solidus_api 2.9.6 → 2.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (111) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +35 -2
  3. data/app/controllers/spree/api/addresses_controller.rb +2 -2
  4. data/app/controllers/spree/api/base_controller.rb +21 -13
  5. data/app/controllers/spree/api/checkouts_controller.rb +1 -11
  6. data/app/controllers/spree/api/countries_controller.rb +2 -2
  7. data/app/controllers/spree/api/credit_cards_controller.rb +3 -3
  8. data/app/controllers/spree/api/customer_returns_controller.rb +67 -0
  9. data/app/controllers/spree/api/images_controller.rb +5 -5
  10. data/app/controllers/spree/api/inventory_units_controller.rb +2 -2
  11. data/app/controllers/spree/api/option_types_controller.rb +4 -4
  12. data/app/controllers/spree/api/option_values_controller.rb +3 -3
  13. data/app/controllers/spree/api/orders_controller.rb +11 -6
  14. data/app/controllers/spree/api/payments_controller.rb +2 -2
  15. data/app/controllers/spree/api/product_properties_controller.rb +9 -14
  16. data/app/controllers/spree/api/promotions_controller.rb +3 -12
  17. data/app/controllers/spree/api/properties_controller.rb +4 -4
  18. data/app/controllers/spree/api/resource_controller.rb +3 -3
  19. data/app/controllers/spree/api/return_authorizations_controller.rb +4 -4
  20. data/app/controllers/spree/api/shipments_controller.rb +2 -2
  21. data/app/controllers/spree/api/states_controller.rb +3 -3
  22. data/app/controllers/spree/api/stock_items_controller.rb +3 -3
  23. data/app/controllers/spree/api/stock_locations_controller.rb +4 -4
  24. data/app/controllers/spree/api/stock_movements_controller.rb +3 -3
  25. data/app/controllers/spree/api/stores_controller.rb +4 -4
  26. data/app/controllers/spree/api/taxonomies_controller.rb +5 -3
  27. data/app/controllers/spree/api/taxons_controller.rb +5 -5
  28. data/app/controllers/spree/api/users_controller.rb +13 -0
  29. data/app/controllers/spree/api/variants_controller.rb +4 -4
  30. data/app/controllers/spree/api/zones_controller.rb +3 -3
  31. data/app/helpers/spree/api/api_helpers.rb +20 -7
  32. data/app/views/spree/api/customer_returns/index.json.jbuilder +6 -0
  33. data/app/views/spree/api/customer_returns/new.json.jbuilder +4 -0
  34. data/app/views/spree/api/customer_returns/show.json.jbuilder +3 -0
  35. data/app/views/spree/api/errors/could_not_transition.json.jbuilder +4 -0
  36. data/app/views/spree/api/images/_image.json.jbuilder +2 -2
  37. data/app/views/spree/api/orders/_order.json.jbuilder +1 -1
  38. data/app/views/spree/api/orders/could_not_transition.json.jbuilder +5 -0
  39. data/app/views/spree/api/shared/_pagination.json.jbuilder +1 -1
  40. data/config/locales/en.yml +2 -0
  41. data/config/routes.rb +6 -3
  42. data/lib/spree/api.rb +0 -7
  43. data/lib/spree/api/config.rb +9 -0
  44. data/lib/spree/api/engine.rb +4 -4
  45. data/lib/spree/api/responders.rb +3 -2
  46. data/lib/spree/api/responders/{rabl_template.rb → jbuilder_template.rb} +3 -1
  47. data/lib/spree/api/testing_support/helpers.rb +1 -1
  48. data/{app/models → lib}/spree/api_configuration.rb +0 -0
  49. data/openapi/.stoplight.yml +7 -0
  50. data/openapi/authentication.md +33 -0
  51. data/openapi/checkout-flow.md +63 -0
  52. data/openapi/errors.md +3 -0
  53. data/openapi/lint.yml +1 -0
  54. data/openapi/main.hub.yml +65 -0
  55. data/openapi/pagination.md +7 -0
  56. data/openapi/solidus-api.oas.yml +6753 -0
  57. data/openapi/theme.css +0 -0
  58. data/solidus_api.gemspec +19 -19
  59. metadata +27 -115
  60. data/script/rails +0 -10
  61. data/spec/controllers/spree/api/base_controller_spec.rb +0 -118
  62. data/spec/controllers/spree/api/resource_controller_spec.rb +0 -190
  63. data/spec/features/checkout_spec.rb +0 -192
  64. data/spec/fixtures/thinking-cat.jpg +0 -0
  65. data/spec/models/spree/legacy_user_spec.rb +0 -103
  66. data/spec/requests/api/address_books_spec.rb +0 -240
  67. data/spec/requests/rabl_cache_spec.rb +0 -34
  68. data/spec/requests/ransackable_attributes_spec.rb +0 -79
