solidus_api 2.9.6 → 2.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +35 -2
- data/app/controllers/spree/api/addresses_controller.rb +2 -2
- data/app/controllers/spree/api/base_controller.rb +21 -13
- data/app/controllers/spree/api/checkouts_controller.rb +1 -11
- data/app/controllers/spree/api/countries_controller.rb +2 -2
- data/app/controllers/spree/api/credit_cards_controller.rb +3 -3
- data/app/controllers/spree/api/customer_returns_controller.rb +67 -0
- data/app/controllers/spree/api/images_controller.rb +5 -5
- data/app/controllers/spree/api/inventory_units_controller.rb +2 -2
- data/app/controllers/spree/api/option_types_controller.rb +4 -4
- data/app/controllers/spree/api/option_values_controller.rb +3 -3
- data/app/controllers/spree/api/orders_controller.rb +11 -6
- data/app/controllers/spree/api/payments_controller.rb +2 -2
- data/app/controllers/spree/api/product_properties_controller.rb +9 -14
- data/app/controllers/spree/api/promotions_controller.rb +3 -12
- data/app/controllers/spree/api/properties_controller.rb +4 -4
- data/app/controllers/spree/api/resource_controller.rb +3 -3
- data/app/controllers/spree/api/return_authorizations_controller.rb +4 -4
- data/app/controllers/spree/api/shipments_controller.rb +2 -2
- data/app/controllers/spree/api/states_controller.rb +3 -3
- data/app/controllers/spree/api/stock_items_controller.rb +3 -3
- data/app/controllers/spree/api/stock_locations_controller.rb +4 -4
- data/app/controllers/spree/api/stock_movements_controller.rb +3 -3
- data/app/controllers/spree/api/stores_controller.rb +4 -4
- data/app/controllers/spree/api/taxonomies_controller.rb +5 -3
- data/app/controllers/spree/api/taxons_controller.rb +5 -5
- data/app/controllers/spree/api/users_controller.rb +13 -0
- data/app/controllers/spree/api/variants_controller.rb +4 -4
- data/app/controllers/spree/api/zones_controller.rb +3 -3
- data/app/helpers/spree/api/api_helpers.rb +20 -7
- data/app/views/spree/api/customer_returns/index.json.jbuilder +6 -0
- data/app/views/spree/api/customer_returns/new.json.jbuilder +4 -0
- data/app/views/spree/api/customer_returns/show.json.jbuilder +3 -0
- data/app/views/spree/api/errors/could_not_transition.json.jbuilder +4 -0
- data/app/views/spree/api/images/_image.json.jbuilder +2 -2
- data/app/views/spree/api/orders/_order.json.jbuilder +1 -1
- data/app/views/spree/api/orders/could_not_transition.json.jbuilder +5 -0
- data/app/views/spree/api/shared/_pagination.json.jbuilder +1 -1
- data/config/locales/en.yml +2 -0
- data/config/routes.rb +6 -3
- data/lib/spree/api.rb +0 -7
- data/lib/spree/api/config.rb +9 -0
- data/lib/spree/api/engine.rb +4 -4
- data/lib/spree/api/responders.rb +3 -2
- data/lib/spree/api/responders/{rabl_template.rb → jbuilder_template.rb} +3 -1
- data/lib/spree/api/testing_support/helpers.rb +1 -1
- data/{app/models → lib}/spree/api_configuration.rb +0 -0
- data/openapi/.stoplight.yml +7 -0
- data/openapi/authentication.md +33 -0
- data/openapi/checkout-flow.md +63 -0
- data/openapi/errors.md +3 -0
- data/openapi/lint.yml +1 -0
- data/openapi/main.hub.yml +65 -0
- data/openapi/pagination.md +7 -0
- data/openapi/solidus-api.oas.yml +6753 -0
- data/openapi/theme.css +0 -0
- data/solidus_api.gemspec +19 -19
- metadata +27 -115
- data/script/rails +0 -10
- data/spec/controllers/spree/api/base_controller_spec.rb +0 -118
- data/spec/controllers/spree/api/resource_controller_spec.rb +0 -190
- data/spec/features/checkout_spec.rb +0 -192
- data/spec/fixtures/thinking-cat.jpg +0 -0
- data/spec/models/spree/legacy_user_spec.rb +0 -103
