RubyGems - solidus_api - Versions diffs - 2.2.2 → 2.3.0.beta1 - Mend

solidus_api 2.2.2 → 2.3.0.beta1

Potentially problematic release.

This version of solidus_api might be problematic. Click here for more details.

Files changed (51) hide show

data/spec/shared_examples/protect_product_actions.rb CHANGED Viewed

@@ -1,16 +1,16 @@
 shared_examples "modifying product actions are restricted" do
   it "cannot create a new product if not an admin" do
-    api_post :create, product: { name: "Brand new product!" }
+    post spree.api_products_path, params: { product: { name: "Brand new product!" } }
     assert_unauthorized!
   end
   it "cannot update a product" do
-    api_put :update, id: product.to_param, product: { name: "I hacked your store!" }
+    put spree.api_product_path(product), params: { product: { name: "I hacked your store!" } }
     assert_unauthorized!
   end
   it "cannot delete a product" do
-    api_delete :destroy, id: product.to_param
+    delete spree.api_product_path(product)
     assert_unauthorized!
   end
 end

data/spec/spec_helper.rb CHANGED Viewed

@@ -36,7 +36,7 @@ require 'spree/api/testing_support/caching'
 require 'spree/api/testing_support/helpers'
 require 'spree/api/testing_support/setup'
-ActiveJob::Base.queue_adapter = :inline
+ActiveJob::Base.queue_adapter = :test
 RSpec.configure do |config|
   config.backtrace_exclusion_patterns = [/gems\/activesupport/, /gems\/actionpack/, /gems\/rspec/]
@@ -50,6 +50,8 @@ RSpec.configure do |config|
   end
   config.include FactoryGirl::Syntax::Methods
+  config.include Spree::Api::TestingSupport::Helpers, type: :request
+  config.extend Spree::Api::TestingSupport::Setup, type: :request
   config.include Spree::Api::TestingSupport::Helpers, type: :controller
   config.extend Spree::Api::TestingSupport::Setup, type: :controller
   config.include Spree::TestingSupport::Preferences
@@ -64,6 +66,7 @@ RSpec.configure do |config|
     Spree::Api::Config[:requires_authentication] = true
   end
+  config.include ActiveJob::TestHelper
   config.include VersionCake::TestHelpers, type: :controller
   config.before(:each, type: :controller) do
     set_request_version('', 1)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: solidus_api
 version: !ruby/object:Gem::Version
-  version: 2.2.2
+  version: 2.3.0.beta1
 platform: ruby
 authors:
 - Solidus Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-12-12 00:00:00.000000000 Z
+date: 2017-07-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: solidus_core
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.2.2
+        version: 2.3.0.beta1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.2.2
+        version: 2.3.0.beta1
 - !ruby/object:Gem::Dependency
   name: rabl
   requirement: !ruby/object:Gem::Requirement
@@ -210,49 +210,48 @@ files:
 - lib/spree_api.rb
 - script/rails
 - solidus_api.gemspec
-- spec/controllers/spree/api/addresses_controller_spec.rb
 - spec/controllers/spree/api/base_controller_spec.rb
-- spec/controllers/spree/api/checkouts_controller_spec.rb
-- spec/controllers/spree/api/classifications_controller_spec.rb
-- spec/controllers/spree/api/config_controller_spec.rb
-- spec/controllers/spree/api/countries_controller_spec.rb
-- spec/controllers/spree/api/credit_cards_controller_spec.rb
-- spec/controllers/spree/api/images_controller_spec.rb
-- spec/controllers/spree/api/inventory_units_controller_spec.rb
-- spec/controllers/spree/api/line_items_controller_spec.rb
-- spec/controllers/spree/api/option_types_controller_spec.rb
-- spec/controllers/spree/api/option_values_controller_spec.rb
-- spec/controllers/spree/api/orders_controller_spec.rb
-- spec/controllers/spree/api/payments_controller_spec.rb
-- spec/controllers/spree/api/product_properties_controller_spec.rb
-- spec/controllers/spree/api/products_controller_spec.rb
-- spec/controllers/spree/api/promotion_application_spec.rb
-- spec/controllers/spree/api/promotions_controller_spec.rb
-- spec/controllers/spree/api/properties_controller_spec.rb
