RubyGems - solidus_api - Versions diffs - 4.4.2 → 4.5.1 - Mend

solidus_api 4.4.2 → 4.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/app/controllers/spree/api/base_controller.rb +18 -1
data/app/controllers/spree/api/line_items_controller.rb +15 -2
data/app/controllers/spree/api/orders_controller.rb +7 -0
data/app/helpers/spree/api/api_helpers.rb +10 -0
data/lib/spree/api_configuration.rb +32 -10
data/openapi/solidus-api.oas.yml +6 -9
metadata +5 -8

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ccb7042536c398b4ec1ac42d06e05569e5fbc21ca387fc76cb07079d373de638
-  data.tar.gz: ac80c694f158a1e752fc12fb37252a188c4e723d985ab7f2c56f8f3d306c491b
+  metadata.gz: 2b3fd9044a23f9e90d975679f852a3d2d78de8ce247c0e2c0aa79aca920d2465
+  data.tar.gz: dcc797abebfe49d10d802dad0c7b7b7cae1d21b3aaf1a05455fa4a6a9dd48c17
 SHA512:
-  metadata.gz: 80b96625d96147c50f662a84fbb87d922b93f910d9027219c42000bdd0e0a2427d6c0a39d70e7d9619e5adbfc4a813d79cb9fb9e43ec1ee394fd901fbb736bdb
-  data.tar.gz: e169ef6eafb44a080369c95ae10d399decf22f9fab5a2cb05dc4592d8d0d87176fc35e2ab29916d7e7366fa437975ee58ac85c7ea481a4c1a4dfca8e55d39be6
+  metadata.gz: cb9130b933a3b5854cafb66610969e46e751fe612eb25d5fd10a9eaf3b98d1a2a0269ae018a625c69f48b48d1f90b36bd32f4264d323b1daccab3fa4003cddf2
+  data.tar.gz: 74185c1bd1d9cc5d032b0c18d4918b4da9dd0de47df0d69dd0b8a5d1f05c8d2b2159621acd184b85b7752ab9aefb27571636531add366d6ea9430737511d4ff4

data/app/controllers/spree/api/base_controller.rb CHANGED Viewed

@@ -18,6 +18,9 @@ module Spree
       class_attribute :admin_line_item_attributes
       self.admin_line_item_attributes = [:price, :variant_id, :sku]
+      class_attribute :admin_metadata_attributes
+      self.admin_metadata_attributes = [{ admin_metadata: {} }]
       attr_accessor :current_api_user
       before_action :load_user
@@ -35,15 +38,29 @@ module Spree
       private
+      Spree::Api::Config.metadata_permit_parameters.each do |resource|
+        define_method("permitted_#{resource.to_s.underscore}_attributes") do
+          if can?(:admin, "Spree::#{resource}".constantize)
+            super() + admin_metadata_attributes
+          else
+            super()
+          end
+        end
+      end
       # users should be able to set price when importing orders via api
       def permitted_line_item_attributes
         if can?(:admin, Spree::LineItem)
-          super + admin_line_item_attributes
+          super + admin_line_item_attributes + admin_metadata_attributes
         else
           super
         end
       end
+      def permitted_user_attributes
+        can?(:admin, Spree.user_class) ? super + admin_metadata_attributes : super
+      end
       def load_user
         @current_api_user ||= Spree.user_class.find_by(spree_api_key: api_key.to_s)
       end

data/app/controllers/spree/api/line_items_controller.rb CHANGED Viewed

@@ -15,8 +15,10 @@ module Spree
           @line_item = @order.contents.add(
             variant,
             params[:line_item][:quantity] || 1,
-            options: line_item_params[:options].to_h
+            options: line_item_params[:options].to_h,
+            **extract_metadata
           )
           respond_with(@line_item, status: 201, default_template: :show)
         rescue ActiveRecord::RecordInvalid => error
           invalid_resource!(error.record)
@@ -56,10 +58,21 @@ module Spree
         { line_items_attributes: {
             id: params[:id],
             quantity: params[:line_item][:quantity],
-            options: line_item_params[:options] || {}
+            options: line_item_params[:options] || {},
+            **extract_metadata
         } }
       end
+      def extract_metadata
+        metadata = { customer_metadata: line_item_params[:customer_metadata] }
+        if @current_user_roles&.include?("admin")
+          metadata[:admin_metadata] = line_item_params[:admin_metadata]
+        end
+        metadata
+      end
       def line_item_params
         params.require(:line_item).permit(permitted_line_item_attributes)
       end