  69. data/spec/requests/spree/api/addresses_controller_spec.rb +0 -57
  70. data/spec/requests/spree/api/checkouts_controller_spec.rb +0 -484
  71. data/spec/requests/spree/api/classifications_controller_spec.rb +0 -50
  72. data/spec/requests/spree/api/config_controller_spec.rb +0 -26
  73. data/spec/requests/spree/api/countries_controller_spec.rb +0 -48
  74. data/spec/requests/spree/api/coupon_codes_controller_spec.rb +0 -105
  75. data/spec/requests/spree/api/credit_cards_controller_spec.rb +0 -105
  76. data/spec/requests/spree/api/images_controller_spec.rb +0 -99
  77. data/spec/requests/spree/api/inventory_units_controller_spec.rb +0 -55
  78. data/spec/requests/spree/api/line_items_controller_spec.rb +0 -213
  79. data/spec/requests/spree/api/option_types_controller_spec.rb +0 -116
  80. data/spec/requests/spree/api/option_values_controller_spec.rb +0 -138
  81. data/spec/requests/spree/api/orders_controller_spec.rb +0 -954
  82. data/spec/requests/spree/api/payments_controller_spec.rb +0 -259
  83. data/spec/requests/spree/api/product_properties_controller_spec.rb +0 -114
  84. data/spec/requests/spree/api/products_controller_spec.rb +0 -422
  85. data/spec/requests/spree/api/promotion_application_spec.rb +0 -50
  86. data/spec/requests/spree/api/promotions_controller_spec.rb +0 -67
  87. data/spec/requests/spree/api/properties_controller_spec.rb +0 -102
  88. data/spec/requests/spree/api/return_authorizations_controller_spec.rb +0 -180
  89. data/spec/requests/spree/api/shipments_controller_spec.rb +0 -532
  90. data/spec/requests/spree/api/states_controller_spec.rb +0 -69
  91. data/spec/requests/spree/api/stock_items_controller_spec.rb +0 -311
  92. data/spec/requests/spree/api/stock_locations_controller_spec.rb +0 -170
  93. data/spec/requests/spree/api/stock_movements_controller_spec.rb +0 -81
  94. data/spec/requests/spree/api/store_credit_events_controller_spec.rb +0 -59
  95. data/spec/requests/spree/api/stores_controller_spec.rb +0 -134
  96. data/spec/requests/spree/api/taxonomies_controller_spec.rb +0 -114
  97. data/spec/requests/spree/api/taxons_controller_spec.rb +0 -217
  98. data/spec/requests/spree/api/unauthenticated_products_controller_spec.rb +0 -27
  99. data/spec/requests/spree/api/users_controller_spec.rb +0 -151
  100. data/spec/requests/spree/api/variants_controller_spec.rb +0 -340
  101. data/spec/requests/spree/api/zones_controller_spec.rb +0 -89
  102. data/spec/shared_examples/protect_product_actions.rb +0 -18
  103. data/spec/spec_helper.rb +0 -73
  104. data/spec/support/be_paginated_matcher.rb +0 -9
  105. data/spec/support/controller_hacks.rb +0 -43
  106. data/spec/support/database_cleaner.rb +0 -16
  107. data/spec/support/have_attributes_matcher.rb +0 -11
  108. data/spec/test_views/spree/api/widgets/_widget.json.jbuilder +0 -3
  109. data/spec/test_views/spree/api/widgets/index.json.jbuilder +0 -9
  110. data/spec/test_views/spree/api/widgets/new.json.jbuilder +0 -3
  111. data/spec/test_views/spree/api/widgets/show.json.jbuilder +0 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9041e899f4cd40c0426851ecab468e5b0e6799979026651d90ed71c68e9a33d2
4
- data.tar.gz: 6b6195d91d485815fc3e609c661efa408146b7ab49296c8db33987e568916ee4
3
+ metadata.gz: 0073a2dd8fda3f900d1eacc4221b4ef2e0b418adb5a08818dfadd32aa8c55020
4
+ data.tar.gz: 1f453e33e88e7f80a4c0b618cb4336a54cf8dff3044d9b526e6bb6d312f46e07
5
5
  SHA512:
6
- metadata.gz: 72241153b2007035f40f1869e76a276597580d11fe4d8b24bd37529a03520f799edfd9530a18677df79aeaafffa8f929d1f2bae1b9a320871b781b705c21a2f5
7
- data.tar.gz: dcb64f63cb2edd713a03bb3c971ed9de693d4e1af34bb3cb5746ed73b2294660ddb3805382587f10675f2ec71642ebb79f979373b21b7f03af8157bde6250067
6
+ metadata.gz: 4783fe7f6037f082e38fd384732c895e7c591781d0770a45f107248b7380a40a6675cd1935455aaeef230ed7c0c4eb61e55f506eaaabbdb3a846de1a71989b0a
7
+ data.tar.gz: e722663fa5ac036dc85edd355d8faa09a73b36c4dd3a3e17fa145a7f31f815349d71315355def89cfd724d5610497ce0bef6824d73cf1d554abe8f1b36e1659e
data/README.md CHANGED
@@ -1,6 +1,7 @@
1
- # solidus\_api
1
+ # solidus_api
2
2
 
