solidus_api 2.10.5 → 2.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/app/controllers/spree/api/addresses_controller.rb +1 -1
- data/app/controllers/spree/api/base_controller.rb +11 -3
- data/app/controllers/spree/api/checkouts_controller.rb +1 -11
- data/app/controllers/spree/api/countries_controller.rb +2 -2
- data/app/controllers/spree/api/credit_cards_controller.rb +2 -2
- data/app/controllers/spree/api/customer_returns_controller.rb +67 -0
- data/app/controllers/spree/api/images_controller.rb +4 -4
- data/app/controllers/spree/api/inventory_units_controller.rb +1 -1
- data/app/controllers/spree/api/option_types_controller.rb +3 -3
- data/app/controllers/spree/api/option_values_controller.rb +2 -2
- data/app/controllers/spree/api/orders_controller.rb +1 -1
- data/app/controllers/spree/api/payments_controller.rb +1 -1
- data/app/controllers/spree/api/product_properties_controller.rb +9 -14
- data/app/controllers/spree/api/promotions_controller.rb +3 -12
- data/app/controllers/spree/api/properties_controller.rb +3 -3
- data/app/controllers/spree/api/resource_controller.rb +2 -2
- data/app/controllers/spree/api/return_authorizations_controller.rb +3 -3
- data/app/controllers/spree/api/shipments_controller.rb +1 -1
- data/app/controllers/spree/api/states_controller.rb +3 -3
- data/app/controllers/spree/api/stock_items_controller.rb +2 -2
- data/app/controllers/spree/api/stock_locations_controller.rb +3 -3
- data/app/controllers/spree/api/stock_movements_controller.rb +3 -3
- data/app/controllers/spree/api/stores_controller.rb +3 -3
- data/app/controllers/spree/api/taxonomies_controller.rb +2 -2
- data/app/controllers/spree/api/taxons_controller.rb +4 -4
- data/app/controllers/spree/api/users_controller.rb +13 -0
- data/app/controllers/spree/api/variants_controller.rb +3 -3
- data/app/controllers/spree/api/zones_controller.rb +2 -2
- data/app/helpers/spree/api/api_helpers.rb +18 -5
- data/app/views/spree/api/customer_returns/index.json.jbuilder +6 -0
- data/app/views/spree/api/customer_returns/new.json.jbuilder +4 -0
- data/app/views/spree/api/customer_returns/show.json.jbuilder +3 -0
- data/app/views/spree/api/errors/could_not_transition.json.jbuilder +4 -0
- data/app/views/spree/api/orders/could_not_transition.json.jbuilder +5 -0
- data/config/locales/en.yml +2 -0
- data/config/routes.rb +6 -3
- data/lib/spree/api/testing_support/helpers.rb +1 -1
- data/openapi/authentication.md +9 -1
- data/openapi/checkout-flow.md +17 -4
- data/openapi/main.hub.yml +1 -1
- data/openapi/solidus-api.oas.yml +6753 -0
- data/solidus_api.gemspec +19 -19
- metadata +14 -114
- data/openapi/api.oas2.yml +0 -6108
- data/script/rails +0 -10
- data/spec/controllers/spree/api/base_controller_spec.rb +0 -118
- data/spec/controllers/spree/api/resource_controller_spec.rb +0 -190
- data/spec/features/checkout_spec.rb +0 -192
- data/spec/fixtures/thinking-cat.jpg +0 -0
- data/spec/lib/spree_api_responders_spec.rb +0 -10
- data/spec/models/spree/legacy_user_spec.rb +0 -103
- data/spec/requests/api/address_books_spec.rb +0 -240
- data/spec/requests/jbuilder_cache_spec.rb +0 -34
- data/spec/requests/ransackable_attributes_spec.rb +0 -79
- data/spec/requests/spree/api/addresses_controller_spec.rb +0 -57
- data/spec/requests/spree/api/checkouts_controller_spec.rb +0 -484
- data/spec/requests/spree/api/classifications_controller_spec.rb +0 -50
