solidus_api 3.1.7 → 3.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 440ae689455172a49125134dad977d4a948215f3386c181af4f510190ddb86b0
-  data.tar.gz: 9eadc6ea4aae64c3422b5f827e3abe7b73edbca654bd3b4c276bf053ad5fa87e
+  metadata.gz: '07619ac156e431da839ea2f95ce4ccf042f5df2fe681258c8722c6612509be07'
+  data.tar.gz: fbf7ff83c8c4eef3c8d39e7d83956bf97ad08944a918cff34c97a0420ed0992f
 SHA512:
-  metadata.gz: fe44c71437db7745a575f1346f6630ed8e6309f523ef001146a6662aa4c16e6a4eba6bdbd036c1297cefa4ae7a2529fc2fcb94ac4105084ae8f322092100281c
-  data.tar.gz: 8b99910419fed4163125a4a7d488d00dd917e3e4aa5924f2994f6f243558ac00b0b0b39019187ce4f6d5736085aec7a2a07e743ddd07962f92aab80a3bb8034c
+  metadata.gz: 3b5b8d39d9f9e82cefef4e5cae228d28a2deb284585401f3f6b18ba0de09ef5969feb137a893aa6223309e6abcc131b2f448c3211c58671ee4a36280a25e9ed0
+  data.tar.gz: eabba9d8ddb552c438bb41242234ff137c40c23bf6fbd21d800d1623c49e9b567d673468f2ba374911e1372598c096a5b8da17f0704a99c1d3bd4d79c2180cd2

data/README.md

@@ -40,5 +40,5 @@ version is released.
   easily extend it with the endpoints provided by your Solidus extensions!
 
 [docs-dir]: https://github.com/solidusio/solidus/tree/master/api/openapi
-[live-docs]: https://solidus.docs.stoplight.io
+[live-docs]: https://solidus.stoplight.io
 [studio]: https://stoplight.io/p/studio

data/app/controllers/spree/api/option_values_controller.rb

@@ -13,11 +13,20 @@ module Spree
       end
 
       def show
+        warn_if_nested_member_route
+
         @option_value = scope.find(params[:id])
         respond_with(@option_value)
       end
 
       def create
+        Spree::Deprecation.warn <<~MSG unless request.path.include?('/option_types/')
+          This route is deprecated, as it'll be no longer possible to create an
+          option_value without an associated option_type. Please, use instead:
+
+            POST api/option_types/{option_type_id}/option_values
+        MSG
+
         authorize! :create, Spree::OptionValue
         @option_value = scope.new(option_value_params)
         if @option_value.save
@@ -28,6 +37,8 @@ module Spree
       end
 
       def update
+        warn_if_nested_member_route
+
         @option_value = scope.accessible_by(current_ability, :update).find(params[:id])
         if @option_value.update(option_value_params)
           render :show
@@ -37,6 +48,8 @@ module Spree
       end
 
       def destroy
+        warn_if_nested_member_route
+
         @option_value = scope.accessible_by(current_ability, :destroy).find(params[:id])
         @option_value.destroy
         render plain: nil, status: 204
@@ -55,6 +68,14 @@ module Spree
       def option_value_params
         params.require(:option_value).permit(permitted_option_value_attributes)
       end
+
+      def warn_if_nested_member_route
+        Spree::Deprecation.warn <<~MSG if request.path.include?('/option_types/')
+          This route is deprecated. Use shallow version instead:
+
+            #{request.method.upcase} api/option_values/:id
+        MSG
+      end
     end
   end
 end

data/app/controllers/spree/api/resource_controller.rb

@@ -1,8 +1,17 @@
 # frozen_string_literal: true
 
+# @deprecated Inherit directly from Spree::Api::BaseController
 class Spree::Api::ResourceController < Spree::Api::BaseController
   before_action :load_resource, only: [:show, :update, :destroy]
 
