solidus_api 2.9.6 → 2.11.0

data/spec/features/checkout_spec.rb

@@ -1,192 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-module Spree
-  describe 'Api Feature Specs', type: :request do
-    before do
-      stub_spree_preferences(Spree::Api::Config, requires_authentication: false)
-    end
-    let!(:promotion) { FactoryBot.create(:promotion, :with_order_adjustment, code: 'foo', weighted_order_adjustment_amount: 10) }
-    let(:promotion_code) { promotion.codes.first }
-    let!(:store) { FactoryBot.create(:store) }
-    let(:bill_address) { FactoryBot.create(:address) }
-    let(:ship_address) { FactoryBot.create(:address) }
-    let(:variant_1) { FactoryBot.create(:variant, price: 100.00) }
-    let(:variant_2) { FactoryBot.create(:variant, price: 200.00) }
-    let(:payment_method) { FactoryBot.create(:check_payment_method) }
-    let!(:shipping_method) do
-      FactoryBot.create(:shipping_method).tap do |shipping_method|
-        shipping_method.zones.first.zone_members.create!(zoneable: ship_address.country)
-        shipping_method.calculator.set_preference(:amount, 10.0)
-      end
-    end
-
-    def parsed
-      JSON.parse(response.body)
-    end
-
-    def login
-      expect {
-        post '/api/users', params: {
-          user: {
-            email: "featurecheckoutuser@example.com",
-            password: "featurecheckoutuser"
-          }
-        }
-      }.to change { Spree.user_class.count }.by 1
-      expect(response).to have_http_status(:created)
-      @user = Spree.user_class.find(parsed['id'])
-
-      # copied from api testing helpers support since we can't really sign in
-      allow(Spree::LegacyUser).to receive(:find_by).with(hash_including(:spree_api_key)) { @user }
-    end
-
-    def create_order(order_params: {})
-      expect { post '/api/orders', params: order_params }.to change { Order.count }.by 1
-      expect(response).to have_http_status(:created)
-      @order = Order.find(parsed['id'])
-      expect(@order.email).to eq "featurecheckoutuser@example.com"
-    end
-
-    def update_order(order_params: {})
-      put "/api/orders/#{@order.number}", params: order_params
-      expect(response).to have_http_status(:ok)
-    end
-
-    def create_line_item(variant, quantity = 1)
-      expect {
-        post "/api/orders/#{@order.number}/line_items",
-          params: { line_item: { variant_id: variant.id, quantity: quantity } }
-      }.to change { @order.line_items.count }.by 1
-      expect(response).to have_http_status(:created)
-    end
-
-    def add_promotion(_promotion)
-      expect {
-        post "/api/orders/#{@order.number}/coupon_codes",
-          params: { coupon_code: promotion_code.value }
-      }.to change { @order.promotions.count }.by 1
-      expect(response).to have_http_status(:ok)
-    end
-
-    def add_address(address, billing: true)
-      address_type = billing ? :bill_address : :ship_address
-      # It seems we are missing an order-scoped address api endpoint since we need
-      # to use update here.
-      expect {
-        update_order(order_params: { order: { address_type => address.attributes.except('id') } })
-      }.to change { @order.reload.public_send(address_type) }.to address
-    end
-
-    def add_payment
-      expect {
-        post "/api/orders/#{@order.number}/payments",
-          params: { payment: { payment_method_id: payment_method.id } }
-      }.to change { @order.reload.payments.count }.by 1
-      expect(response).to have_http_status(:created)
-      expect(@order.payments.last.payment_method).to eq payment_method
-    end
-
-    def advance
-      put "/api/checkouts/#{@order.number}/advance"
-      expect(response).to have_http_status(:ok)
-    end
-
-    def complete
-      put "/api/checkouts/#{@order.number}/complete"
-      expect(response).to have_http_status(:ok)
-    end
-
-    def assert_order_expectations
-      @order.reload
-      expect(@order.state).to eq 'complete'
-      expect(@order.completed_at).to be_a ActiveSupport::TimeWithZone
-      expect(@order.item_total).to eq 600.00
-      expect(@order.total).to eq 600.00
-      expect(@order.adjustment_total).to eq(-10.00)
-      expect(@order.shipment_total).to eq 10.00
-      expect(@order.user).to eq @user
-      expect(@order.bill_address).to eq bill_address
-      expect(@order.ship_address).to eq ship_address
-      expect(@order.payments.length).to eq 1
-      expect(@order.line_items.any? { |li| li.variant == variant_1 && li.quantity == 2 }).to eq true
-      expect(@order.line_items.any? { |li| li.variant == variant_2 && li.quantity == 2 }).to eq true
-      expect(@order.promotions).to eq [promotion]
-    end
-
-    it "is able to checkout with individualized requests" do
-      login
-      create_order
-
-      create_line_item(variant_1, 2)
-      add_promotion(promotion)
-      create_line_item(variant_2, 2)
-
-      add_address(bill_address)
-      add_address(ship_address, billing: false)
-
-      add_payment
-
-      advance
-      complete
-
-      assert_order_expectations
-    end
-
-    it "is able to checkout with the create request" do
-      login
-
-      create_order(order_params: {
-        order: {
-          bill_address: bill_address.as_json.except('id'),
-          ship_address: ship_address.as_json.except('id'),
-          line_items: {
-            0 => { variant_id: variant_1.id, quantity: 2 },
-            1 => { variant_id: variant_2.id, quantity: 2 }
-          },
-          # Would like to do this, but it puts the payment in a complete state,
-          # which the order does not like when transitioning from confirm to complete
-          # since it looks to process pending payments.
