments/transfer_to_shipment.json",
409
+ params: {
410
+ original_shipment_number: source_shipment_number,
411
+ target_shipment_number: target_shipment.number,
412
+ quantity: 1,
413
+ variant_id: variant.id,
414
+ token: user.spree_api_key
415
+ }
416
+ end
417
+
418
+ context "for a successful transfer" do
419
+ before do
420
+ stock_location.restock(variant, 1)
421
+ end
422
+
423
+ it "returns the correct message" do
424
+ subject
425
+ expect(response).to be_success
426
+ expect(parsed_response["success"]).to be true
427
+ expect(parsed_response["message"]).to eq("Variants successfully transferred")
428
+ end
429
+ end
430
+
431
+ context "if the source shipment can not be found" do
432
+ let(:source_shipment_number) { 9999 }
433
+
434
+ it "returns a 404" do
435
+ subject
436
+ expect(response).to be_not_found
437
+ expect(parsed_response["error"]).to eq("The resource you were looking for could not be found.")
438
+ end
133
439
  end
134
440
  end
135
441
  end