+  def self.inherited(klass)
+    Spree::Deprecation.warn <<~MSG
+      Spree::Api::ResourceController is deprecated. Please, copy any logic you
+      need and inherit directly from Spree::Api::BaseController.
+    MSG
+    super
+  end
+
   def index
     collection_scope = model_class.accessible_by(current_ability)
     if params[:ids]

data/app/controllers/spree/api/shipments_controller.rb

@@ -40,13 +40,31 @@ module Spree
 
       def create
         authorize! :create, Shipment
-        quantity = params[:quantity].to_i
+
         @shipment = @order.shipments.create(stock_location_id: params.fetch(:stock_location_id))
-        @order.contents.add(variant, quantity, { shipment: @shipment })
 
-        @shipment.save!
+        if passing_deprecated_params_on_create?
+          Spree::Deprecation.warn <<~MSG
+          Passing `quantity` or `variant_id` to
 
-        respond_with(@shipment.reload, default_template: :show)
+              POST /api/shipments
+
+          is deprecated and won't be allowed anymore starting from Solidus 4.0.
+          Instead, create an empty shipment and add items to it subsequently using
+          the dedicated endpoint:
+
+              PUT /api/shipments/{shipment_number}/add
+
+          MSG
+
+          quantity = params[:quantity].to_i
+          variant = Spree::Variant.unscoped.find(params[:variant_id])
+          @order.contents.add(variant, quantity, { shipment: @shipment })
+          @shipment.save!
+          @shipment.reload
+        end
+
+        respond_with(@shipment, default_template: :show)
       end
 
       def update
@@ -130,6 +148,10 @@ module Spree
         authorize! :create, Shipment
       end
 
+      def passing_deprecated_params_on_create?
+        params[:variant_id] || params[:quantity]
+      end
+
       def find_order_on_create
         @order = Spree::Order.find_by!(number: params[:shipment][:order_id])
         authorize! :show, @order

data/app/controllers/spree/api/users_controller.rb

@@ -1,8 +1,10 @@
 # frozen_string_literal: true
 
-class Spree::Api::UsersController < Spree::Api::ResourceController
+class Spree::Api::UsersController < Spree::Api::BaseController
+  before_action :load_resource, only: [:show, :update, :destroy]
+
   def index
-    user_scope = model_class.accessible_by(current_ability, :show)
+    user_scope = user_class.accessible_by(current_ability, :show)
     if params[:ids]
       ids = params[:ids].split(",").flatten
       @users = user_scope.where(id: ids)
@@ -14,20 +16,71 @@ class Spree::Api::UsersController < Spree::Api::ResourceController
     respond_with(@users)
   end
 
-  private
+  def show
+    respond_with(@user)
+  end
+
+  def new
+    authorize! :new, user_class
+    respond_with(user_class.new)
+  end
+
+  def create
+    authorize! :create, user_class
+
+    @user = user_class.new(permitted_user_params)
 
-  attr_reader :user
+    if @user.save
+      respond_with(@user, status: 201, default_template: :show)
+    else
+      invalid_resource!(@user)
+    end
+  end
+
+  def update
+    authorize! :update, @user
 
-  def model_class
+    if @user.update(permitted_user_params)
+      respond_with(@user, status: 200, default_template: :show)
+    else
+      invalid_resource!(@user)
+    end
+  end
+
+  def destroy
+    authorize! :destroy, @user
+
+    destroy_result = if @user.respond_to?(:discard)
+      @user.discard
+    else
+      @user.destroy
+    end
+
+    if destroy_result
+      respond_with(@user, status: 204)
+    else
+      invalid_resource!(@user)
+    end
+  rescue ActiveRecord::DeleteRestrictionError
+    render "spree/api/errors/delete_restriction", status: 422
+  end
+
+  private
+
+  def user_class
     Spree.user_class
   end
 
-  def user_params
-    permitted_resource_params
+  def load_resource
+    @user = user_class.accessible_by(current_ability, :show).find(params[:id])
+  end
+
+  def permitted_user_params
+    params.require(:user).permit(permitted_user_attributes)
   end
 