- data/spec/requests/api/address_books_spec.rb +0 -240
- data/spec/requests/rabl_cache_spec.rb +0 -34
- data/spec/requests/ransackable_attributes_spec.rb +0 -79
- data/spec/requests/spree/api/addresses_controller_spec.rb +0 -57
- data/spec/requests/spree/api/checkouts_controller_spec.rb +0 -484
- data/spec/requests/spree/api/classifications_controller_spec.rb +0 -50
- data/spec/requests/spree/api/config_controller_spec.rb +0 -26
- data/spec/requests/spree/api/countries_controller_spec.rb +0 -48
- data/spec/requests/spree/api/coupon_codes_controller_spec.rb +0 -105
- data/spec/requests/spree/api/credit_cards_controller_spec.rb +0 -105
- data/spec/requests/spree/api/images_controller_spec.rb +0 -99
- data/spec/requests/spree/api/inventory_units_controller_spec.rb +0 -55
- data/spec/requests/spree/api/line_items_controller_spec.rb +0 -213
- data/spec/requests/spree/api/option_types_controller_spec.rb +0 -116
- data/spec/requests/spree/api/option_values_controller_spec.rb +0 -138
- data/spec/requests/spree/api/orders_controller_spec.rb +0 -954
- data/spec/requests/spree/api/payments_controller_spec.rb +0 -259
- data/spec/requests/spree/api/product_properties_controller_spec.rb +0 -114
- data/spec/requests/spree/api/products_controller_spec.rb +0 -422
- data/spec/requests/spree/api/promotion_application_spec.rb +0 -50
- data/spec/requests/spree/api/promotions_controller_spec.rb +0 -67
- data/spec/requests/spree/api/properties_controller_spec.rb +0 -102
- data/spec/requests/spree/api/return_authorizations_controller_spec.rb +0 -180
- data/spec/requests/spree/api/shipments_controller_spec.rb +0 -532
- data/spec/requests/spree/api/states_controller_spec.rb +0 -69
- data/spec/requests/spree/api/stock_items_controller_spec.rb +0 -311
- data/spec/requests/spree/api/stock_locations_controller_spec.rb +0 -170
- data/spec/requests/spree/api/stock_movements_controller_spec.rb +0 -81
- data/spec/requests/spree/api/store_credit_events_controller_spec.rb +0 -59
- data/spec/requests/spree/api/stores_controller_spec.rb +0 -134
- data/spec/requests/spree/api/taxonomies_controller_spec.rb +0 -114
- data/spec/requests/spree/api/taxons_controller_spec.rb +0 -217
- data/spec/requests/spree/api/unauthenticated_products_controller_spec.rb +0 -27
- data/spec/requests/spree/api/users_controller_spec.rb +0 -151
- data/spec/requests/spree/api/variants_controller_spec.rb +0 -340
- data/spec/requests/spree/api/zones_controller_spec.rb +0 -89
- data/spec/shared_examples/protect_product_actions.rb +0 -18
- data/spec/spec_helper.rb +0 -73
- data/spec/support/be_paginated_matcher.rb +0 -9
- data/spec/support/controller_hacks.rb +0 -43
- data/spec/support/database_cleaner.rb +0 -16
- data/spec/support/have_attributes_matcher.rb +0 -11
- data/spec/test_views/spree/api/widgets/_widget.json.jbuilder +0 -3
- data/spec/test_views/spree/api/widgets/index.json.jbuilder +0 -9
- data/spec/test_views/spree/api/widgets/new.json.jbuilder +0 -3
- data/spec/test_views/spree/api/widgets/show.json.jbuilder +0 -3
|
@@ -53,12 +53,11 @@ module Spree
|
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
def index
|
|
56
|
-
authorize! :
|
|
56
|
+
authorize! :admin, Order
|
|
57
57
|
orders_includes = [
|
|
58
|
-
:
|
|
59
|
-
:
|
|
60
|
-
:
|
|
61
|
-
:line_items
|
|
58
|
+
{ user: :store_credits },
|
|
59
|
+
:line_items,
|
|
60
|
+
:valid_store_credit_payments
|
|
62
61
|
]
|
|
63
62
|
@orders = paginate(
|
|
64
63
|
Spree::Order
|
|
@@ -174,7 +173,13 @@ module Spree
|
|
|
174
173
|
end
|
|
175
174
|
|
|
176
175
|
def find_order(_lock = false)
|
|
177
|
-
@order = Spree::Order.
