solidus_api 2.9.6 → 2.10.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9041e899f4cd40c0426851ecab468e5b0e6799979026651d90ed71c68e9a33d2
-  data.tar.gz: 6b6195d91d485815fc3e609c661efa408146b7ab49296c8db33987e568916ee4
+  metadata.gz: 5c84c03d908227e7072721b7a0a268e296c85606bd4b8f08dc538e052e6d8393
+  data.tar.gz: 3d4dcc56d49982aa91a6f73d86ac9ed6db4689c4e9b8a5e3fdfe846b91f94c57
 SHA512:
-  metadata.gz: 72241153b2007035f40f1869e76a276597580d11fe4d8b24bd37529a03520f799edfd9530a18677df79aeaafffa8f929d1f2bae1b9a320871b781b705c21a2f5
-  data.tar.gz: dcb64f63cb2edd713a03bb3c971ed9de693d4e1af34bb3cb5746ed73b2294660ddb3805382587f10675f2ec71642ebb79f979373b21b7f03af8157bde6250067
+  metadata.gz: 820e2d062e1ef2799bb70d5e67a25913ea0bfd0369a7934e6d22fe986a92a769b9a9b647f44f29842d34dec0f75988cf4172cf2ea5f41e30e2c866998718f45c
+  data.tar.gz: d53e4197d27d38b015146a71566a42b2e916134647fc4017ebdd123144bfd721b09897f40e67816d643d1f5fc2d1db2c1c074a35576a32d061fb3998c92aede1

data/README.md

@@ -1,6 +1,7 @@
-# solidus\_api
+# solidus_api
 
-API contains the controllers and rabl views implementing the REST API of Solidus.
+API contains the controllers and Jbuilder views implementing the REST API of
+Solidus.
 
 ## Testing
 
@@ -9,3 +10,35 @@ Run the API tests:
 ```bash
 bundle exec rspec
 ```
+
+## Documentation
+
+The API documentation is in the [openapi][docs-dir] directory. It follows the
+OpenAPI specification and it is hosted on [Stoplight Docs][live-docs].
+
+If you want to contribute, you can use [Stoplight Studio][studio]. Simply
+follow these steps:
+
+1. Create a new Stoplight Studio project
+2. Copy-paste the content of `openapi/api.oas2.yml` into your project
+3. Edit the endpoints and models as needed
+4. Copy-paste the result back into `openapi/api.oas2.yml`
+5. Open a PR!
+
+**Note: Only use embedded models in Stoplight Studio, as Stoplight Docs is
+not compatible with externally-defined models!**
+
+CircleCI automatically syncs our Git repo with Stoplight Docs when a PR is
+merged, and automatically publishes a new version on Docs when a new Solidus
+version is released.
+
+## Related projects
+
+- [solidus-sdk](https://gitlab.com/deseretbook/packages/solidus-sdk): created
+  by Joel Saupe at [Deseret Book](https://deseretbook.com/), this is a JS SDK
+  that allows you to use the Solidus API. It even supports plug-ins, so you can
+  easily extend it with the endpoints provided by your Solidus extensions!
+
+[docs-dir]: https://github.com/solidusio/solidus/tree/master/api/openapi
+[live-docs]: https://solidus.docs.stoplight.io
+[studio]: https://stoplight.io/p/studio

data/app/controllers/spree/api/addresses_controller.rb

@@ -15,7 +15,7 @@ module Spree
         authorize! :update, @order, order_token
         find_address
 
-        if @order.update_attributes({ "#{@order_source}_attributes" => address_params })
+        if @order.update({ "#{@order_source}_attributes" => address_params })
           @address = @order.send(@order_source)
           respond_with(@address, default_template: :show)
         else

data/app/controllers/spree/api/base_controller.rb

@@ -49,9 +49,9 @@ module Spree
       def authenticate_user
         unless @current_api_user
           if requires_authentication? && api_key.blank? && order_token.blank?
-            render "spree/api/errors/must_specify_api_key", status: 401
+            render "spree/api/errors/must_specify_api_key", status: :unauthorized
           elsif order_token.blank? && (requires_authentication? || api_key.present?)
-            render "spree/api/errors/invalid_api_key", status: 401
+            render "spree/api/errors/invalid_api_key", status: :unauthorized
           end
         end
       end
@@ -65,7 +65,7 @@ module Spree
       end
 