 - spec/controllers/spree/api/resource_controller_spec.rb
-- spec/controllers/spree/api/return_authorizations_controller_spec.rb
-- spec/controllers/spree/api/shipments_controller_spec.rb
-- spec/controllers/spree/api/states_controller_spec.rb
-- spec/controllers/spree/api/stock_items_controller_spec.rb
-- spec/controllers/spree/api/stock_locations_controller_spec.rb
-- spec/controllers/spree/api/stock_movements_controller_spec.rb
-- spec/controllers/spree/api/stock_transfers_controller_spec.rb
-- spec/controllers/spree/api/store_credit_events_controller_spec.rb
-- spec/controllers/spree/api/stores_controller_spec.rb
-- spec/controllers/spree/api/taxonomies_controller_spec.rb
-- spec/controllers/spree/api/taxons_controller_spec.rb
-- spec/controllers/spree/api/transfer_items_controller_spec.rb
-- spec/controllers/spree/api/unauthenticated_products_controller_spec.rb
-- spec/controllers/spree/api/users_controller_spec.rb
-- spec/controllers/spree/api/variants_controller_spec.rb
-- spec/controllers/spree/api/zones_controller_spec.rb
 - spec/features/checkout_spec.rb
 - spec/fixtures/thinking-cat.jpg
 - spec/models/spree/legacy_user_spec.rb
 - spec/requests/api/address_books_spec.rb
 - spec/requests/rabl_cache_spec.rb
 - spec/requests/ransackable_attributes_spec.rb
+- spec/requests/spree/api/addresses_controller_spec.rb
+- spec/requests/spree/api/checkouts_controller_spec.rb
+- spec/requests/spree/api/classifications_controller_spec.rb
+- spec/requests/spree/api/config_controller_spec.rb
+- spec/requests/spree/api/countries_controller_spec.rb
+- spec/requests/spree/api/credit_cards_controller_spec.rb
+- spec/requests/spree/api/images_controller_spec.rb
+- spec/requests/spree/api/inventory_units_controller_spec.rb
+- spec/requests/spree/api/line_items_controller_spec.rb
+- spec/requests/spree/api/option_types_controller_spec.rb
+- spec/requests/spree/api/option_values_controller_spec.rb
+- spec/requests/spree/api/orders_controller_spec.rb
+- spec/requests/spree/api/payments_controller_spec.rb
+- spec/requests/spree/api/product_properties_controller_spec.rb
+- spec/requests/spree/api/products_controller_spec.rb
+- spec/requests/spree/api/promotion_application_spec.rb
+- spec/requests/spree/api/promotions_controller_spec.rb
+- spec/requests/spree/api/properties_controller_spec.rb
+- spec/requests/spree/api/return_authorizations_controller_spec.rb
 - spec/requests/spree/api/shipments_controller_spec.rb
+- spec/requests/spree/api/states_controller_spec.rb
+- spec/requests/spree/api/stock_items_controller_spec.rb
+- spec/requests/spree/api/stock_locations_controller_spec.rb
+- spec/requests/spree/api/stock_movements_controller_spec.rb
+- spec/requests/spree/api/stock_transfers_controller_spec.rb
+- spec/requests/spree/api/store_credit_events_controller_spec.rb
+- spec/requests/spree/api/stores_controller_spec.rb
+- spec/requests/spree/api/taxonomies_controller_spec.rb
+- spec/requests/spree/api/taxons_controller_spec.rb
+- spec/requests/spree/api/transfer_items_controller_spec.rb
+- spec/requests/spree/api/unauthenticated_products_controller_spec.rb
+- spec/requests/spree/api/users_controller_spec.rb
+- spec/requests/spree/api/variants_controller_spec.rb
+- spec/requests/spree/api/zones_controller_spec.rb
 - spec/shared_examples/protect_product_actions.rb
 - spec/spec_helper.rb
 - spec/support/controller_hacks.rb
@@ -286,49 +285,48 @@ signing_key:
 specification_version: 4
 summary: REST API for the Solidus e-commerce framework.
 test_files:
-- spec/controllers/spree/api/addresses_controller_spec.rb
 - spec/controllers/spree/api/base_controller_spec.rb
-- spec/controllers/spree/api/checkouts_controller_spec.rb
-- spec/controllers/spree/api/classifications_controller_spec.rb
-- spec/controllers/spree/api/config_controller_spec.rb
-- spec/controllers/spree/api/countries_controller_spec.rb
-- spec/controllers/spree/api/credit_cards_controller_spec.rb
-- spec/controllers/spree/api/images_controller_spec.rb