-          # payments: [ { payment_method: payment_method.name, state: "pending" } ],
-        }
-      })
-
-      add_promotion(promotion)
-      add_payment
-
-      advance
-      complete
-
-      assert_order_expectations
-    end
-
-    it "is able to checkout with the update request" do
-      login
-
-      create_order
-      update_order(order_params: {
-        order: {
-          bill_address: bill_address.as_json.except('id'),
-          ship_address: ship_address.as_json.except('id'),
-          line_items: {
-            0 => { variant_id: variant_1.id, quantity: 2 },
-            1 => { variant_id: variant_2.id, quantity: 2 }
-          },
-          # Would like to do this, but it puts the payment in a complete state,
-          # which the order does not like when transitioning from confirm to complete
-          # since it looks to process pending payments.
-          # payments: [ { payment_method: payment_method.name, state: "pending" } ],
-        }
-      })
-
-      add_promotion(promotion)
-      add_payment
-
-      advance
-      complete
-
-      assert_order_expectations
-    end
-  end
-end

data/spec/models/spree/legacy_user_spec.rb

@@ -1,103 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-module Spree
-  describe LegacyUser, type: :model do
-    let(:user) { LegacyUser.new }
-
-    it "can generate an API key" do
-      expect(user).to receive(:save!)
-      expect { user.generate_spree_api_key! }.to change(user, :spree_api_key).to be_present
-    end
-
-    it "can generate an API key without persisting" do
-      expect(user).not_to receive(:save!)
-      expect { user.generate_spree_api_key }.to change(user, :spree_api_key).to be_present
-    end
-
-    it "can clear an API key" do
-      user.spree_api_key = 'abc123'
-      expect(user).to receive(:save!)
-      expect { user.clear_spree_api_key! }.to change(user, :spree_api_key).to be_blank
-    end
-
-    it "can clear an api key without persisting" do
-      user.spree_api_key = 'abc123'
-      expect(user).not_to receive(:save!)
-      expect { user.clear_spree_api_key }.to change(user, :spree_api_key).to be_blank
-    end
-
-    context "auto-api-key grant" do
-      context "after role user create" do
-        let(:user) { create(:user) }
-        before { expect(user.spree_roles).to be_blank }
-        subject { user.spree_roles << role }
-
-        context "roles_for_auto_api_key default" do
-          let(:role) { create(:role, name: "admin") }
-
-          context "the user has no api key" do
-            before { user.clear_spree_api_key! }
-            it { expect { subject }.to change { user.reload.spree_api_key }.from(nil) }
-          end
-
-          context "the user already has an api key" do
-            before { user.generate_spree_api_key! }
-            it { expect { subject }.not_to change { user.reload.spree_api_key } }
-          end
-        end
-
-        context "roles_for_auto_api_key is defined" do
-          let(:role) { create(:role, name: 'hobbit') }
-          let(:undesired_role) { create(:role, name: "foo") }
-
-          before {
-            user.clear_spree_api_key!
-            stub_spree_preferences(roles_for_auto_api_key: ['hobbit'])
-          }
-
-          it { expect { subject }.to change { user.reload.spree_api_key }.from(nil) }
-          it { expect { user.spree_roles << undesired_role }.not_to change { user.reload.spree_api_key } }
-        end
-
-        context "for all roles" do
-          let(:role) { create(:role, name: 'hobbit') }
-          let(:other_role) { create(:role, name: 'wizard') }
-          let(:other_user) { create(:user) }
-
-          before {
-            user.clear_spree_api_key!
-            other_user.clear_spree_api_key!