- data/spec/requests/spree/api/config_controller_spec.rb +0 -26
- data/spec/requests/spree/api/countries_controller_spec.rb +0 -48
- data/spec/requests/spree/api/coupon_codes_controller_spec.rb +0 -105
- data/spec/requests/spree/api/credit_cards_controller_spec.rb +0 -105
- data/spec/requests/spree/api/images_controller_spec.rb +0 -99
- data/spec/requests/spree/api/inventory_units_controller_spec.rb +0 -55
- data/spec/requests/spree/api/line_items_controller_spec.rb +0 -213
- data/spec/requests/spree/api/option_types_controller_spec.rb +0 -116
- data/spec/requests/spree/api/option_values_controller_spec.rb +0 -138
- data/spec/requests/spree/api/orders_controller_spec.rb +0 -954
- data/spec/requests/spree/api/payments_controller_spec.rb +0 -259
- data/spec/requests/spree/api/product_properties_controller_spec.rb +0 -114
- data/spec/requests/spree/api/products_controller_spec.rb +0 -422
- data/spec/requests/spree/api/promotion_application_spec.rb +0 -50
- data/spec/requests/spree/api/promotions_controller_spec.rb +0 -67
- data/spec/requests/spree/api/properties_controller_spec.rb +0 -102
- data/spec/requests/spree/api/return_authorizations_controller_spec.rb +0 -180
- data/spec/requests/spree/api/shipments_controller_spec.rb +0 -532
- data/spec/requests/spree/api/states_controller_spec.rb +0 -69
- data/spec/requests/spree/api/stock_items_controller_spec.rb +0 -311
- data/spec/requests/spree/api/stock_locations_controller_spec.rb +0 -170
- data/spec/requests/spree/api/stock_movements_controller_spec.rb +0 -81
- data/spec/requests/spree/api/store_credit_events_controller_spec.rb +0 -59
- data/spec/requests/spree/api/stores_controller_spec.rb +0 -134
- data/spec/requests/spree/api/taxonomies_controller_spec.rb +0 -114
- data/spec/requests/spree/api/taxons_controller_spec.rb +0 -217
- data/spec/requests/spree/api/unauthenticated_products_controller_spec.rb +0 -27
- data/spec/requests/spree/api/users_controller_spec.rb +0 -151
- data/spec/requests/spree/api/variants_controller_spec.rb +0 -340
- data/spec/requests/spree/api/zones_controller_spec.rb +0 -89
- data/spec/shared_examples/protect_product_actions.rb +0 -18
- data/spec/spec_helper.rb +0 -73
- data/spec/support/be_paginated_matcher.rb +0 -9
- data/spec/support/controller_hacks.rb +0 -43
- data/spec/support/database_cleaner.rb +0 -16
- data/spec/support/have_attributes_matcher.rb +0 -11
- data/spec/test_views/spree/api/widgets/_widget.json.jbuilder +0 -3
- data/spec/test_views/spree/api/widgets/index.json.jbuilder +0 -9
- data/spec/test_views/spree/api/widgets/new.json.jbuilder +0 -3
- data/spec/test_views/spree/api/widgets/show.json.jbuilder +0 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0073a2dd8fda3f900d1eacc4221b4ef2e0b418adb5a08818dfadd32aa8c55020
|
|
4
|
+
data.tar.gz: 1f453e33e88e7f80a4c0b618cb4336a54cf8dff3044d9b526e6bb6d312f46e07
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4783fe7f6037f082e38fd384732c895e7c591781d0770a45f107248b7380a40a6675cd1935455aaeef230ed7c0c4eb61e55f506eaaabbdb3a846de1a71989b0a
|
|
7
|
+
data.tar.gz: e722663fa5ac036dc85edd355d8faa09a73b36c4dd3a3e17fa145a7f31f815349d71315355def89cfd724d5610497ce0bef6824d73cf1d554abe8f1b36e1659e
|
data/README.md
CHANGED
|
@@ -20,9 +20,9 @@ If you want to contribute, you can use [Stoplight Studio][studio]. Simply
|
|
|
20
20
|
follow these steps:
|
|
21
21
|
|
|
22
22
|
1. Create a new Stoplight Studio project
|
|
23
|
-
2. Copy-paste the content of `openapi/api.
|
|
23
|
+
2. Copy-paste the content of `openapi/solidus-api.oas.yml` into your project
|
|
24
24
|
3. Edit the endpoints and models as needed
|
|
25
|
-
4. Copy-paste the result back into `openapi/api.
|
|
25
|
+
4. Copy-paste the result back into `openapi/solidus-api.oas.yml`
|
|
26
26
|
5. Open a PR!
|
|
27
27
|
|
|
28
28
|
**Note: Only use embedded models in Stoplight Studio, as Stoplight Docs is
|
|
@@ -10,6 +10,7 @@ module Spree
|
|
|
10
10
|
protect_from_forgery unless: -> { request.format.json? }
|
|
11
11
|
|
|
12
12
|
include CanCan::ControllerAdditions
|
|
13
|
+
include Spree::Core::ControllerHelpers::CurrentHost
|
|
13
14
|
include Spree::Core::ControllerHelpers::Store
|
|
14
15
|
include Spree::Core::ControllerHelpers::Pricing
|
|
15
16
|
include Spree::Core::ControllerHelpers::StrongParameters
|
|
@@ -28,6 +29,7 @@ module Spree
|
|
|
28
29
|
rescue_from ActiveRecord::RecordNotFound, with: :not_found
|
|
29
30
|
rescue_from CanCan::AccessDenied, with: :unauthorized
|
|
30
31
|
rescue_from Spree::Core::GatewayError, with: :gateway_error
|
|
32
|
+
rescue_from StateMachines::InvalidTransition, with: :invalid_transition
|
|
31
33
|
|
|
32
34
|
helper Spree::Api::ApiHelpers
|
|
33
35
|
|
|
@@ -133,13 +135,13 @@ module Spree
|
|
|
133
135
|
|
|
134
136
|
def product_scope
|
|
135
137
|
if can?(:admin, Spree::Product)
|
|
136
|
-
scope = Spree::Product.
|
|
138
|
+
scope = Spree::Product.with_discarded.accessible_by(current_ability).includes(*product_includes)
|
|
137
139
|
|
|
138
140
|
unless params[:show_deleted]
|
|
139
141
|
scope = scope.not_deleted
|
|
140
142
|
end
|
|
141
143
|
else
|
|
142
|
-
scope = Spree::Product.accessible_by(current_ability
|
|
144
|
+
scope = Spree::Product.accessible_by(current_ability).available.includes(*product_includes)
|
|
143
145
|
end
|
|
144
146
|
|
|
145
147
|
scope
|
|
@@ -159,7 +161,7 @@ module Spree
|
|
|
159
161
|
|
|
160
162
|
def authorize_for_order
|
|
161
163
|
@order = Spree::Order.find_by(number: order_id)
|
|
162
|
-
authorize! :
|
|
164
|
+
authorize! :show, @order, order_token
|
|
163
165
|
end
|
|
164
166
|
|
|
165
167
|
def lock_order
|
|
@@ -188,6 +190,12 @@ module Spree
|
|
|
188
190
|
def default_per_page
|
|
189
191
|
Kaminari.config.default_per_page
|
|
190
192
|
end
|
|
193
|
+
|
|
194
|
+
def invalid_transition(error)
|
|
195
|
+
logger.error("invalid_transition #{error.event} from #{error.from} for #{error.object.class.name}. Error: #{error.inspect}")
|
|
196
|
+
|
|
197
|
+
render "spree/api/errors/could_not_transition", locals: { resource: error.object }, status: :unprocessable_entity
|
|
198
|
+
end
|
|
191
199
|
end
|
|
192
200
|
end
|
|
193
201
|
end
|
|
@@ -20,12 +20,8 @@ module Spree
|
|
|
20
20
|
respond_with(@order, default_template: 'spree/api/orders/expected_total_mismatch', status: 400)
|
|
21
21
|
return
|
|
22
22
|
end
|
|
23
|
-
authorize! :update, @order, order_token
|
|
24
23
|
@order.next!
|
|
25
24
|
respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
|
|
26
|
-
rescue StateMachines::InvalidTransition => error
|
|
27
|
-
logger.error("invalid_transition #{error.event} from #{error.from} for #{error.object.class.name}. Error: #{error.inspect}")
|
|
28
|
-
respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
|
|
29
25
|
end
|
|
30
26
|
|
|
31
27
|
def advance
|
|
@@ -42,9 +38,6 @@ module Spree
|
|
|
42
38
|
@order.complete!
|
|
43
39
|
respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
|
|
44
40
|
end
|
|
45
|
-
rescue StateMachines::InvalidTransition => error
|
|
46
|
-
logger.error("invalid_transition #{error.event} from #{error.from} for #{error.object.class.name}. Error: #{error.inspect}")
|
|
47
|
-
respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
|
|
48
41
|
end
|
|
49
42
|
|
|
50
43
|
def update
|
|
@@ -57,12 +50,9 @@ module Spree
|
|
|
57
50
|
|
|
58
51
|
return if after_update_attributes
|
|
59
52
|
|
|
60
|
-
if @order.completed? || @order.next
|
|
53
|
+
if @order.completed? || @order.next!