|
|
176
|
+
@order = Spree::Order.
|
|
177
|
+
includes(line_items: [:adjustments, { variant: :images }],
|
|
178
|
+
payments: :payment_method,
|
|
179
|
+
shipments: {
|
|
180
|
+
shipping_rates: { shipping_method: :zones, taxes: :tax_rate }
|
|
181
|
+
}).
|
|
182
|
+
find_by!(number: params[:id])
|
|
178
183
|
end
|
|
179
184
|
|
|
180
185
|
def order_id
|
|
@@ -31,7 +31,7 @@ module Spree
|
|
|
31
31
|
authorize! params[:action], @payment
|
|
32
32
|
if !@payment.pending?
|
|
33
33
|
render 'update_forbidden', status: 403
|
|
34
|
-
elsif @payment.
|
|
34
|
+
elsif @payment.update(payment_params)
|
|
35
35
|
respond_with(@payment, default_template: :show)
|
|
36
36
|
else
|
|
37
37
|
invalid_resource!(@payment)
|
|
@@ -62,7 +62,7 @@ module Spree
|
|
|
62
62
|
|
|
63
63
|
def find_order
|
|
64
64
|
@order = Spree::Order.find_by(number: order_id)
|
|
65
|
-
authorize! :
|
|
65
|
+
authorize! :show, @order, order_token
|
|
66
66
|
end
|
|
67
67
|
|
|
68
68
|
def find_payment
|
|
@@ -9,7 +9,7 @@ module Spree
|
|
|
9
9
|
def index
|
|
10
10
|
@product_properties = @product.
|
|
11
11
|
product_properties.
|
|
12
|
-
accessible_by(current_ability
|
|
12
|
+
accessible_by(current_ability).
|
|
13
13
|
ransack(params[:q]).
|
|
14
14
|
result
|
|
15
15
|
|
|
@@ -36,9 +36,8 @@ module Spree
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
def update
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
@product_property.update_attributes(product_property_params)
|
|
39
|
+
authorize! :update, @product_property
|
|
40
|
+
if @product_property.update(product_property_params)
|
|
42
41
|
respond_with(@product_property, status: 200, default_template: :show)
|
|
43
42
|
else
|
|
44
43
|
invalid_resource!(@product_property)
|
|
@@ -46,27 +45,23 @@ module Spree
|
|
|
46
45
|
end
|
|
47
46
|
|
|
48
47
|
def destroy
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
respond_with(@product_property, status: 204)
|
|
53
|
-
else
|
|
54
|
-
invalid_resource!(@product_property)
|
|
55
|
-
end
|
|
48
|
+
authorize! :destroy, @product_property
|
|
49
|
+
@product_property.destroy
|
|
50
|
+
respond_with(@product_property, status: 204)
|
|
56
51
|
end
|
|
57
52
|
|
|
58
53
|
private
|
|
59
54
|
|
|
60
55
|
def find_product
|
|
61
56
|
@product = super(params[:product_id])
|
|
62
|
-
authorize! :
|
|
57
|
+
authorize! :show, @product
|
|
63
58
|
end
|
|
64
59
|
|
|
65
60
|
def product_property
|
|
66
61
|
if @product
|
|
67
62
|
@product_property ||= @product.product_properties.find_by(id: params[:id])
|
|
68
|
-
@product_property ||= @product.product_properties.includes(:property).where(spree_properties: { name: params[:id] }).first
|
|
69
|
-
authorize! :
|
|
63
|
+
@product_property ||= @product.product_properties.includes(:property).where(spree_properties: { name: params[:id] }).first!