       def unauthorized
-        render "spree/api/errors/unauthorized", status: 401
+        render "spree/api/errors/unauthorized", status: :unauthorized
       end
 
       def gateway_error(exception)
@@ -78,7 +78,7 @@ module Spree
           exception: exception.message,
           error: exception.message,
           missing_param: exception.param
-        }, status: 422
+        }, status: :unprocessable_entity
       end
 
       def requires_authentication?
@@ -86,7 +86,7 @@ module Spree
       end
 
       def not_found
-        render "spree/api/errors/not_found", status: 404
+        render "spree/api/errors/not_found", status: :not_found
       end
 
       def current_ability
@@ -96,7 +96,7 @@ module Spree
       def invalid_resource!(resource)
         Rails.logger.error "invalid_resouce_errors=#{resource.errors.full_messages}"
         @resource = resource
-        render "spree/api/errors/invalid_resource", status: 422
+        render "spree/api/errors/invalid_resource", status: :unprocessable_entity
       end
 
       def api_key
@@ -112,7 +112,7 @@ module Spree
 
       def spree_token
         token = request.headers["X-Spree-Token"]
-        return unless token.present?
+        return if token.blank?
 
         Spree::Deprecation.warn(
           'The custom X-Spree-Token request header is deprecated and will be removed in the next release.' \
@@ -164,8 +164,8 @@ module Spree
 
       def lock_order
         OrderMutex.with_lock!(@order) { yield }
-      rescue Spree::OrderMutex::LockFailed => e
-        render plain: e.message, status: 409
+      rescue Spree::OrderMutex::LockFailed => error
+        render plain: error.message, status: :conflict
       end
 
       def insufficient_stock_error(exception)
@@ -175,7 +175,7 @@ module Spree
             errors: [I18n.t(:quantity_is_not_available, scope: "spree.api.order")],
             type: 'insufficient_stock'
           },
-          status: 422
+          status: :unprocessable_entity
         )
       end
 

data/app/controllers/spree/api/checkouts_controller.rb

@@ -23,8 +23,8 @@ module Spree
         authorize! :update, @order, order_token
         @order.next!
         respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
-      rescue StateMachines::InvalidTransition => e
-        logger.error("invalid_transition #{e.event} from #{e.from} for #{e.object.class.name}. Error: #{e.inspect}")
+      rescue StateMachines::InvalidTransition => error
+        logger.error("invalid_transition #{error.event} from #{error.from} for #{error.object.class.name}. Error: #{error.inspect}")
         respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
       end
 
@@ -42,8 +42,8 @@ module Spree
           @order.complete!
           respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
         end
-      rescue StateMachines::InvalidTransition => e
-        logger.error("invalid_transition #{e.event} from #{e.from} for #{e.object.class.name}. Error: #{e.inspect}")
+      rescue StateMachines::InvalidTransition => error
+        logger.error("invalid_transition #{error.event} from #{error.from} for #{error.object.class.name}. Error: #{error.inspect}")
         respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
       end
 

data/app/controllers/spree/api/credit_cards_controller.rb

@@ -18,7 +18,7 @@ module Spree
       end
 
       def update
-        if @credit_card.update_attributes(credit_card_update_params)
+        if @credit_card.update(credit_card_update_params)
           respond_with(@credit_card, default_template: :show)
         else
           invalid_resource!(@credit_card)

data/app/controllers/spree/api/images_controller.rb

@@ -21,7 +21,7 @@ module Spree
 
       def update
         @image = Spree::Image.accessible_by(current_ability, :update).find(params[:id])
-        @image.update_attributes(image_params)
+        @image.update(image_params)
         respond_with(@image, default_template: :show)
       end
 

data/app/controllers/spree/api/inventory_units_controller.rb

@@ -14,7 +14,7 @@ module Spree
         authorize! :update, inventory_unit.order
 
         inventory_unit.transaction do
-          if inventory_unit.update_attributes(inventory_unit_params)
+          if inventory_unit.update(inventory_unit_params)
             fire
             render :show, status: 200
           else

data/app/controllers/spree/api/option_types_controller.rb

@@ -29,7 +29,7 @@ module Spree
 
       def update
         @option_type = Spree::OptionType.accessible_by(current_ability, :update).find(params[:id])
-        if @option_type.update_attributes(option_type_params)
+        if @option_type.update(option_type_params)
           render :show
         else
           invalid_resource!(@option_type)