-  def permitted_resource_attributes
-    if action_name == "create" || can?(:update_email, user)
+  def permitted_user_attributes
+    if action_name == "create" || can?(:update_email, @user)
       super | [:email]
     else
       super

data/app/controllers/spree/api/variants_controller.rb

@@ -6,6 +6,12 @@ module Spree
       before_action :product
 
       def create
+        Spree::Deprecation.warn <<~MSG unless request.path.include?('/products/')
+          This route is deprecated. Use the route nested within the product resource:
+
+            POST api/products/{product_id}/variants
+        MSG
+
         authorize! :create, Variant
         @variant = scope.new(variant_params)
         if @variant.save
@@ -16,6 +22,8 @@ module Spree
       end
 
       def destroy
+        warn_if_nested_member_route
+
         @variant = scope.accessible_by(current_ability, :destroy).find(params[:id])
         @variant.discard
         respond_with(@variant, status: 204)
@@ -25,8 +33,14 @@ module Spree
       # we render on the view so we better update it any time a node is included
       # or removed from the views.
       def index
-        @variants = scope.includes(include_list)
-          .ransack(params[:q]).result
+        @variants =
+          if params[:variant_search_term]
+            Spree::Config.variant_search_class.new(
+              params[:variant_search_term], scope: scope
+            ).results.includes(include_list)
+          else
+            scope.includes(include_list).ransack(params[:q]).result
+          end
 
         @variants = paginate(@variants)
         respond_with(@variants)
@@ -36,12 +50,16 @@ module Spree
       end
 
       def show
+        warn_if_nested_member_route
+
         @variant = scope.includes(include_list)
           .find(params[:id])
         respond_with(@variant)
       end
 
       def update
+        warn_if_nested_member_route
+
         @variant = scope.accessible_by(current_ability, :update).find(params[:id])
         if @variant.update(variant_params)
           respond_with(@variant, status: 200, default_template: :show)
@@ -52,6 +70,14 @@ module Spree
 
       private
 
+      def warn_if_nested_member_route
+        Spree::Deprecation.warn <<~MSG if request.path.include?('/products/')
+          This route is deprecated. Use shallow version instead:
+
+            #{request.method.upcase} api/variants/:id
+        MSG
+      end
+
       def product
         @product ||= Spree::Product.accessible_by(current_ability, :show).friendly.find(params[:product_id]) if params[:product_id]
       end