|
|
61
54
|
state_callback(:after)
|
|
62
55
|
respond_with(@order, default_template: 'spree/api/orders/show')
|
|
63
|
-
else
|
|
64
|
-
logger.error("failed_to_transition_errors=#{@order.errors.full_messages}")
|
|
65
|
-
respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
|
|
66
56
|
end
|
|
67
57
|
else
|
|
68
58
|
invalid_resource!(@order)
|
|
@@ -7,7 +7,7 @@ module Spree
|
|
|
7
7
|
|
|
8
8
|
def index
|
|
9
9
|
@countries = Spree::Country.
|
|
10
|
-
accessible_by(current_ability
|
|
10
|
+
accessible_by(current_ability).
|
|
11
11
|
ransack(params[:q]).
|
|
12
12
|
result.
|
|
13
13
|
order('name ASC')
|
|
@@ -21,7 +21,7 @@ module Spree
|
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
def show
|
|
24
|
-
@country = Spree::Country.accessible_by(current_ability, :
|
|
24
|
+
@country = Spree::Country.accessible_by(current_ability, :show).find(params[:id])
|
|
25
25
|
respond_with(@country)
|
|
26
26
|
end
|
|
27
27
|
end
|
|
@@ -9,7 +9,7 @@ module Spree
|
|
|
9
9
|
def index
|
|
10
10
|
@credit_cards = user
|
|
11
11
|
.credit_cards
|
|
12
|
-
.accessible_by(current_ability
|
|
12
|
+
.accessible_by(current_ability)
|
|
13
13
|
.with_payment_profile
|
|
14
14
|
.ransack(params[:q]).result
|
|
15
15
|
|
|
@@ -29,7 +29,7 @@ module Spree
|
|
|
29
29
|
|
|
30
30
|
def user
|
|
31
31
|
if params[:user_id].present?
|
|
32
|
-
@user ||= Spree.user_class.accessible_by(current_ability, :
|
|
32
|
+
@user ||= Spree.user_class.accessible_by(current_ability, :show).find(params[:user_id])
|
|
33
33
|
end
|
|
34
34
|
end
|
|
35
35
|
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Spree
|
|
4
|
+
module Api
|
|
5
|
+
class CustomerReturnsController < Spree::Api::BaseController
|
|
6
|
+
before_action :load_order
|
|
7
|
+
around_action :lock_order, only: [:create, :update, :destroy, :cancel]
|
|
8
|
+
|
|
9
|
+
rescue_from Spree::Order::InsufficientStock, with: :insufficient_stock_error
|
|
10
|
+
|
|
11
|
+
def create
|
|
12
|
+
authorize! :create, CustomerReturn
|
|
13
|
+
@customer_return = CustomerReturn.create(customer_return_params)
|
|
14
|
+
if @customer_return.save
|
|
15
|
+
respond_with(@customer_return, status: 201, default_template: :show)
|
|
16
|
+
else
|
|
17
|
+
invalid_resource!(@customer_return)
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def index
|
|
22
|
+
authorize! :index, CustomerReturn
|
|
23
|
+
|
|
24
|
+
@customer_returns = @order.
|
|
25
|
+
customer_returns.
|
|
26
|
+
accessible_by(current_ability).
|
|
27
|
+
ransack(params[:q]).
|
|
28
|
+
result
|
|
29
|
+
|
|
30
|
+
@customer_returns = paginate(@customer_returns)
|
|
31
|
+
|
|
32
|
+
respond_with(@customer_returns)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def new
|
|
36
|
+
authorize! :new, CustomerReturn
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def show
|
|
40
|
+
authorize! :show, CustomerReturn
|
|
41
|
+
@customer_return = @order.customer_returns.accessible_by(current_ability, :show).find(params[:id])
|
|
42
|
+
respond_with(@customer_return)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def update
|
|
46
|
+
authorize! :update, CustomerReturn
|
|
47
|
+
@customer_return = @order.customer_returns.accessible_by(current_ability, :update).find(params[:id])
|
|
48
|
+
if @customer_return.update(customer_return_params)
|
|
49
|
+
respond_with(@customer_return.reload, default_template: :show)
|
|
50
|
+
else
|
|
51
|
+
invalid_resource!(@customer_return)
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
private
|
|
56
|
+
|
|
57
|
+
def load_order
|
|
58
|
+
@order ||= Spree::Order.find_by!(number: order_id)
|
|
59
|
+
authorize! :show, @order
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
def customer_return_params
|
|
63
|
+
params.require(:customer_return).permit(permitted_customer_return_attributes)
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
end
|
|
@@ -4,12 +4,12 @@ module Spree
|
|
|
4
4
|
module Api
|
|
5
5
|
class ImagesController < Spree::Api::BaseController
|
|
6
6
|
def index
|
|
7
|
-
@images = scope.images.accessible_by(current_ability
|
|
7
|
+
@images = scope.images.accessible_by(current_ability)
|
|
8
8
|
respond_with(@images)
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def show
|
|
12
|
-
@image =
|
|
12
|
+