data/app/controllers/spree/api/option_values_controller.rb

@@ -29,7 +29,7 @@ module Spree
 
       def update
         @option_value = scope.accessible_by(current_ability, :update).find(params[:id])
-        if @option_value.update_attributes(option_value_params)
+        if @option_value.update(option_value_params)
           render :show
         else
           invalid_resource!(@option_value)

data/app/controllers/spree/api/orders_controller.rb

@@ -55,10 +55,9 @@ module Spree
       def index
         authorize! :index, Order
         orders_includes = [
-          :user,
-          :payments,
-          :adjustments,
-          :line_items
+          { user: :store_credits },
+          :line_items,
+          :valid_store_credit_payments
         ]
         @orders = paginate(
           Spree::Order
@@ -174,7 +173,13 @@ module Spree
       end
 
       def find_order(_lock = false)
-        @order = Spree::Order.find_by!(number: params[:id])
+        @order = Spree::Order.
+          includes(line_items: [:adjustments, { variant: :images }],
+                   payments: :payment_method,
+                   shipments: {
+                     shipping_rates: { shipping_method: :zones, taxes: :tax_rate }
+                   }).
+          find_by!(number: params[:id])
       end
 
       def order_id

data/app/controllers/spree/api/payments_controller.rb

@@ -31,7 +31,7 @@ module Spree
         authorize! params[:action], @payment
         if !@payment.pending?
           render 'update_forbidden', status: 403
-        elsif @payment.update_attributes(payment_params)
+        elsif @payment.update(payment_params)
           respond_with(@payment, default_template: :show)
         else
           invalid_resource!(@payment)

data/app/controllers/spree/api/product_properties_controller.rb

@@ -38,7 +38,7 @@ module Spree
       def update
         if @product_property
           authorize! :update, @product_property
-          @product_property.update_attributes(product_property_params)
+          @product_property.update(product_property_params)
           respond_with(@product_property, status: 200, default_template: :show)
         else
           invalid_resource!(@product_property)

data/app/controllers/spree/api/properties_controller.rb

@@ -39,7 +39,7 @@ module Spree
       def update
         if @property
           authorize! :update, @property
-          @property.update_attributes(property_params)
+          @property.update(property_params)
           respond_with(@property, status: 200, default_template: :show)
         else
           invalid_resource!(@property)

data/app/controllers/spree/api/resource_controller.rb

@@ -43,7 +43,7 @@ class Spree::Api::ResourceController < Spree::Api::BaseController
   def update
     authorize! :update, @object
 
-    if @object.update_attributes(permitted_resource_params)
+    if @object.update(permitted_resource_params)
       respond_with(@object, status: 200, default_template: :show)
     else
       invalid_resource!(@object)

data/app/controllers/spree/api/return_authorizations_controller.rb

@@ -50,7 +50,7 @@ module Spree
 
       def update
         @return_authorization = @order.return_authorizations.accessible_by(current_ability, :update).find(params[:id])
-        if @return_authorization.update_attributes(return_authorization_params)
+        if @return_authorization.update(return_authorization_params)
           respond_with(@return_authorization, default_template: :show)
         else
           invalid_resource!(@return_authorization)

data/app/controllers/spree/api/shipments_controller.rb

@@ -146,7 +146,7 @@ module Spree
       end
 
       def update_shipment
-        @shipment.update_attributes(shipment_params)
+        @shipment.update(shipment_params)
         @shipment.reload
       end
 

data/app/controllers/spree/api/stock_items_controller.rb

@@ -40,7 +40,7 @@ module Spree
         adjustment -= @stock_item.count_on_hand if params[:stock_item][:force]
 
         Spree::StockItem.transaction do
-          if @stock_item.update_attributes(stock_item_params)
+          if @stock_item.update(stock_item_params)
             adjust_stock_item_count_on_hand(adjustment)
             respond_with(@stock_item, status: 200, default_template: :show)
           else

data/app/controllers/spree/api/stock_locations_controller.rb

@@ -33,7 +33,7 @@ module Spree
 
       def update
         authorize! :update, stock_location
-        if stock_location.update_attributes(stock_location_params)
+        if stock_location.update(stock_location_params)
           respond_with(stock_location, status: 200, default_template: :show)
         else
           invalid_resource!(stock_location)

data/app/controllers/spree/api/stores_controller.rb

@@ -24,7 +24,7 @@ module Spree
 
       def update
         authorize! :update, @store
-        if @store.update_attributes(store_params)
+        if @store.update(store_params)
           respond_with(@store, status: 200, default_template: :show)
         else
           invalid_resource!(@store)