data/config/i18n-tasks.yml

@@ -0,0 +1,134 @@
+# i18n-tasks finds and manages missing and unused translations: https://github.com/glebm/i18n-tasks
+
+# The "main" locale.
+base_locale: en
+## All available locales are inferred from the data by default. Alternatively, specify them explicitly:
+# locales: [es, fr]
+## Reporting locale, default: en. Available: en, ru.
+# internal_locale: en
+
+# Read and write translations.
+data:
+  ## Translations are read from the file system. Supported format: YAML, JSON.
+  ## Provide a custom adapter:
+  # adapter: I18n::Tasks::Data::FileSystem
+
+  # Locale files or `File.find` patterns where translations are read from:
+  read:
+    ## Default:
+    # - config/locales/%{locale}.yml
+    ## More files:
+    # - config/locales/**/*.%{locale}.yml
+
+  # Locale files to write new keys to, based on a list of key pattern => file rules. Matched from top to bottom:
+  # `i18n-tasks normalize -p` will force move the keys according to these rules
+  write:
+    ## For example, write devise and simple form keys to their respective files:
+    # - ['{devise, simple_form}.*', 'config/locales/\1.%{locale}.yml']
+    ## Catch-all default:
+    # - config/locales/%{locale}.yml
+
+  # External locale data (e.g. gems).
+  # This data is not considered unused and is never written to.
+  external:
+    ## Example (replace %#= with %=):
+    # - "<%#= %x[bundle info vagrant --path].chomp %>/templates/locales/%{locale}.yml"
+
+  ## Specify the router (see Readme for details). Valid values: conservative_router, pattern_router, or a custom class.
+  # router: conservative_router
+
+  yaml:
+    write:
+      # do not wrap lines at 80 characters
+      line_width: -1
+
+  ## Pretty-print JSON:
+  # json:
+  #   write:
+  #     indent: '  '
+  #     space: ' '
+  #     object_nl: "\n"
+  #     array_nl: "\n"
+
+# Find translate calls
+search:
+  ## Paths or `File.find` patterns to search in:
+  # paths:
+  #  - app/
+
+  ## Root directories for relative keys resolution.
+  # relative_roots:
+  #   - app/controllers
+  #   - app/helpers
+  #   - app/mailers
+  #   - app/presenters
+  #   - app/views
+
+  ## Files or `File.fnmatch` patterns to exclude from search. Some files are always excluded regardless of this setting:
+  ##   %w(*.jpg *.png *.gif *.svg *.ico *.eot *.otf *.ttf *.woff *.woff2 *.pdf *.css *.sass *.scss *.less *.yml *.json)
+  exclude:
+    - app/assets/images
+    - app/assets/fonts
+    - app/assets/videos
+
+  ## Alternatively, the only files or `File.fnmatch patterns` to search in `paths`:
+  ## If specified, this settings takes priority over `exclude`, but `exclude` still applies.
+  # only: ["*.rb", "*.html.slim"]
+
+  ## If `strict` is `false`, guess usages such as t("categories.#{category}.title"). The default is `true`.
+  # strict: true
+
+  ## Multiple scanners can be used. Their results are merged.
+  ## The options specified above are passed down to each scanner. Per-scanner options can be specified as well.
+  ## See this example of a custom scanner: https://github.com/glebm/i18n-tasks/wiki/A-custom-scanner-example
+
+## Translation Services
+# translation:
+#   # Google Translate
+#   # Get an API key and set billing info at https://code.google.com/apis/console to use Google Translate
+#   google_translate_api_key: "AbC-dEf5"
+#   # DeepL Pro Translate
+#   # Get an API key and subscription at https://www.deepl.com/pro to use DeepL Pro
+#   deepl_api_key: "48E92789-57A3-466A-9959-1A1A1A1A1A1A"
+
+## Do not consider these keys missing:
+#ignore_missing:
+# - 'number.currency.format.separator'
+# - 'errors.messages.{accepted,blank,invalid,too_short,too_long}'
+# - '{devise,simple_form}.*'
+
+## Consider these keys used:
+ignore_unused:
+# - 'activerecord.attributes.*'
+# - '{devise,kaminari,will_paginate}.*'
+# - 'simple_form.{yes,no}'
+# - 'simple_form.{placeholders,hints,labels}.*'
+# - 'simple_form.{error_notification,required}.:'
+
+## Exclude these keys from the `i18n-tasks eq-base' report:
+# ignore_eq_base:
+#   all:
+#     - common.ok
+#   fr,es:
+#     - common.brand
+
+## Exclude these keys from the `i18n-tasks check-consistent-interpolations` report:
+# ignore_inconsistent_interpolations:
+# - 'activerecord.attributes.*'
+
+## Ignore these keys completely:
+# ignore:
+#  - kaminari.*
+
+## Sometimes, it isn't possible for i18n-tasks to match the key correctly,
+## e.g. in case of a relative key defined in a helper method.
+## In these cases you can use the built-in PatternMapper to map patterns to keys, e.g.:
+#
+# <%# I18n::Tasks.add_scanner 'I18n::Tasks::Scanners::PatternMapper',
+#       only: %w(*.html.haml *.html.slim),
+#       patterns: [['= title\b', '.page_title']] %>
+#
+# The PatternMapper can also match key literals via a special %{key} interpolation, e.g.:
+#
+# <%# I18n::Tasks.add_scanner 'I18n::Tasks::Scanners::PatternMapper',
+#       patterns: [['\bSpree\.t[( ]\s*%{key}', 'spree.%{key}']] %>