3
- API contains the controllers and rabl views implementing the REST API of Solidus.
3
+ API contains the controllers and Jbuilder views implementing the REST API of
4
+ Solidus.
4
5
 
5
6
  ## Testing
6
7
 
@@ -9,3 +10,35 @@ Run the API tests:
9
10
  ```bash
10
11
  bundle exec rspec
11
12
  ```
13
+
14
+ ## Documentation
15
+
16
+ The API documentation is in the [openapi][docs-dir] directory. It follows the
17
+ OpenAPI specification and it is hosted on [Stoplight Docs][live-docs].
18
+
19
+ If you want to contribute, you can use [Stoplight Studio][studio]. Simply
20
+ follow these steps:
21
+
22
+ 1. Create a new Stoplight Studio project
23
+ 2. Copy-paste the content of `openapi/solidus-api.oas.yml` into your project
24
+ 3. Edit the endpoints and models as needed
25
+ 4. Copy-paste the result back into `openapi/solidus-api.oas.yml`
26
+ 5. Open a PR!
27
+
28
+ **Note: Only use embedded models in Stoplight Studio, as Stoplight Docs is
29
+ not compatible with externally-defined models!**
30
+
31
+ CircleCI automatically syncs our Git repo with Stoplight Docs when a PR is
32
+ merged, and automatically publishes a new version on Docs when a new Solidus
33
+ version is released.
34
+
35
+ ## Related projects
36
+
37
+ - [solidus-sdk](https://gitlab.com/deseretbook/packages/solidus-sdk): created
38
+ by Joel Saupe at [Deseret Book](https://deseretbook.com/), this is a JS SDK
39
+ that allows you to use the Solidus API. It even supports plug-ins, so you can
40
+ easily extend it with the endpoints provided by your Solidus extensions!
41
+
42
+ [docs-dir]: https://github.com/solidusio/solidus/tree/master/api/openapi
43
+ [live-docs]: https://solidus.docs.stoplight.io
44
+ [studio]: https://stoplight.io/p/studio
@@ -6,7 +6,7 @@ module Spree
6
6
  before_action :find_order
7
7
 