@image = scope.images.accessible_by(current_ability, :show).find(params[:id])
|
|
13
13
|
respond_with(@image)
|
|
14
14
|
end
|
|
15
15
|
|
|
@@ -20,13 +20,13 @@ module Spree
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def update
|
|
23
|
-
@image =
|
|
23
|
+
@image = scope.images.accessible_by(current_ability, :update).find(params[:id])
|
|
24
24
|
@image.update(image_params)
|
|
25
25
|
respond_with(@image, default_template: :show)
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
def destroy
|
|
29
|
-
@image =
|
|
29
|
+
@image = scope.images.accessible_by(current_ability, :destroy).find(params[:id])
|
|
30
30
|
@image.destroy
|
|
31
31
|
respond_with(@image, status: 204)
|
|
32
32
|
end
|
|
@@ -26,7 +26,7 @@ module Spree
|
|
|
26
26
|
private
|
|
27
27
|
|
|
28
28
|
def inventory_unit
|
|
29
|
-
@inventory_unit ||= Spree::InventoryUnit.accessible_by(current_ability, :
|
|
29
|
+
@inventory_unit ||= Spree::InventoryUnit.accessible_by(current_ability, :show).find(params[:id])
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
def prepare_event
|
|
@@ -5,15 +5,15 @@ module Spree
|
|
|
5
5
|
class OptionTypesController < Spree::Api::BaseController
|
|
6
6
|
def index
|
|
7
7
|
if params[:ids]
|
|
8
|
-
@option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability
|
|
8
|
+
@option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability).where(id: params[:ids].split(','))
|
|
9
9
|
else
|
|
10
|
-
@option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability
|
|
10
|
+
@option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability).load.ransack(params[:q]).result
|
|
11
11
|
end
|
|
12
12
|
respond_with(@option_types)
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def show
|
|
16
|
-
@option_type = Spree::OptionType.accessible_by(current_ability, :
|
|
16
|
+
@option_type = Spree::OptionType.accessible_by(current_ability, :show).find(params[:id])
|
|
17
17
|
respond_with(@option_type)
|
|
18
18
|
end
|
|
19
19
|
|
|
@@ -46,9 +46,9 @@ module Spree
|
|
|
46
46
|
|
|
47
47
|
def scope
|
|
48
48
|
if params[:option_type_id]
|
|
49
|
-
@scope ||= Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability
|
|
49
|
+
@scope ||= Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability)
|
|
50
50
|
else
|
|
51
|
-
@scope ||= Spree::OptionValue.accessible_by(current_ability
|
|
51
|
+
@scope ||= Spree::OptionValue.accessible_by(current_ability).load
|
|
52
52
|
end
|
|
53
53
|
end
|
|
54
54
|
|
|
@@ -9,7 +9,7 @@ module Spree
|
|
|
9
9
|
def index
|
|
10
10
|
@product_properties = @product.
|
|
11
11
|
product_properties.
|
|
12
|
-
accessible_by(current_ability
|
|
12
|
+
accessible_by(current_ability).
|
|
13
13
|
ransack(params[:q]).
|
|
14
14
|
result
|
|
15
15
|
|
|
@@ -36,9 +36,8 @@ module Spree
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
def update
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
@product_property.update(product_property_params)
|
|
39
|
+
authorize! :update, @product_property
|
|
40
|
+
if @product_property.update(product_property_params)
|
|
42
41
|
respond_with(@product_property, status: 200, default_template: :show)
|
|
43
42
|
else
|
|
44
43
|
invalid_resource!(@product_property)
|
|
@@ -46,27 +45,23 @@ module Spree
|
|
|
46
45
|
end
|
|
47
46
|
|
|
48
47
|
def destroy
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
respond_with(@product_property, status: 204)
|
|
53
|
-
else
|
|
54
|
-
invalid_resource!(@product_property)
|
|
55
|
-
end
|
|
48
|
+
authorize! :destroy, @product_property
|
|
49
|
+
@product_property.destroy
|
|
50
|
+
respond_with(@product_property, status: 204)
|
|
56
51
|
end
|
|
57
52
|
|
|
58
53
|
private
|
|
59
54
|
|
|
60
55
|
def find_product
|
|
61
56
|
@product = super(params[:product_id])
|
|
62
|
-
authorize! :
|
|
57
|
+
authorize! :show, @product
|
|
63
58
|
end
|
|
64
59
|
|
|
65
60
|
def product_property
|
|
66
61
|
if @product
|
|
67
62
|
@product_property ||= @product.product_properties.find_by(id: params[:id])
|
|
68
|
-
@product_property ||= @product.product_properties.includes(:property).where(spree_properties: { name: params[:id] }).first
|
|
69
|
-
authorize! :
|
|
63
|
+
@product_property ||= @product.product_properties.includes(:property).where(spree_properties: { name: params[:id] }).first!