|
|
64
|
+
authorize! :show, @product_property
|
|
70
65
|
end
|
|
71
66
|
end
|
|
72
67
|
|
|
@@ -3,26 +3,17 @@
|
|
|
3
3
|
module Spree
|
|
4
4
|
module Api
|
|
5
5
|
class PromotionsController < Spree::Api::BaseController
|
|
6
|
-
before_action :requires_admin
|
|
7
6
|
before_action :load_promotion
|
|
8
7
|
|
|
9
8
|
def show
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
else
|
|
13
|
-
raise ActiveRecord::RecordNotFound
|
|
14
|
-
end
|
|
9
|
+
authorize! :show, @promotion
|
|
10
|
+
respond_with(@promotion, default_template: :show)
|
|
15
11
|
end
|
|
16
12
|
|
|
17
13
|
private
|
|
18
14
|
|
|
19
|
-
def requires_admin
|
|
20
|
-
return if @current_user_roles.include?("admin")
|
|
21
|
-
unauthorized && return
|
|
22
|
-
end
|
|
23
|
-
|
|
24
15
|
def load_promotion
|
|
25
|
-
@promotion = Spree::Promotion.
|
|
16
|
+
@promotion = Spree::Promotion.with_coupon_code(params[:id]) || Spree::Promotion.find(params[:id])
|
|
26
17
|
end
|
|
27
18
|
end
|
|
28
19
|
end
|
|
@@ -6,7 +6,7 @@ module Spree
|
|
|
6
6
|
before_action :find_property, only: [:show, :update, :destroy]
|
|
7
7
|
|
|
8
8
|
def index
|
|
9
|
-
@properties = Spree::Property.accessible_by(current_ability
|
|
9
|
+
@properties = Spree::Property.accessible_by(current_ability)
|
|
10
10
|
|
|
11
11
|
if params[:ids]
|
|
12
12
|
ids = params[:ids].split(",").flatten
|
|
@@ -39,7 +39,7 @@ module Spree
|
|
|
39
39
|
def update
|
|
40
40
|
if @property
|
|
41
41
|
authorize! :update, @property
|
|
42
|
-
@property.
|
|
42
|
+
@property.update(property_params)
|
|
43
43
|
respond_with(@property, status: 200, default_template: :show)
|
|
44
44
|
else
|
|
45
45
|
invalid_resource!(@property)
|
|
@@ -59,9 +59,9 @@ module Spree
|
|
|
59
59
|
private
|
|
60
60
|
|
|
61
61
|
def find_property
|
|
62
|
-
@property = Spree::Property.accessible_by(current_ability, :
|
|
62
|
+
@property = Spree::Property.accessible_by(current_ability, :show).find(params[:id])
|
|
63
63
|
rescue ActiveRecord::RecordNotFound
|
|
64
|
-
@property = Spree::Property.accessible_by(current_ability, :
|
|
64
|
+
@property = Spree::Property.accessible_by(current_ability, :show).find_by!(name: params[:id])
|
|
65
65
|
end
|
|
66
66
|
|
|
67
67
|
def property_params
|
|
@@ -4,7 +4,7 @@ class Spree::Api::ResourceController < Spree::Api::BaseController
|
|
|
4
4
|
before_action :load_resource, only: [:show, :update, :destroy]
|
|
5
5
|
|
|
6
6
|
def index
|
|
7
|
-
collection_scope = model_class.accessible_by(current_ability
|
|
7
|
+
collection_scope = model_class.accessible_by(current_ability)
|
|
8
8
|
if params[:ids]
|
|
9
9
|
ids = params[:ids].split(",").flatten
|
|
10
10
|
collection_scope = collection_scope.where(id: ids)
|
|
@@ -43,7 +43,7 @@ class Spree::Api::ResourceController < Spree::Api::BaseController
|
|
|
43
43
|
def update
|
|
44
44
|
authorize! :update, @object
|
|
45
45
|
|
|
46
|
-
if @object.
|
|
46
|
+
if @object.update(permitted_resource_params)
|
|
47
47
|
respond_with(@object, status: 200, default_template: :show)
|
|
48
48
|
else
|
|
49
49
|
invalid_resource!(@object)
|
|
@@ -65,7 +65,7 @@ class Spree::Api::ResourceController < Spree::Api::BaseController
|
|
|
65
65
|
protected
|
|
66
66
|
|
|
67
67
|
def load_resource
|
|
68
|
-
@object = model_class.accessible_by(current_ability, :
|
|
68
|
+
@object = model_class.accessible_by(current_ability, :show).find(params[:id])
|
|
69
69
|
instance_variable_set("@#{object_name}", @object)
|
|
70
70
|
end
|
|
71
71
|
|
|
@@ -29,7 +29,7 @@ module Spree
|
|
|
29
29
|
|
|
30
30
|
@return_authorizations = @order.