8
8
  def show
9
- authorize! :read, @order, order_token
9
+ authorize! :show, @order, order_token
10
10
  find_address
11
11
  respond_with(@address)
12
12
  end
@@ -15,7 +15,7 @@ module Spree
15
15
  authorize! :update, @order, order_token
16
16
  find_address
17
17
 
18
- if @order.update_attributes({ "#{@order_source}_attributes" => address_params })
18
+ if @order.update({ "#{@order_source}_attributes" => address_params })
19
19
  @address = @order.send(@order_source)
20
20
  respond_with(@address, default_template: :show)
21
21
  else
@@ -10,6 +10,7 @@ module Spree
10
10
  protect_from_forgery unless: -> { request.format.json? }
11
11
 
12
12
  include CanCan::ControllerAdditions
13
+ include Spree::Core::ControllerHelpers::CurrentHost
13
14
  include Spree::Core::ControllerHelpers::Store
14
15
  include Spree::Core::ControllerHelpers::Pricing
15
16
  include Spree::Core::ControllerHelpers::StrongParameters
@@ -28,6 +29,7 @@ module Spree
28
29
  rescue_from ActiveRecord::RecordNotFound, with: :not_found
29
30
  rescue_from CanCan::AccessDenied, with: :unauthorized
30
31
  rescue_from Spree::Core::GatewayError, with: :gateway_error
32
+ rescue_from StateMachines::InvalidTransition, with: :invalid_transition
31
33
 
32
34
  helper Spree::Api::ApiHelpers
33
35
 
@@ -49,9 +51,9 @@ module Spree
49
51
  def authenticate_user
50
52
  unless @current_api_user
51
53
  if requires_authentication? && api_key.blank? && order_token.blank?
52
- render "spree/api/errors/must_specify_api_key", status: 401
54
+ render "spree/api/errors/must_specify_api_key", status: :unauthorized
53
55
  elsif order_token.blank? && (requires_authentication? || api_key.present?)
54
- render "spree/api/errors/invalid_api_key", status: 401
56
+ render "spree/api/errors/invalid_api_key", status: :unauthorized
55
57
  end
56
58
  end
57
59
  end
@@ -65,7 +67,7 @@ module Spree
65
67
  end
66
68
 
67
69
  def unauthorized
68
- render "spree/api/errors/unauthorized", status: 401
70
+ render "spree/api/errors/unauthorized", status: :unauthorized
69
71
  end
70
72
 
71
73
  def gateway_error(exception)
@@ -78,7 +80,7 @@ module Spree
78
80
  exception: exception.message,
79
81
  error: exception.message,
80
82
  missing_param: exception.param
81
- }, status: 422
83
+ }, status: :unprocessable_entity
82
84
  end
83
85
 
84
86
  def requires_authentication?
@@ -86,7 +88,7 @@ module Spree
86
88
  end
87
89
 
88
90
  def not_found
89
- render "spree/api/errors/not_found", status: 404
91
+ render "spree/api/errors/not_found", status: :not_found
90
92
  end
91
93
 
92
94
  def current_ability
@@ -96,7 +98,7 @@ module Spree
96
98
  def invalid_resource!(resource)
97
99
  Rails.logger.error "invalid_resouce_errors=#{resource.errors.full_messages}"
98
100
  @resource = resource
99
- render "spree/api/errors/invalid_resource", status: 422
101
+ render "spree/api/errors/invalid_resource", status: :unprocessable_entity
100
102
  end
101
103
 
102
104
  def api_key
@@ -112,7 +114,7 @@ module Spree
112
114
 
113
115
  def spree_token
114
116
  token = request.headers["X-Spree-Token"]
115
- return unless token.present?
117
+ return if token.blank?
116
118
 