-- spec/controllers/spree/api/inventory_units_controller_spec.rb
-- spec/controllers/spree/api/line_items_controller_spec.rb
-- spec/controllers/spree/api/option_types_controller_spec.rb
-- spec/controllers/spree/api/option_values_controller_spec.rb
-- spec/controllers/spree/api/orders_controller_spec.rb
-- spec/controllers/spree/api/payments_controller_spec.rb
-- spec/controllers/spree/api/product_properties_controller_spec.rb
-- spec/controllers/spree/api/products_controller_spec.rb
-- spec/controllers/spree/api/promotion_application_spec.rb
-- spec/controllers/spree/api/promotions_controller_spec.rb
-- spec/controllers/spree/api/properties_controller_spec.rb
 - spec/controllers/spree/api/resource_controller_spec.rb
-- spec/controllers/spree/api/return_authorizations_controller_spec.rb
-- spec/controllers/spree/api/shipments_controller_spec.rb
-- spec/controllers/spree/api/states_controller_spec.rb
-- spec/controllers/spree/api/stock_items_controller_spec.rb
-- spec/controllers/spree/api/stock_locations_controller_spec.rb
-- spec/controllers/spree/api/stock_movements_controller_spec.rb
-- spec/controllers/spree/api/stock_transfers_controller_spec.rb
-- spec/controllers/spree/api/store_credit_events_controller_spec.rb
-- spec/controllers/spree/api/stores_controller_spec.rb
-- spec/controllers/spree/api/taxonomies_controller_spec.rb
-- spec/controllers/spree/api/taxons_controller_spec.rb
-- spec/controllers/spree/api/transfer_items_controller_spec.rb
-- spec/controllers/spree/api/unauthenticated_products_controller_spec.rb
-- spec/controllers/spree/api/users_controller_spec.rb
-- spec/controllers/spree/api/variants_controller_spec.rb
-- spec/controllers/spree/api/zones_controller_spec.rb
 - spec/features/checkout_spec.rb
 - spec/fixtures/thinking-cat.jpg
 - spec/models/spree/legacy_user_spec.rb
 - spec/requests/api/address_books_spec.rb
 - spec/requests/rabl_cache_spec.rb
 - spec/requests/ransackable_attributes_spec.rb
+- spec/requests/spree/api/addresses_controller_spec.rb
+- spec/requests/spree/api/checkouts_controller_spec.rb
+- spec/requests/spree/api/classifications_controller_spec.rb
+- spec/requests/spree/api/config_controller_spec.rb
+- spec/requests/spree/api/countries_controller_spec.rb
+- spec/requests/spree/api/credit_cards_controller_spec.rb
+- spec/requests/spree/api/images_controller_spec.rb
+- spec/requests/spree/api/inventory_units_controller_spec.rb
+- spec/requests/spree/api/line_items_controller_spec.rb
+- spec/requests/spree/api/option_types_controller_spec.rb
+- spec/requests/spree/api/option_values_controller_spec.rb
+- spec/requests/spree/api/orders_controller_spec.rb
+- spec/requests/spree/api/payments_controller_spec.rb
+- spec/requests/spree/api/product_properties_controller_spec.rb
+- spec/requests/spree/api/products_controller_spec.rb
+- spec/requests/spree/api/promotion_application_spec.rb
+- spec/requests/spree/api/promotions_controller_spec.rb
+- spec/requests/spree/api/properties_controller_spec.rb
+- spec/requests/spree/api/return_authorizations_controller_spec.rb
 - spec/requests/spree/api/shipments_controller_spec.rb
+- spec/requests/spree/api/states_controller_spec.rb
+- spec/requests/spree/api/stock_items_controller_spec.rb
+- spec/requests/spree/api/stock_locations_controller_spec.rb
+- spec/requests/spree/api/stock_movements_controller_spec.rb
+- spec/requests/spree/api/stock_transfers_controller_spec.rb
+- spec/requests/spree/api/store_credit_events_controller_spec.rb
+- spec/requests/spree/api/stores_controller_spec.rb
+- spec/requests/spree/api/taxonomies_controller_spec.rb
+- spec/requests/spree/api/taxons_controller_spec.rb
+- spec/requests/spree/api/transfer_items_controller_spec.rb
+- spec/requests/spree/api/unauthenticated_products_controller_spec.rb
+- spec/requests/spree/api/users_controller_spec.rb
+- spec/requests/spree/api/variants_controller_spec.rb
+- spec/requests/spree/api/zones_controller_spec.rb
 - spec/shared_examples/protect_product_actions.rb
 - spec/spec_helper.rb
 - spec/support/controller_hacks.rb