|
|
31
31
|
return_authorizations.
|
|
32
|
-
accessible_by(current_ability
|
|
32
|
+
accessible_by(current_ability).
|
|
33
33
|
ransack(params[:q]).
|
|
34
34
|
result
|
|
35
35
|
|
|
@@ -44,13 +44,13 @@ module Spree
|
|
|
44
44
|
|
|
45
45
|
def show
|
|
46
46
|
authorize! :admin, ReturnAuthorization
|
|
47
|
-
@return_authorization = @order.return_authorizations.accessible_by(current_ability, :
|
|
47
|
+
@return_authorization = @order.return_authorizations.accessible_by(current_ability, :show).find(params[:id])
|
|
48
48
|
respond_with(@return_authorization)
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
def update
|
|
52
52
|
@return_authorization = @order.return_authorizations.accessible_by(current_ability, :update).find(params[:id])
|
|
53
|
-
if @return_authorization.
|
|
53
|
+
if @return_authorization.update(return_authorization_params)
|
|
54
54
|
respond_with(@return_authorization, default_template: :show)
|
|
55
55
|
else
|
|
56
56
|
invalid_resource!(@return_authorization)
|
|
@@ -70,7 +70,7 @@ module Spree
|
|
|
70
70
|
|
|
71
71
|
def load_order
|
|
72
72
|
@order ||= Spree::Order.find_by!(number: order_id)
|
|
73
|
-
authorize! :
|
|
73
|
+
authorize! :show, @order
|
|
74
74
|
end
|
|
75
75
|
|
|
76
76
|
def return_authorization_params
|
|
@@ -132,7 +132,7 @@ module Spree
|
|
|
132
132
|
|
|
133
133
|
def find_order_on_create
|
|
134
134
|
@order = Spree::Order.find_by!(number: params[:shipment][:order_id])
|
|
135
|
-
authorize! :
|
|
135
|
+
authorize! :show, @order
|
|
136
136
|
end
|
|
137
137
|
|
|
138
138
|
def find_shipment
|
|
@@ -146,7 +146,7 @@ module Spree
|
|
|
146
146
|
end
|
|
147
147
|
|
|
148
148
|
def update_shipment
|
|
149
|
-
@shipment.
|
|
149
|
+
@shipment.update(shipment_params)
|
|
150
150
|
@shipment.reload
|
|
151
151
|
end
|
|
152
152
|
|
|
@@ -25,10 +25,10 @@ module Spree
|
|
|
25
25
|
|
|
26
26
|
def scope
|
|
27
27
|
if params[:country_id]
|
|
28
|
-
@country = Spree::Country.accessible_by(current_ability, :
|
|
29
|
-
@country.states.accessible_by(current_ability
|
|
28
|
+
@country = Spree::Country.accessible_by(current_ability, :show).find(params[:country_id])
|
|
29
|
+
@country.states.accessible_by(current_ability)
|
|
30
30
|
else
|
|
31
|
-
Spree::State.accessible_by(current_ability
|
|
31
|
+
Spree::State.accessible_by(current_ability)
|
|
32
32
|
end
|
|
33
33
|
end
|
|
34
34
|
end
|
|
@@ -40,7 +40,7 @@ module Spree
|
|
|
40
40
|
adjustment -= @stock_item.count_on_hand if params[:stock_item][:force]
|
|
41
41
|
|
|
42
42
|
Spree::StockItem.transaction do
|
|
43
|
-
if @stock_item.