data/config/locales/en.yml

@@ -2,23 +2,19 @@
 en:
   spree:
     api:
+      could_not_transition: The %{resource} could not be transitioned. Please fix the errors and try again.
       delete_restriction_error: Cannot delete record.
       gateway_error: 'There was a problem with the payment gateway: %{text}'
       invalid_api_key: Invalid API key (%{key}) specified.
       invalid_resource: Invalid resource. Please fix errors and try again.
       invalid_taxonomy_id: Invalid taxonomy id.
       must_specify_api_key: You must specify an API key.
-      could_not_transition: The %{resource} could not be transitioned. Please fix the
-        errors and try again.
       order:
-        could_not_transition: The order could not be transitioned. Please fix the
-          errors and try again.
         expected_total_mismatch: Expected total does not match actual total.
         invalid_shipping_method: Invalid shipping method specified.
         quantity_is_not_available: Quantity is not available for items in your order
       payment:
-        credit_over_limit: This payment can only be credited up to %{limit}. Please
-          specify an amount less than or equal to this number.
+        credit_over_limit: This payment can only be credited up to %{limit}. Please specify an amount less than or equal to this number.
         update_forbidden: This payment cannot be updated because it is %{state}.
       resource_not_found: The resource you were looking for could not be found.
       shipment:

data/config/routes.rb

@@ -12,10 +12,16 @@ Spree::Core::Engine.routes.draw do
 
     resources :products do
       resources :images
+      # TODO: Use shallow option on Solidus v4.0
       resources :variants
       resources :product_properties
     end
 
+    # TODO: Use only: :index on Solidus v4.0
+    resources :variants do
+      resources :images
+    end
+
     concern :order_routes do
       resources :line_items
       resources :payments do
@@ -47,13 +53,12 @@ Spree::Core::Engine.routes.draw do
       end
     end
 
-    resources :variants do
-      resources :images
-    end
-
     resources :option_types do
+      # TODO: Use shallow option on Solidus v4.0
       resources :option_values
     end
+    # TODO: Use only: :index on Solidus v4.0 and use shallow option on the nested routes
+    # within option_types
     resources :option_values
 
     get '/orders/mine', to: 'orders#mine', as: 'my_orders'

data/lib/spree/api/testing_support/helpers.rb

@@ -47,7 +47,7 @@ module Spree
         end
 
         def upload_image(filename)
-          Rack::Test::UploadedFile.new(File.open(image(filename).path), 'image/jpg')
+          Rack::Test::UploadedFile.new(File.open(image(filename).path), 'image/jpeg')
         end
       end
     end

data/openapi/solidus-api.oas.yml

@@ -682,7 +682,10 @@ paths:
         '404':
           $ref: '#/components/responses/not-found'
       summary: Get product variant
-      description: Retrieves a product's variant.
+      description: |-
+        **Deprecation Warning**: Use [shallow version](/docs/solidus/87df124706c5f-get-variant) instead
+
+        Retrieves a product's variant.
       operationId: get-product-variant
       tags:
         - Variants
@@ -714,7 +717,10 @@ paths:
         '422':
           $ref: '#/components/responses/delete-restriction'
       summary: Delete product variant
-      description: Deletes a product's variant.
+      description: |-
+        **Deprecation Warning**: Use [shallow version](/docs/solidus/82ccaada99139-delete-variant) instead
+
+        Deletes a product's variant.
       operationId: delete-product-variant
       tags:
         - Variants
@@ -735,7 +741,10 @@ paths:
         '422':
           $ref: '#/components/responses/unprocessable-entity'
       summary: Update product variant
-      description: Updates a product's variant.
+      description: |-
+        **Deprecation Warning**: Use [shallow version](/docs/solidus/ce338b5f3b940-update-variant) instead
+
+        Updates a product's variant.
       operationId: update-product-variant
       tags:
         - Variants
@@ -857,7 +866,10 @@ paths:
         '422':
           $ref: '#/components/responses/unprocessable-entity'
       summary: Create variant
-      description: 'Creates a variant. Only users with `can :create, Variant` permissions can perform this action.'
+      description: |-
+        **Deprecation Warning**: Use [nested version](/docs/solidus/681aa6cb75b1e-create-product-variant) instead
+
+        Creates a variant. Only users with `can :create, Variant` permissions can perform this action.
       operationId: create-variant
       tags:
         - Variants
@@ -2544,6 +2556,8 @@ paths:
           $ref: '#/components/responses/unprocessable-entity'
       summary: Create option value
       description: |-
+        **Deprecation Warning**: Use [nested version](/docs/solidus/810154673c613-create-option-type-value) instead
+
         Creates an option value.
 