data/spec/controllers/spree/api/shipments_controller_spec.rb DELETED Viewed

@@ -1,301 +0,0 @@
-require 'spec_helper'
-describe Spree::Api::ShipmentsController, type: :controller do
-  render_views
-  let!(:shipment) { create(:shipment, inventory_units: [build(:inventory_unit, shipment: nil)]) }
-  let!(:attributes) { [:id, :tracking, :tracking_url, :number, :cost, :shipped_at, :stock_location_name, :order_id, :shipping_rates, :shipping_methods] }
-  before do
-    stub_authentication!
-  end
-  let!(:resource_scoping) { { id: shipment.to_param, shipment: { order_id: shipment.order.to_param } } }
-  context "as a non-admin" do
-    it "cannot make a shipment ready" do
-      api_put :ready
-      assert_unauthorized!
-    end
-    it "cannot make a shipment shipped" do
-      api_put :ship
-      assert_unauthorized!
-    end
-    it "cannot remove order contents from shipment" do
-      api_put :remove
-      assert_unauthorized!
-    end
-    it "cannot add contents to the shipment" do
-      api_put :add
-      assert_unauthorized!
-    end
-    it "cannot update the shipment" do
-      api_put :update
-      assert_unauthorized!
-    end
-  end
-  context "as an admin" do
-    let!(:order) { shipment.order }
-    let!(:stock_location) { create(:stock_location_with_items) }
-    let!(:variant) { create(:variant) }
-    sign_in_as_admin!
-    # Start writing this spec a bit differently than before....
-    describe 'POST #create' do
-      let(:params) do
-        {
-          variant_id: stock_location.stock_items.first.variant.to_param,
-          shipment: { order_id: order.number },
-          stock_location_id: stock_location.to_param
-        }
-      end
-      subject do
-        api_post :create, params
-      end
-      [:variant_id, :stock_location_id].each do |field|
-        context "when #{field} is missing" do
-          before do
-            params.delete(field)
-          end
-          it 'should return proper error' do
-            subject
-            expect(response.status).to eq(422)
-            expect(json_response['exception']).to eq("param is missing or the value is empty: #{field}")
-          end
-        end
-      end
-      it 'should create a new shipment' do
-        expect(subject).to be_ok
-        expect(json_response).to have_attributes(attributes)
-      end
-    end
-    it 'can update a shipment' do
-      params = {
-        shipment: {
-          stock_location_id: stock_location.to_param
-        }
-      }
-      api_put :update, params
-      expect(response.status).to eq(200)
-      expect(json_response['stock_location_name']).to eq(stock_location.name)
-    end
-    it "can make a shipment ready" do
-      allow_any_instance_of(Spree::Order).to receive_messages(paid?: true, complete?: true)
-      api_put :ready
-      expect(json_response).to have_attributes(attributes)
-      expect(json_response["state"]).to eq("ready")
-      expect(shipment.reload.state).to eq("ready")
-    end
-    it "cannot make a shipment ready if the order is unpaid" do
-      allow_any_instance_of(Spree::Order).to receive_messages(paid?: false)
-      api_put :ready
-      expect(json_response["error"]).to eq("Cannot ready shipment.")
-      expect(response.status).to eq(422)
-    end
-    context 'for completed orders' do
-      let(:order) { create :completed_order_with_totals }
-      let!(:resource_scoping) { { id: order.shipments.first.to_param, shipment: { order_id: order.to_param } } }
-      it 'adds a variant to a shipment' do
-        api_put :add, { variant_id: variant.to_param, quantity: 2 }
-        expect(response.status).to eq(200)
-        expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(2)
-      end
-      it 'removes a variant from a shipment' do
-        order.contents.add(variant, 2)
-        api_put :remove, { variant_id: variant.to_param, quantity: 1 }
-        expect(response.status).to eq(200)
-        expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(1)
-      end
-      it 'removes a destroyed variant from a shipment' do
-        order.contents.add(variant, 2)
-        variant.destroy
-        api_put :remove, { variant_id: variant.to_param, quantity: 1 }
-        expect(response.status).to eq(200)
-        expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(1)
-      end
-    end
-    context "for shipped shipments" do
-      let(:order) { create :shipped_order }
-      let!(:resource_scoping) { { id: order.shipments.first.to_param, shipment: { order_id: order.to_param } } }
-      it 'adds a variant to a shipment' do
-        api_put :add, { variant_id: variant.to_param, quantity: 2 }
-        expect(response.status).to eq(200)
-        expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(2)
-      end
-      it 'cannot remove a variant from a shipment' do