-            stub_spree_preferences(generate_api_key_for_all_roles: true)
-          }
-
-          it { expect { subject }.to change { user.reload.spree_api_key }.from(nil) }
-          it { expect { other_user.spree_roles << other_role }.to change { other_user.reload.spree_api_key }.from(nil) }
-        end
-      end
-
-      context "after user create" do
-        let(:user) { LegacyUser.new }
-
-        context "generate_api_key_for_all_roles" do
-          it "does not grant api key default" do
-            expect(user.spree_api_key).to eq(nil)
-
-            user.save!
-            expect(user.spree_api_key).to eq(nil)
-          end
-
-          it "grants an api key on create when set to true" do
-            stub_spree_preferences(generate_api_key_for_all_roles: true)
-
-            expect(user.spree_api_key).to eq(nil)
-
-            user.save!
-            expect(user.spree_api_key).not_to eq(nil)
-          end
-        end
-      end
-    end
-  end
-end

data/spec/requests/api/address_books_spec.rb

@@ -1,240 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-module Spree
-  describe Api::AddressBooksController, type: :request do
-    let!(:state) { create(:state) }
-    let!(:harry_address_attributes) do
-      {
-        'firstname' => 'Harry',
-        'lastname' => 'Potter',
-        'address1' => '4 Privet Drive',
-        'address2' => 'cupboard under the stairs',
-        'city' => 'Surrey',
-        'zipcode' => '10010',
-        'phone' => '555-5555',
-        'state_id' => state.id,
-        'country_id' => state.country.id
-      }
-    end
-
-    let!(:ron_address_attributes) do
-      {
-        'firstname' => 'Ron',
-        'lastname' => 'Weasly',
-        'address1' => 'Ottery St. Catchpole',
-        'address2' => '4th floor',
-        'city' => 'Devon, West Country',
-        'zipcode' => '10010',
-        'phone' => '555-5555',
-        'state_id' => state.id,
-        'country_id' => state.country.id
-      }
-    end
-
-    context 'as address book owner' do
-      context 'with ability' do
-        it 'returns my address book' do
-          user = create(:user, spree_api_key: 'galleon')
-          user.save_in_address_book(harry_address_attributes, true)
-          user.save_in_address_book(ron_address_attributes, false)
-
-          get "/api/users/#{user.id}/address_book",
-            headers: { Authorization: 'Bearer galleon' }
-
-          json_response = JSON.parse(response.body)
-          expect(response.status).to eq(200)
-          expect(json_response.length).to eq(2)
-          expect(json_response).to include(
-            hash_including(harry_address_attributes.merge!('default' => true)),
-              hash_including(ron_address_attributes.merge!('default' => false))
-            )
-        end
-
-        it 'updates my address book' do
-          user = create(:user, spree_api_key: 'galleon')
-          address = user.save_in_address_book(harry_address_attributes, true)
-          harry_address_attributes['firstname'] = 'Ron'
-
-          expect {
-            put "/api/users/#{user.id}/address_book",
-              params:  { address_book: harry_address_attributes.merge('id' => address.id) },
-              headers: { Authorization: 'Bearer galleon' }
-          }.to change { UserAddress.count }.from(1).to(2)
-
-          expect(response.status).to eq(200)
-          expect(JSON.parse(response.body).first).to include(harry_address_attributes)
-        end
-
-        context 'when creating an address' do
-          it 'marks the update_target' do
-            user = create(:user, spree_api_key: 'galleon')
-
-            expect {
-              put "/api/users/#{user.id}/address_book",
-                params:  { address_book: harry_address_attributes },
-                headers: { Authorization: 'Bearer galleon' }
-            }.to change { UserAddress.count }.by(1)
-
-            user_address = UserAddress.last
-
-            expect(response.status).to eq(200)
-            update_target_ids = JSON.parse(response.body).select { |a| a['update_target'] }.map { |a| a['id'] }
-            expect(update_target_ids).to eq([user_address.address_id])
-          end
-        end
-
-        context 'when updating an address' do
-          it 'marks the update_target' do
-            user = create(:user, spree_api_key: 'galleon')
-            address = user.save_in_address_book(harry_address_attributes, true)
-
-            expect {
-              put "/api/users/#{user.id}/address_book",
-                params:  { address_book: harry_address_attributes },
-                headers: { Authorization: 'Bearer galleon' }
-            }.to_not change { UserAddress.count }
-
-            expect(response.status).to eq(200)
-            update_target_ids = JSON.parse(response.body).select { |a| a['update_target'] }.map { |a| a['id'] }
-            expect(update_target_ids).to eq([address.id])
-          end
-        end
-
-        it 'archives my address' do