data/app/controllers/spree/api/orders_controller.rb CHANGED Viewed

@@ -112,12 +112,19 @@ module Spree
       def order_params
         if params[:order]
           normalize_params
+          prevent_customer_metadata_update
           params.require(:order).permit(permitted_order_attributes)
         else
           {}
         end
       end
+      def prevent_customer_metadata_update
+        return unless @order&.completed? && cannot?(:admin, Spree::Order)
+        params[:order].delete(:customer_metadata) if params[:order]
+      end
       def normalize_params
         if params[:order][:payments]
           payments_params = params[:order].delete(:payments)

data/app/helpers/spree/api/api_helpers.rb CHANGED Viewed

@@ -43,6 +43,16 @@ module Spree
         end
       end
+      Spree::Api::Config.metadata_api_parameters.each do |method_name, resource|
+        define_method("#{method_name}_attributes") do
+          authorized_attributes(resource, "#{method_name}_attributes")
+        end
+      end
+      def authorized_attributes(resource, config_attribute)
+        can?(:admin, resource) ? Spree::Api::Config.public_send(config_attribute) + [:admin_metadata] : Spree::Api::Config.public_send(config_attribute)
+      end
       def required_fields_for(model)
         required_fields = model._validators.select do |_field, validations|
           validations.any? { |validation| validation.is_a?(ActiveModel::Validations::PresenceValidator) }

data/lib/spree/api_configuration.rb CHANGED Viewed

@@ -7,13 +7,13 @@ module Spree
     preference :product_attributes, :array, default: [
       :id, :name, :description, :available_on,
       :slug, :meta_description, :meta_keywords, :shipping_category_id,
-      :taxon_ids, :total_on_hand, :meta_title
+      :taxon_ids, :total_on_hand, :meta_title, :primary_taxon_id
     ]
     preference :product_property_attributes, :array, default: [:id, :product_id, :property_id, :value, :property_name]
     preference :variant_attributes, :array, default: [
-      :id, :name, :sku, :weight, :height, :width, :depth, :is_master,
+      :id, :name, :sku, :gtin, :condition, :weight, :height, :width, :depth, :is_master,
       :slug, :description, :track_inventory
     ]
@@ -36,22 +36,44 @@ module Spree
       :covered_by_store_credit, :display_total_applicable_store_credit,
       :order_total_after_store_credit, :display_order_total_after_store_credit,
       :total_applicable_store_credit, :display_total_available_store_credit,
-      :display_store_credit_remaining_after_capture, :canceler_id
+      :display_store_credit_remaining_after_capture, :canceler_id, :customer_metadata
     ]
-    preference :line_item_attributes, :array, default: [:id, :quantity, :price, :variant_id]
+    preference :line_item_attributes, :array, default: [:id, :quantity, :price, :variant_id, :customer_metadata]
+    # Spree::Api::Config.metadata_api_parameters contains the models
+    # to which the admin_metadata attribute is added
+    preference :metadata_api_parameters, :array, default: [
+      [:order, 'Spree::Order'],
+      [:customer_return, 'Spree::CustomerReturn'],
+      [:payment, 'Spree::Payment'],
+      [:return_authorization, 'Spree::ReturnAuthorization'],
+      [:shipment, 'Spree::Shipment'],
+      [:user, 'Spree.user_class'],
+      [:line_item, 'Spree::LineItem']
+    ]
+    # Spree::Api::Config.metadata_permit_parameters contains the models
+    # to which the admin_metadata attribute is permitted
+    preference :metadata_permit_parameters, :array, default: [
+      :Order,
+      :CustomerReturn,
+      :Payment,
+      :ReturnAuthorization,
+      :Shipment
+    ]
     preference :option_type_attributes, :array, default: [:id, :name, :presentation, :position]
     preference :payment_attributes, :array, default: [
       :id, :source_type, :source_id, :amount, :display_amount,
       :payment_method_id, :state, :avs_response, :created_at,
-      :updated_at
+      :updated_at, :customer_metadata
     ]
     preference :payment_method_attributes, :array, default: [:id, :name, :description]
-    preference :shipment_attributes, :array, default: [:id, :tracking, :tracking_url, :number, :cost, :shipped_at, :state]
+    preference :shipment_attributes, :array, default: [:id, :tracking, :tracking_url, :number, :cost, :shipped_at, :state, :customer_metadata]
     preference :taxonomy_attributes, :array, default: [:id, :name]
@@ -81,11 +103,11 @@ module Spree
     ]
     preference :customer_return_attributes, :array, default: [
-      :id, :number, :stock_location_id, :created_at, :updated_at
+      :id, :number, :stock_location_id, :created_at, :updated_at, :customer_metadata
     ]
     preference :return_authorization_attributes, :array, default: [
-      :id, :number, :state, :order_id, :memo, :created_at, :updated_at
+      :id, :number, :state, :order_id, :memo, :created_at, :updated_at, :customer_metadata
     ]
     preference :creditcard_attributes, :array, default: [
@@ -96,7 +118,7 @@ module Spree
       :id, :month, :year, :cc_type, :last_digits, :name
     ]
-    preference :user_attributes, :array, default: [:id, :email, :created_at, :updated_at]
+    preference :user_attributes, :array, default: [:id, :email, :created_at, :updated_at, :customer_metadata]
     preference :property_attributes, :array, default: [:id, :name, :presentation]
@@ -132,7 +154,7 @@ module Spree
     preference :store_credit_history_attributes, :array, default: [
       :display_amount, :display_user_total_amount, :display_action,
-      :display_event_date, :display_remaining_amount
+      :display_event_date, :display_remaining_amount, :customer_metadata
     ]
     preference :variant_property_attributes, :array, default: [