|
|
64
|
+
authorize! :show, @product_property
|
|
70
65
|
end
|
|
71
66
|
end
|
|
72
67
|
|
|
@@ -3,26 +3,17 @@
|
|
|
3
3
|
module Spree
|
|
4
4
|
module Api
|
|
5
5
|
class PromotionsController < Spree::Api::BaseController
|
|
6
|
-
before_action :requires_admin
|
|
7
6
|
before_action :load_promotion
|
|
8
7
|
|
|
9
8
|
def show
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
else
|
|
13
|
-
raise ActiveRecord::RecordNotFound
|
|
14
|
-
end
|
|
9
|
+
authorize! :show, @promotion
|
|
10
|
+
respond_with(@promotion, default_template: :show)
|
|
15
11
|
end
|
|
16
12
|
|
|
17
13
|
private
|
|
18
14
|
|
|
19
|
-
def requires_admin
|
|
20
|
-
return if @current_user_roles.include?("admin")
|
|
21
|
-
unauthorized && return
|
|
22
|
-
end
|
|
23
|
-
|
|
24
15
|
def load_promotion
|
|
25
|
-
@promotion = Spree::Promotion.
|
|
16
|
+
@promotion = Spree::Promotion.with_coupon_code(params[:id]) || Spree::Promotion.find(params[:id])
|
|
26
17
|
end
|
|
27
18
|
end
|
|
28
19
|
end
|
|
@@ -6,7 +6,7 @@ module Spree
|
|
|
6
6
|
before_action :find_property, only: [:show, :update, :destroy]
|
|
7
7
|
|
|
8
8
|
def index
|
|
9
|
-
@properties = Spree::Property.accessible_by(current_ability
|
|
9
|
+
@properties = Spree::Property.accessible_by(current_ability)
|
|
10
10
|
|
|
11
11
|
if params[:ids]
|
|
12
12
|
ids = params[:ids].split(",").flatten
|
|
@@ -59,9 +59,9 @@ module Spree
|
|
|
59
59
|
private
|
|
60
60
|
|
|
61
61
|
def find_property
|
|
62
|
-
@property = Spree::Property.accessible_by(current_ability, :
|
|
62
|
+
@property = Spree::Property.accessible_by(current_ability, :show).find(params[:id])
|
|
63
63
|
rescue ActiveRecord::RecordNotFound
|
|
64
|
-
@property = Spree::Property.accessible_by(current_ability, :
|
|
64
|
+
@property = Spree::Property.accessible_by(current_ability, :show).find_by!(name: params[:id])
|
|
65
65
|
end
|
|
66
66
|
|
|
67
67
|
def property_params
|
|
@@ -4,7 +4,7 @@ class Spree::Api::ResourceController < Spree::Api::BaseController
|
|
|
4
4
|
before_action :load_resource, only: [:show, :update, :destroy]
|
|
5
5
|
|
|
6
6
|
def index
|
|
7
|
-
collection_scope = model_class.accessible_by(current_ability
|
|
7
|
+
collection_scope = model_class.accessible_by(current_ability)
|
|
8
8
|
if params[:ids]
|
|
9
9
|
ids = params[:ids].split(",").flatten
|
|
10
10
|
collection_scope = collection_scope.where(id: ids)
|
|
@@ -65,7 +65,7 @@ class Spree::Api::ResourceController < Spree::Api::BaseController
|
|
|
65
65
|
protected
|
|
66
66
|
|
|
67
67
|
def load_resource
|
|
68
|
-
@object = model_class.accessible_by(current_ability, :
|
|
68
|
+
@object = model_class.accessible_by(current_ability, :show).find(params[:id])
|
|
69
69
|
instance_variable_set("@#{object_name}", @object)
|
|
70
70
|
end
|
|
71
71
|
|