-        api_put :remove, { variant_id: variant.to_param, quantity: 1 }
-        expect(response.status).to eq(422)
-        expect(json_response['errors']['base'].join).to match /Cannot remove items/
-      end
-    end
-    describe '#mine' do
-      subject do
-        api_get :mine, params
-      end
-      let(:params) { {} }
-      context "the current api user is authenticated and has orders" do
-        let(:current_api_user) { shipped_order.user }
-        let(:shipped_order) { create(:shipped_order) }
-        it 'succeeds' do
-          subject
-          expect(response.status).to eq 200
-        end
-        describe 'json output' do
-          render_views
-          let(:rendered_shipment_ids) { json_response['shipments'].map { |s| s['id'] } }
-          it 'contains the shipments' do
-            subject
-            expect(rendered_shipment_ids).to match_array current_api_user.orders.flat_map(&:shipments).map(&:id)
-          end
-          context "credit card payment" do
-            before { subject }
-            it 'contains the id and cc_type of the credit card' do
-              expect(json_response['shipments'][0]['order']['payments'][0]['source'].keys).to match_array ["id", "cc_type"]
-            end
-          end
-          context "store credit payment" do
-            let(:current_api_user) { shipped_order.user }
-            let(:shipped_order)    { create(:shipped_order, payment_type: :store_credit_payment) }
-            before { subject }
-            it 'only contains the id of the payment source' do
-              expect(json_response['shipments'][0]['order']['payments'][0]['source'].keys).to match_array ["id"]
-            end
-          end
-        end
-        context 'with filtering' do
-          let(:params) { { q: { order_completed_at_not_null: 1 } } }
-          let!(:incomplete_order) { create(:order_with_line_items, user: current_api_user) }
-          it 'filters' do
-            subject
-            expect(assigns(:shipments).map(&:id)).to match_array current_api_user.orders.complete.flat_map(&:shipments).map(&:id)
-          end
-        end
-      end
-      context "the current api user does not exist" do
-        let(:current_api_user) { nil }
-        it "returns a 401" do
-          subject
-          expect(response.status).to eq(401)
-        end
-      end
-    end
-  end
-  describe "#ship" do
-    let(:shipment) { create(:order_ready_to_ship).shipments.first }
-    let(:send_mailer) { nil }
-    subject { api_put :ship, id: shipment.to_param, send_mailer: send_mailer }
-    context "the user is allowed to ship the shipment" do
-      sign_in_as_admin!
-      it "ships the shipment" do
-        Timecop.freeze do
-          subject
-          shipment.reload
-          expect(shipment.state).to eq 'shipped'
-          expect(shipment.shipped_at.to_i).to eq Time.current.to_i
-        end
-      end
-      context "send_mailer not present" do
-        it "sends the shipped shipments mailer" do
-          expect { subject }.to change { ActionMailer::Base.deliveries.size }.by(1)
-          expect(ActionMailer::Base.deliveries.last.subject).to match /Shipment Notification/
-        end
-      end
-      context "send_mailer set to false" do
-        let(:send_mailer) { 'false' }
-        it "does not send the shipped shipments mailer" do
-          expect { subject }.to_not change { ActionMailer::Base.deliveries.size }
-        end
-      end
-      context "send_mailer set to true" do
-        let(:send_mailer) { 'true' }
-        it "sends the shipped shipments mailer" do
-          expect { subject }.to change { ActionMailer::Base.deliveries.size }.by(1)
-          expect(ActionMailer::Base.deliveries.last.subject).to match /Shipment Notification/
-        end
-      end
-    end
-    context "the user is not allowed to ship the shipment" do
-      sign_in_as_admin!
-      before do
-        ability = Spree::Ability.new(current_api_user)
-        ability.cannot :ship, Spree::Shipment
-        allow(controller).to receive(:current_ability) { ability }
-      end
-      it "does nothing" do
-        expect {
-          expect {
-            subject
-          }.not_to change(shipment, :state)
-        }.not_to change(shipment, :shipped_at)
-      end
-      it "responds with a 401" do
-        subject
-        expect(response.status).to eq 401
-      end
-    end
-    context "the user is not allowed to view the shipment" do
-      it "does nothing" do
-        expect {
-          expect {
-            subject
-          }.not_to change(shipment, :state)
-        }.not_to change(shipment, :shipped_at)
-      end
-      it "responds with a 401" do
-        subject
-        expect(response).to be_unauthorized
-      end
-    end
-  end
-end