117
119
  Spree::Deprecation.warn(
118
120
  'The custom X-Spree-Token request header is deprecated and will be removed in the next release.' \
@@ -133,13 +135,13 @@ module Spree
133
135
 
134
136
  def product_scope
135
137
  if can?(:admin, Spree::Product)
136
- scope = Spree::Product.with_deleted.accessible_by(current_ability, :read).includes(*product_includes)
138
+ scope = Spree::Product.with_discarded.accessible_by(current_ability).includes(*product_includes)
137
139
 
138
140
  unless params[:show_deleted]
139
141
  scope = scope.not_deleted
140
142
  end
141
143
  else
142
- scope = Spree::Product.accessible_by(current_ability, :read).available.includes(*product_includes)
144
+ scope = Spree::Product.accessible_by(current_ability).available.includes(*product_includes)
143
145
  end
144
146
 
145
147
  scope
@@ -159,13 +161,13 @@ module Spree
159
161
 
160
162
  def authorize_for_order
161
163
  @order = Spree::Order.find_by(number: order_id)
162
- authorize! :read, @order, order_token
164
+ authorize! :show, @order, order_token
163
165
  end
164
166
 
165
167
  def lock_order
166
168
  OrderMutex.with_lock!(@order) { yield }
167
- rescue Spree::OrderMutex::LockFailed => e
168
- render plain: e.message, status: 409
169
+ rescue Spree::OrderMutex::LockFailed => error
170
+ render plain: error.message, status: :conflict
169
171
  end
170
172
 
171
173
  def insufficient_stock_error(exception)
@@ -175,7 +177,7 @@ module Spree
175
177
  errors: [I18n.t(:quantity_is_not_available, scope: "spree.api.order")],
176
178
  type: 'insufficient_stock'
177
179
  },
178
- status: 422
180
+ status: :unprocessable_entity
179
181
  )
180
182
  end
181
183
 
@@ -188,6 +190,12 @@ module Spree
188
190
  def default_per_page
189
191
  Kaminari.config.default_per_page
190
192
  end
193
+
194
+ def invalid_transition(error)
195
+ logger.error("invalid_transition #{error.event} from #{error.from} for #{error.object.class.name}. Error: #{error.inspect}")
196
+
197
+ render "spree/api/errors/could_not_transition", locals: { resource: error.object }, status: :unprocessable_entity
198
+ end
191
199
  end
192
200
  end
193
201
  end
@@ -20,12 +20,8 @@ module Spree
20
20
  respond_with(@order, default_template: 'spree/api/orders/expected_total_mismatch', status: 400)
21
21
  return
22
22
  end
23
- authorize! :update, @order, order_token
24
23
  @order.next!
25
24
  respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
26
- rescue StateMachines::InvalidTransition => e
27
- logger.error("invalid_transition #{e.event} from #{e.from} for #{e.object.class.name}. Error: #{e.inspect}")
28
- respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
29
25
  end
30
26
 
31
27
  def advance
@@ -42,9 +38,6 @@ module Spree
42
38
  @order.complete!
43
39
  respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
44
40
  end
45
- rescue StateMachines::InvalidTransition => e
46
- logger.error("invalid_transition #{e.event} from #{e.from} for #{e.object.class.name}. Error: #{e.inspect}")
47
- respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
48
41
  end
49
42
 
50
43
  def update
@@ -57,12 +50,9 @@ module Spree
57
50
 
58
51
  return if after_update_attributes
59
52
 
60
- if @order.completed? || @order.next
53
+ if @order.completed? || @order.next!
61
54
  state_callback(:after)
62
55
  respond_with(@order, default_template: 'spree/api/orders/show')
63
- else
64
- logger.error("failed_to_transition_errors=#{@order.errors.full_messages}")
65
- respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
66
56
  end
67
57
  else
68
58
  invalid_resource!(@order)
@@ -7,7 +7,7 @@ module Spree
7
7
 