data/openapi/solidus-api.oas.yml CHANGED Viewed

@@ -74,6 +74,8 @@ paths:
                   product:
                     name: The Majestic Product
                     price: '19.99'
+                    gtin: 12345678
+                    condition: new
                     shipping_category_id: 8
                     product_properties_attributes:
                       - property_name: fabric
@@ -86,6 +88,8 @@ paths:
                       - price: 19.99
                         cost_price: 17
                         sku: SKU-3
+                        gtin: 12345678
+                        condition: new
                         track_inventory: true
                         options:
                           - name: size
@@ -1169,10 +1173,7 @@ paths:
         '422':
           $ref: '#/components/responses/delete-restriction'
       summary: Remove address from user address book
-      description: |-
-        Removes an address from a user's address book.
-        **Note:** Rather than delete a `Spree::UserAddress` record this action set its `archived` attribute to `true`.
+      description: Removes an address from a user's address book.
       operationId: remove-address-from-user-address-book
       tags:
         - Address books
@@ -1201,11 +1202,7 @@ paths:
       operationId: update-user-address-book
       tags:
         - Address books
-      description: |-
-        Updates a user's address book.
-        **Note:** if the passed `id` matches an existing `address` a new `Spree::Address` record will be created and the matched `address` `archived` on `Spree::UserAddress`. For a similar logic, if the passed `id` matches an existing `address` which is in `archived` state, the `Spree::UserAddress#archived` record will be restored to `false`.
-        See `user_address_book.rb` for further information.
+      description: Updates a user's address book.
       security:
         - api-key: []
       requestBody:

metadata CHANGED Viewed

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: solidus_api
 version: !ruby/object:Gem::Version
-  version: 4.4.2
+  version: 4.5.1
 platform: ruby
 authors:
 - Solidus Team
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-12-09 00:00:00.000000000 Z
+date: 2025-03-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jbuilder
@@ -58,14 +57,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.4.2
+        version: 4.5.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.4.2
+        version: 4.5.1
 description: REST API for the Solidus e-commerce framework.
 email: contact@solidus.io
 executables: []
@@ -257,7 +256,6 @@ licenses:
 - BSD-3-Clause
 metadata:
   rubygems_mfa_required: 'true'
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -272,8 +270,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.8.23
 requirements: []
-rubygems_version: 3.5.3
-signing_key:
+rubygems_version: 3.6.5
 specification_version: 4
 summary: REST API for the Solidus e-commerce framework.
 test_files: []