         Only users with the `create` permission on `Spree::OptionValue` can perform this action.
@@ -2715,7 +2729,10 @@ paths:
         '404':
           $ref: '#/components/responses/not-found'
       summary: Get option type value
-      description: Retrieves an option type's value.
+      description: |-
+        **Deprecation Warning**: Use [shallow version](/docs/solidus/cbbc403ed08a3-get-option-value) instead
+
+        Retrieves an option type's value.
       operationId: get-option-type-value
       tags:
         - Option values
@@ -2749,7 +2766,10 @@ paths:
         '422':
           $ref: '#/components/responses/delete-restriction'
       summary: Delete option type value
-      description: Deletes an option type's value.
+      description: |-
+        **Deprecation Warning**: Use [shallow version](/docs/solidus/0742e63219b1f-delete-option-value) instead
+
+        Deletes an option type's value.
       operationId: delete-option-type-value
       tags:
         - Option values
@@ -2771,6 +2791,8 @@ paths:
           $ref: '#/components/responses/unprocessable-entity'
       summary: Update option type value
       description: |-
+        **Deprecation Warning**: Use [shallow version](/docs/solidus/b43f889175ebb-update-option-value) instead
+
         Updates an option type's value.
 
         Only users with the `update` permission on the option value can perform this action.
@@ -5569,6 +5591,10 @@ paths:
         Creates a shipment.
 
         Please note that this request can be only performed by users with the `create` permission on the shipment.
+
+        **Deprecation Warning**: Adding items to the shipment via this endpoint
+        is deprecated. Instead, create an empty shipment and populate it with
+        the dedicated endpoint [to add items to the shipment](/docs/solidus/7078dbcf415ac-add-shipment-item).
       operationId: create-shipment
       tags:
         - Shipments
@@ -5584,8 +5610,10 @@ paths:
                   type: integer
                 variant_id:
                   type: integer
+                  deprecated: true
                 quantity:
                   type: integer
+                  deprecated: true
             examples:
               Example:
                 value:
@@ -7141,6 +7169,8 @@ components:
           type: boolean
         product_id:
           type: integer
+        tax_category_id:
+          type: integer
         weight:
           type: string
         height:
@@ -7161,6 +7191,7 @@ components:
           type: array
           items:
             $ref: '#/components/schemas/option-value-input'
+        
         options:
           type: object
           description: '`Name` will be the name/presentation of the option type and `Value` will be the name/presentation of the option value. They will be created if not exist.'

data/solidus_api.gemspec

@@ -14,6 +14,8 @@ Gem::Specification.new do |s|
   s.homepage    = 'http://solidus.io'
   s.license     = 'BSD-3-Clause'
 
+  s.metadata['rubygems_mfa_required'] = 'true'
+
   s.files = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(spec|script)/})
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: solidus_api
 version: !ruby/object:Gem::Version
-  version: 3.1.7
+  version: 3.2.1
 platform: ruby
 authors:
 - Solidus Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-07-15 00:00:00.000000000 Z
+date: 2022-09-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jbuilder
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.1.7
+        version: 3.2.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.1.7
+        version: 3.2.1
 description: REST API for the Solidus e-commerce framework.
 email: contact@solidus.io
 executables: []
@@ -225,6 +225,7 @@ files:
 - app/views/spree/api/zones/_zone.json.jbuilder
 - app/views/spree/api/zones/index.json.jbuilder
 - app/views/spree/api/zones/show.json.jbuilder
+- config/i18n-tasks.yml
 - config/locales/en.yml
 - config/routes.rb
 - db/migrate/20100107141738_add_api_key_to_spree_users.rb
@@ -255,7 +256,8 @@ files:
 homepage: http://solidus.io
 licenses:
 - BSD-3-Clause
-metadata: {}
+metadata:
+  rubygems_mfa_required: 'true'
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -271,7 +273,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.8.23
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.3.19
 signing_key: 
 specification_version: 4
 summary: REST API for the Solidus e-commerce framework.