8
8
  def index
9
9
  @countries = Spree::Country.
10
- accessible_by(current_ability, :read).
10
+ accessible_by(current_ability).
11
11
  ransack(params[:q]).
12
12
  result.
13
13
  order('name ASC')
@@ -21,7 +21,7 @@ module Spree
21
21
  end
22
22
 
23
23
  def show
24
- @country = Spree::Country.accessible_by(current_ability, :read).find(params[:id])
24
+ @country = Spree::Country.accessible_by(current_ability, :show).find(params[:id])
25
25
  respond_with(@country)
26
26
  end
27
27
  end
@@ -9,7 +9,7 @@ module Spree
9
9
  def index
10
10
  @credit_cards = user
11
11
  .credit_cards
12
- .accessible_by(current_ability, :read)
12
+ .accessible_by(current_ability)
13
13
  .with_payment_profile
14
14
  .ransack(params[:q]).result
15
15
 
@@ -18,7 +18,7 @@ module Spree
18
18
  end
19
19
 
20
20
  def update
21
- if @credit_card.update_attributes(credit_card_update_params)
21
+ if @credit_card.update(credit_card_update_params)
22
22
  respond_with(@credit_card, default_template: :show)
23
23
  else
24
24
  invalid_resource!(@credit_card)
@@ -29,7 +29,7 @@ module Spree
29
29
 
30
30
  def user
31
31
  if params[:user_id].present?
32
- @user ||= Spree.user_class.accessible_by(current_ability, :read).find(params[:user_id])
32
+ @user ||= Spree.user_class.accessible_by(current_ability, :show).find(params[:user_id])
33
33
  end
34
34
  end
35
35
 
@@ -0,0 +1,67 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Spree
4
+ module Api
5
+ class CustomerReturnsController < Spree::Api::BaseController
6
+ before_action :load_order
7
+ around_action :lock_order, only: [:create, :update, :destroy, :cancel]
8
+
9
+ rescue_from Spree::Order::InsufficientStock, with: :insufficient_stock_error
10
+
11
+ def create
12
+ authorize! :create, CustomerReturn
13
+ @customer_return = CustomerReturn.create(customer_return_params)
14
+ if @customer_return.save
15
+ respond_with(@customer_return, status: 201, default_template: :show)
16
+ else
17
+ invalid_resource!(@customer_return)
18
+ end
19
+ end
20
+
21
+ def index
22
+ authorize! :index, CustomerReturn
23
+
24
+ @customer_returns = @order.
25
+ customer_returns.
26
+ accessible_by(current_ability).
27
+ ransack(params[:q]).
28
+ result
29
+
30
+ @customer_returns = paginate(@customer_returns)
31
+
32
+ respond_with(@customer_returns)
33
+ end
34
+
35
+ def new
36
+ authorize! :new, CustomerReturn
37
+ end
38
+
39
+ def show
40
+ authorize! :show, CustomerReturn
41
+ @customer_return = @order.customer_returns.accessible_by(current_ability, :show).find(params[:id])
42
+ respond_with(@customer_return)
43
+ end
44
+
45
+ def update
46
+ authorize! :update, CustomerReturn
47
+ @customer_return = @order.customer_returns.accessible_by(current_ability, :update).find(params[:id])
48
+ if @customer_return.update(customer_return_params)
49
+ respond_with(@customer_return.reload, default_template: :show)
50
+ else
51
+ invalid_resource!(@customer_return)
52
+ end
53
+ end
54
+
55
+ private
56
+
57
+ def load_order
58
+ @order ||= Spree::Order.find_by!(number: order_id)
59
+ authorize! :show, @order
60
+ end
61
+
62
+ def customer_return_params
63
+ params.require(:customer_return).permit(permitted_customer_return_attributes)
64
+ end
65
+ end
66
+ end
67
+ end
@@ -4,12 +4,12 @@ module Spree
4
4
  module Api
5
5
  class ImagesController < Spree::Api::BaseController
6
6
  def index
7
- @images = scope.images.accessible_by(current_ability, :read)
7
+ @images = scope.images.accessible_by(current_ability)
8
8
  respond_with(@images)
9
9
  end
10
10
 