-          address = create(:address)
-          user = create(:user, spree_api_key: 'galleon')
-          user.save_in_address_book(address.attributes, false)
-
-          expect {
-            delete "/api/users/#{user.id}/address_book",
-              params:  { address_id: address.id },
-              headers: { Authorization: 'Bearer galleon' }
-          }.to change { user.reload.user_addresses.count }.from(1).to(0)
-
-          expect(response.status).to eq(200)
-        end
-      end
-    end
-
-    context 'on behalf of address book owner' do
-      context 'with ability' do
-        before do
-          Spree::Config.roles.assign_permissions 'Prefect', [Spree::PermissionSets::UserManagement]
-          create(:user, spree_api_key: 'galleon', spree_roles: [build(:role, name: 'Prefect')])
-        end
-
-        it "returns another user's address book" do
-          other_user = create(:user)
-          other_user.save_in_address_book(harry_address_attributes, true)
-          other_user.save_in_address_book(ron_address_attributes, false)
-
-          get "/api/users/#{other_user.id}/address_book",
-            headers: { Authorization: 'Bearer galleon' }
-
-          json_response = JSON.parse(response.body)
-          expect(response.status).to eq(200)
-          expect(json_response.length).to eq(2)
-          expect(json_response).to include(
-            hash_including(harry_address_attributes.merge!('default' => true)),
-              hash_including(ron_address_attributes.merge!('default' => false))
-            )
-        end
-
-        it "updates another user's address" do
-          other_user = create(:user)
-          address = other_user.save_in_address_book(harry_address_attributes, true)
-          updated_harry_address = harry_address_attributes.merge('firstname' => 'Ron')
-
-          expect {
-            put "/api/users/#{other_user.id}/address_book",
-            params:  { address_book: updated_harry_address.merge('id' => address.id) },
-            headers: { Authorization: 'Bearer galleon' }
-          }.to change { UserAddress.count }.from(1).to(2)
-
-          expect(response.status).to eq(200)
-          expect(JSON.parse(response.body).first).to include(updated_harry_address)
-        end
-
-        it "archives another user's address" do
-          address = create(:address)
-          other_user = create(:user)
-          other_user.save_in_address_book(address.attributes, false)
-
-          expect {
-            delete "/api/users/#{other_user.id}/address_book",
-              params:  { address_id: address.id },
-              headers: { Authorization: 'Bearer galleon' }
-          }.to change { other_user.reload.user_addresses.count }.from(1).to(0)
-
-          expect(response.status).to eq(200)
-        end
-      end
-
-      context 'without ability' do
-        it 'does not return another user address book' do
-          create(:user, spree_api_key: 'galleon')
-          other_user = create(:user)
-          other_user.save_in_address_book(harry_address_attributes, true)
-
-          get "/api/users/#{other_user.id}/address_book",
-            headers: { Authorization: 'Bearer galleon' }
-
-          expect(response.status).to eq(401)
-        end
-
-        it 'does not update another user address' do
-          address = create(:address)
-          other_user = create(:user)
-          other_user_address = other_user.save_in_address_book(address.attributes, true)
-          create(:user, spree_api_key: 'galleon')
-
-          expect {
-            put "/api/users/#{other_user.id}/address_book",
-            params:  { address_book: other_user_address.attributes.merge('address1' => 'Hogwarts') },
-            headers: { Authorization: 'Bearer galleon' }
-          }.not_to change { UserAddress.count }
-
-          expect(response.status).to eq(401)
-        end
-
-        it 'does not archive another user address' do
-          address = create(:address)
-          other_user = create(:user)
-          other_user.save_in_address_book(address.attributes, true)
-          create(:user, spree_api_key: 'galleon')
-
-          expect {
-            delete "/api/users/#{other_user.id}/address_book",
-              params:  { address_id: address.id },
-              headers: { Authorization: 'Bearer galleon' }
-          }.not_to change { other_user.user_addresses.count }
-
-          expect(response.status).to eq(401)
-        end
-      end
-    end
-
-    context 'unauthenticated' do
-      before do
-        @user = create(:user)
-      end
-
-      it 'GET returns a 401' do
-        get "/api/users/#{@user.id}/address_book"
-        expect(response.status).to eq(401)
-      end
-
-      it 'UPDATE returns a 401' do
-        put "/api/users/#{@user.id}/address_book"
-        expect(response.status).to eq(401)
-      end
-
-      it 'DELETE returns a 401' do
-        delete "/api/users/#{@user.id}/address_book"
-        expect(response.status).to eq(401)
-      end
-    end
-  end
-end