|
|
43
|
+
if @stock_item.update(stock_item_params)
|
|
44
44
|
adjust_stock_item_count_on_hand(adjustment)
|
|
45
45
|
respond_with(@stock_item, status: 200, default_template: :show)
|
|
46
46
|
else
|
|
@@ -58,12 +58,12 @@ module Spree
|
|
|
58
58
|
private
|
|
59
59
|
|
|
60
60
|
def load_stock_location
|
|
61
|
-
@stock_location ||= Spree::StockLocation.accessible_by(current_ability).find(params.fetch(:stock_location_id))
|
|
61
|
+
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :show).find(params.fetch(:stock_location_id))
|
|
62
62
|
end
|
|
63
63
|
|
|
64
64
|
def scope
|
|
65
65
|
includes = { variant: [{ option_values: :option_type }, :product] }
|
|
66
|
-
@stock_location.stock_items.accessible_by(current_ability
|
|
66
|
+
@stock_location.stock_items.accessible_by(current_ability).includes(includes)
|
|
67
67
|
end
|
|
68
68
|
|
|
69
69
|
def stock_item_params
|
|
@@ -4,10 +4,10 @@ module Spree
|
|
|
4
4
|
module Api
|
|
5
5
|
class StockLocationsController < Spree::Api::BaseController
|
|
6
6
|
def index
|
|
7
|
-
authorize! :
|
|
7
|
+
authorize! :index, StockLocation
|
|
8
8
|
|
|
9
9
|
@stock_locations = StockLocation.
|
|
10
|
-
accessible_by(current_ability
|
|
10
|
+
accessible_by(current_ability).
|
|
11
11
|
order('name ASC').
|
|
12
12
|
ransack(params[:q]).
|
|
13
13
|
result
|
|
@@ -33,7 +33,7 @@ module Spree
|
|
|
33
33
|
|
|
34
34
|
def update
|
|
35
35
|
authorize! :update, stock_location
|
|
36
|
-
if stock_location.
|
|
36
|
+
if stock_location.update(stock_location_params)
|
|
37
37
|
respond_with(stock_location, status: 200, default_template: :show)
|
|
38
38
|
else
|
|
39
39
|
invalid_resource!(stock_location)
|
|
@@ -49,7 +49,7 @@ module Spree
|
|
|
49
49
|
private
|
|
50
50
|
|
|
51
51
|
def stock_location
|
|
52
|
-
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :
|
|
52
|
+
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :show).find(params[:id])
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
def stock_location_params
|
|
@@ -6,7 +6,7 @@ module Spree
|
|
|
6
6
|
before_action :stock_location, except: [:update, :destroy]
|
|
7
7
|
|
|
8
8
|
def index
|
|
9
|
-
authorize! :
|
|
9
|
+
authorize! :index, StockMovement
|
|
10
10
|
@stock_movements = paginate(scope.ransack(params[:q]).result)
|
|
11
11
|
respond_with(@stock_movements)
|
|
12
12
|
end
|
|
@@ -29,11 +29,11 @@ module Spree
|
|
|
29
29
|
private
|
|
30
30
|
|
|
31
31
|
def stock_location
|
|
32
|
-
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :
|
|
32
|
+
@stock_location ||= Spree::StockLocation.accessible_by(current_ability, :show).find(params[:stock_location_id])
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def scope
|
|
36
|
-
@stock_location.stock_movements.accessible_by(current_ability
|
|
36
|
+
@stock_location.stock_movements.accessible_by(current_ability)
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
def stock_movement_params
|
|
@@ -6,8 +6,8 @@ module Spree
|
|
|
6
6
|
before_action :get_store, except: [:index, :create]
|
|
7
7
|
|
|
8
8
|
def index
|
|
9
|
-
authorize! :
|
|
10
|
-
@stores = Spree::Store.accessible_by(current_ability
|
|
9
|
+
authorize! :index, Store
|
|
10
|
+
@stores = Spree::Store.accessible_by(current_ability).all
|
|
11
11
|
respond_with(@stores)
|
|
12
12
|
end
|
|
13
13
|
|
|
@@ -24,7 +24,7 @@ module Spree
|
|
|
24
24
|
|
|
25
25
|
def update
|
|
26
26
|
authorize! :update, @store
|
|
27
|
-
if @store.