11
11
  def show
12
- @image = Spree::Image.accessible_by(current_ability, :read).find(params[:id])
12
+ @image = scope.images.accessible_by(current_ability, :show).find(params[:id])
13
13
  respond_with(@image)
14
14
  end
15
15
 
@@ -20,13 +20,13 @@ module Spree
20
20
  end
21
21
 
22
22
  def update
23
- @image = Spree::Image.accessible_by(current_ability, :update).find(params[:id])
24
- @image.update_attributes(image_params)
23
+ @image = scope.images.accessible_by(current_ability, :update).find(params[:id])
24
+ @image.update(image_params)
25
25
  respond_with(@image, default_template: :show)
26
26
  end
27
27
 
28
28
  def destroy
29
- @image = Spree::Image.accessible_by(current_ability, :destroy).find(params[:id])
29
+ @image = scope.images.accessible_by(current_ability, :destroy).find(params[:id])
30
30
  @image.destroy
31
31
  respond_with(@image, status: 204)
32
32
  end
@@ -14,7 +14,7 @@ module Spree
14
14
  authorize! :update, inventory_unit.order
15
15
 
16
16
  inventory_unit.transaction do
17
- if inventory_unit.update_attributes(inventory_unit_params)
17
+ if inventory_unit.update(inventory_unit_params)
18
18
  fire
19
19
  render :show, status: 200
20
20
  else
@@ -26,7 +26,7 @@ module Spree
26
26
  private
27
27
 
28
28
  def inventory_unit
29
- @inventory_unit ||= Spree::InventoryUnit.accessible_by(current_ability, :read).find(params[:id])
29
+ @inventory_unit ||= Spree::InventoryUnit.accessible_by(current_ability, :show).find(params[:id])
30
30
  end
31
31
 
32
32
  def prepare_event
@@ -5,15 +5,15 @@ module Spree
5
5
  class OptionTypesController < Spree::Api::BaseController
6
6
  def index
7
7
  if params[:ids]
8
- @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).where(id: params[:ids].split(','))
8
+ @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability).where(id: params[:ids].split(','))
9
9
  else
10
- @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).load.ransack(params[:q]).result
10
+ @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability).load.ransack(params[:q]).result
11
11
  end
12
12
  respond_with(@option_types)
13
13
  end
14
14
 
15
15
  def show
16
- @option_type = Spree::OptionType.accessible_by(current_ability, :read).find(params[:id])
16
+ @option_type = Spree::OptionType.accessible_by(current_ability, :show).find(params[:id])
17
17
  respond_with(@option_type)
18
18
  end
19
19
 
@@ -29,7 +29,7 @@ module Spree
29
29
 
30
30
  def update
31
31
  @option_type = Spree::OptionType.accessible_by(current_ability, :update).find(params[:id])
32
- if @option_type.update_attributes(option_type_params)
32
+ if @option_type.update(option_type_params)
33
33
  render :show
34
34
  else
35
35
  invalid_resource!(@option_type)
@@ -29,7 +29,7 @@ module Spree
29
29
 
30
30
  def update
31
31
  @option_value = scope.accessible_by(current_ability, :update).find(params[:id])
32
- if @option_value.update_attributes(option_value_params)
32
+ if @option_value.update(option_value_params)
33
33
  render :show
34
34
  else
35
35
  invalid_resource!(@option_value)
@@ -46,9 +46,9 @@ module Spree
46
46
 
47
47
  def scope
48
48
  if params[:option_type_id]
49
- @scope ||= Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability, :read)
49
+ @scope ||= Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability)
50
50
  else
51
- @scope ||= Spree::OptionValue.accessible_by(current_ability, :read).load
51
+ @scope ||= Spree::OptionValue.accessible_by(current_ability).load
52
52
  end
53
53
  end
54
54