data/app/controllers/spree/api/taxonomies_controller.rb

@@ -33,7 +33,7 @@ module Spree
 
       def update
         authorize! :update, taxonomy
-        if taxonomy.update_attributes(taxonomy_params)
+        if taxonomy.update(taxonomy_params)
           respond_with(taxonomy, status: 200, default_template: :show)
         else
           invalid_resource!(taxonomy)
@@ -58,7 +58,9 @@ module Spree
       end
 
       def taxonomy
-        @taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :read).find(params[:id])
+        @taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :read).
+          includes(root: :children).
+          find(params[:id])
       end
 
       def taxonomy_params

data/app/controllers/spree/api/taxons_controller.rb

@@ -56,7 +56,7 @@ module Spree
 
       def update
         authorize! :update, taxon
-        if taxon.update_attributes(taxon_params)
+        if taxon.update(taxon_params)
           respond_with(taxon, status: 200, default_template: :show)
         else
           invalid_resource!(taxon)

data/app/controllers/spree/api/variants_controller.rb

@@ -43,7 +43,7 @@ module Spree
 
       def update
         @variant = scope.accessible_by(current_ability, :update).find(params[:id])
-        if @variant.update_attributes(variant_params)
+        if @variant.update(variant_params)
           respond_with(@variant, status: 200, default_template: :show)
         else
           invalid_resource!(@product)

data/app/controllers/spree/api/zones_controller.rb

@@ -37,7 +37,7 @@ module Spree
 
       def update
         authorize! :update, zone
-        if zone.update_attributes(zone_params)
+        if zone.update(zone_params)
           respond_with(zone, status: 200, default_template: :show)
         else
           invalid_resource!(zone)

data/app/helpers/spree/api/api_helpers.rb

@@ -40,7 +40,7 @@ module Spree
 
       def required_fields_for(model)
         required_fields = model._validators.select do |_field, validations|
-          validations.any? { |v| v.is_a?(ActiveModel::Validations::PresenceValidator) }
+          validations.any? { |validation| validation.is_a?(ActiveModel::Validations::PresenceValidator) }
         end.map(&:first) # get fields that are invalid
         # Permalinks presence is validated, but are really automatically generated
         # Therefore we shouldn't tell API clients that they MUST send one through
@@ -177,7 +177,7 @@ module Spree
       ]
 
       def variant_attributes
-        if @current_user_roles && @current_user_roles.include?("admin")
+        if @current_user_roles&.include?("admin")
           @@variant_attributes + [:cost_price]
         else
           @@variant_attributes

data/app/views/spree/api/images/_image.json.jbuilder

@@ -2,6 +2,6 @@
 
 json.(image, *image_attributes)
 json.(image, :viewable_type, :viewable_id)
-Spree::Image.attachment_definitions[:attachment][:styles].each do |k, _v|
-  json.set! "#{k}_url", image.attachment.url(k)
+Spree::Image.attachment_definitions[:attachment][:styles].each do |key, _value|
+  json.set! "#{key}_url", image.attachment.url(key)
 end

data/app/views/spree/api/orders/_order.json.jbuilder

@@ -3,7 +3,7 @@
 json.cache! [I18n.locale, order] do
   json.(order, *order_attributes)
   json.display_item_total(order.display_item_total.to_s)
-  json.total_quantity(order.line_items.sum(:quantity))
+  json.total_quantity(order.line_items.to_a.sum(&:quantity))
   json.display_total(order.display_total.to_s)
   json.display_ship_total(order.display_ship_total)
   json.display_tax_total(order.display_tax_total)

data/app/views/spree/api/shared/_pagination.json.jbuilder

@@ -4,4 +4,4 @@ json.count        pagination.count
 json.total_count  pagination.total_count
 json.current_page pagination.current_page
 json.pages        pagination.total_pages
-json.per_page     pagination.current_per_page
+json.per_page     pagination.limit_value

data/lib/spree/api.rb

@@ -2,11 +2,4 @@
 
 require 'spree/core'
 
-require 'responders'
-
-module Spree
-  module Api
-  end
-end
-
 require 'spree/api/engine'

data/lib/spree/api/config.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spree/api_configuration'
+
+module Spree
+  module Api
+    Config = Spree::ApiConfiguration.new
+  end
+end