|
|
27
|
+
if @store.update(store_params)
|
|
28
28
|
respond_with(@store, status: 200, default_template: :show)
|
|
29
29
|
else
|
|
30
30
|
invalid_resource!(@store)
|
|
@@ -32,7 +32,7 @@ module Spree
|
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
def show
|
|
35
|
-
authorize! :
|
|
35
|
+
authorize! :show, @store
|
|
36
36
|
respond_with(@store)
|
|
37
37
|
end
|
|
38
38
|
|
|
@@ -33,7 +33,7 @@ module Spree
|
|
|
33
33
|
|
|
34
34
|
def update
|
|
35
35
|
authorize! :update, taxonomy
|
|
36
|
-
if taxonomy.
|
|
36
|
+
if taxonomy.update(taxonomy_params)
|
|
37
37
|
respond_with(taxonomy, status: 200, default_template: :show)
|
|
38
38
|
else
|
|
39
39
|
invalid_resource!(taxonomy)
|
|
@@ -50,7 +50,7 @@ module Spree
|
|
|
50
50
|
|
|
51
51
|
def taxonomies
|
|
52
52
|
@taxonomies = Taxonomy.
|
|
53
|
-
accessible_by(current_ability
|
|
53
|
+
accessible_by(current_ability).
|
|
54
54
|
order('name').
|
|
55
55
|
includes(root: :children).
|
|
56
56
|
ransack(params[:q]).
|
|
@@ -58,7 +58,9 @@ module Spree
|
|
|
58
58
|
end
|
|
59
59
|
|
|
60
60
|
def taxonomy
|
|
61
|
-
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :
|
|
61
|
+
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :show).
|
|
62
|
+
includes(root: :children).
|
|
63
|
+
find(params[:id])
|
|
62
64
|
end
|
|
63
65
|
|
|
64
66
|
def taxonomy_params
|
|
@@ -7,9 +7,9 @@ module Spree
|
|
|
7
7
|
if taxonomy
|
|
8
8
|
@taxons = taxonomy.root.children
|
|
9
9
|
elsif params[:ids]
|
|
10
|
-
@taxons = Spree::Taxon.accessible_by(current_ability
|
|
10
|
+
@taxons = Spree::Taxon.accessible_by(current_ability).where(id: params[:ids].split(','))
|
|
11
11
|
else
|
|
12
|
-
@taxons = Spree::Taxon.accessible_by(current_ability
|
|
12
|
+
@taxons = Spree::Taxon.accessible_by(current_ability).order(:taxonomy_id, :lft).ransack(params[:q]).result
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
unless params[:without_children]
|
|
@@ -56,7 +56,7 @@ module Spree
|
|
|
56
56
|
|
|
57
57
|
def update
|
|
58
58
|
authorize! :update, taxon
|
|
59
|
-
if taxon.
|
|
59
|
+
if taxon.update(taxon_params)
|
|
60
60
|
respond_with(taxon, status: 200, default_template: :show)
|
|
61
61
|
else
|
|
62
62
|
invalid_resource!(taxon)
|
|
@@ -96,12 +96,12 @@ module Spree
|
|
|
96
96
|
|
|
97
97
|
def taxonomy
|
|
98
98
|
if params[:taxonomy_id].present?
|
|
99
|
-
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :
|
|
99
|
+
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :show).find(params[:taxonomy_id])
|
|
100
100
|
end
|
|
101
101
|
end
|
|
102
102
|
|
|
103
103
|
def taxon
|
|
104
|
-
@taxon ||= taxonomy.taxons.accessible_by(current_ability, :
|
|
104
|
+
@taxon ||= taxonomy.taxons.accessible_by(current_ability, :show).find(params[:id])
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
def taxon_params
|
|
@@ -1,6 +1,19 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
class Spree::Api::UsersController < Spree::Api::ResourceController
|
|
4
|
+
def index
|
|
5
|
+
user_scope = model_class.accessible_by(current_ability, :show)
|
|
6
|
+
if params[:ids]
|
|
7
|
+
ids = params[:ids].split(",").flatten
|
|
8
|
+
@users = user_scope.where(id: ids)
|
|
9
|
+
else
|
|
10
|
+
@users = user_scope.ransack(params[:q]).result
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
@users = paginate(@users.distinct)
|
|
14
|
+
respond_with(@users)
|
|
15
|
+
end
|
|
16
|
+
|
|
4
17
|
private
|
|
5
18
|
|
|
6
19
|
attr_reader :user
|