solidus_core 1.1.0.pre1 → 1.1.0.pre2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of solidus_core might be problematic. Click here for more details.

Files changed (72) hide show
  1. checksums.yaml +4 -4
  2. data/app/mailers/spree/carton_mailer.rb +12 -1
  3. data/app/models/concerns/spree/user_address_book.rb +17 -8
  4. data/app/models/concerns/spree/user_methods.rb +3 -6
  5. data/app/models/spree/ability.rb +1 -1
  6. data/app/models/spree/adjustment.rb +1 -1
  7. data/app/models/spree/app_configuration.rb +11 -0
  8. data/app/models/spree/order.rb +6 -6
  9. data/app/models/spree/order/checkout.rb +9 -0
  10. data/app/models/spree/order_capturing.rb +4 -1
  11. data/app/models/spree/order_contents.rb +5 -0
  12. data/app/models/spree/order_shipping.rb +1 -1
  13. data/app/models/spree/payment.rb +5 -2
  14. data/app/models/spree/payment/processing.rb +1 -1
  15. data/app/models/spree/product.rb +1 -1
  16. data/app/models/spree/promotion.rb +8 -1
  17. data/app/models/spree/promotion/rules/first_repeat_purchase_since.rb +36 -0
  18. data/app/models/spree/promotion/rules/product.rb +2 -1
  19. data/app/models/spree/promotion_handler/cart.rb +1 -14
  20. data/app/models/spree/prototype.rb +3 -1
  21. data/app/models/spree/prototype_taxon.rb +6 -0
  22. data/app/models/spree/taxon.rb +2 -1
  23. data/app/models/spree/tracker.rb +1 -1
  24. data/app/models/spree/transfer_item.rb +2 -6
  25. data/config/locales/en.yml +10 -1
  26. data/db/default/spree/zones.rb +2 -2
  27. data/db/migrate/20140713140455_create_spree_return_authorization_reasons.rb +13 -11
  28. data/db/migrate/20150128032538_remove_environment_from_tracker.rb +6 -0
  29. data/db/migrate/20150515211137_fix_adjustment_order_id.rb +80 -0
  30. data/db/migrate/20150609093816_increase_scale_on_pre_tax_amounts.rb +16 -0
  31. data/db/migrate/20150826002555_convert_habtm_to_hmt_for_taxon_prototypes.rb +15 -0
  32. data/db/migrate/20151010003252_add_foreign_keys_for_taxons_prototypes.rb +6 -0
  33. data/db/migrate/20151013222921_remove_token_permissions_table.rb +16 -0
  34. data/db/migrate/20151014213349_rename_identifier_to_number_for_payment.rb +7 -0
  35. data/db/migrate/20151015203732_add_foreign_keys_for_product_promotion_rules.rb +9 -0
  36. data/db/migrate/20151021113730_add_sale_to_spree_promotions.rb +6 -0
  37. data/db/migrate/20151021163309_convert_sale_promotions.rb +28 -0
  38. data/lib/spree/core.rb +2 -0
  39. data/lib/spree/core/controller_helpers/strong_parameters.rb +7 -0
  40. data/lib/spree/core/engine.rb +2 -1
  41. data/lib/spree/deprecation.rb +3 -0
  42. data/lib/spree/mailer_previews/carton_preview.rb +1 -1
  43. data/lib/spree/permission_sets.rb +23 -0
  44. data/{app/models → lib}/spree/permission_sets/base.rb +0 -0
  45. data/{app/models → lib}/spree/permission_sets/configuration_display.rb +0 -0
  46. data/{app/models → lib}/spree/permission_sets/configuration_management.rb +0 -0
  47. data/{app/models → lib}/spree/permission_sets/dashboard_display.rb +0 -0
  48. data/{app/models → lib}/spree/permission_sets/default_customer.rb +2 -1
  49. data/{app/models → lib}/spree/permission_sets/order_display.rb +0 -0
  50. data/{app/models → lib}/spree/permission_sets/order_management.rb +0 -0
  51. data/{app/models → lib}/spree/permission_sets/product_display.rb +0 -0
  52. data/{app/models → lib}/spree/permission_sets/product_management.rb +0 -0
  53. data/{app/models → lib}/spree/permission_sets/promotion_display.rb +0 -0
  54. data/{app/models → lib}/spree/permission_sets/promotion_management.rb +0 -0
  55. data/{app/models → lib}/spree/permission_sets/report_display.rb +0 -0
  56. data/{app/models → lib}/spree/permission_sets/restricted_stock_display.rb +0 -0
  57. data/{app/models → lib}/spree/permission_sets/restricted_stock_management.rb +0 -0
  58. data/{app/models → lib}/spree/permission_sets/restricted_stock_transfer_display.rb +0 -0
  59. data/{app/models → lib}/spree/permission_sets/restricted_stock_transfer_management.rb +22 -12
  60. data/{app/models → lib}/spree/permission_sets/stock_display.rb +0 -0
  61. data/{app/models → lib}/spree/permission_sets/stock_management.rb +0 -0
  62. data/{app/models → lib}/spree/permission_sets/stock_transfer_display.rb +0 -0
  63. data/{app/models → lib}/spree/permission_sets/stock_transfer_management.rb +0 -0
  64. data/{app/models → lib}/spree/permission_sets/super_user.rb +0 -0
  65. data/{app/models → lib}/spree/permission_sets/user_display.rb +0 -0
  66. data/lib/spree/permission_sets/user_management.rb +21 -0
  67. data/lib/spree/permitted_attributes.rb +7 -4
  68. data/lib/spree/testing_support/factories/order_factory.rb +6 -2
  69. data/lib/spree/testing_support/factories/tracker_factory.rb +0 -1
  70. data/lib/spree/testing_support/order_walkthrough.rb +22 -19
  71. metadata +41 -27
  72. data/app/models/spree/permission_sets/user_management.rb +0 -12
@@ -0,0 +1,21 @@
1
+ module Spree
2
+ module PermissionSets
3
+ class UserManagement < PermissionSets::Base
4
+ def activate!
5
+ can [:admin, :display, :create, :update, :save_in_address_book, :remove_from_address_book, :addresses, :orders, :items], Spree.user_class
6
+
7
+ # due to how cancancan filters by associations,
8
+ # we have to define this twice, once for `accessible_by`
9
+ can :update_email, Spree.user_class, spree_roles: { id: nil }
10
+ # and once for `can?`
11
+ can :update_email, Spree.user_class do |user|
12
+ user.spree_roles.none?
13
+ end
14
+
15
+ cannot [:delete, :destroy], Spree.user_class
16
+ can :manage, Spree::StoreCredit
17
+ can :display, Spree::Role
18
+ end
19
+ end
20
+ end
21
+ end
@@ -80,8 +80,8 @@ module Spree
80
80
  @@return_authorization_attributes = [:memo, :stock_location_id, :return_reason_id, return_items_attributes: [:inventory_unit_id, :exchange_variant_id, :return_reason_id]]
81
81
 
82
82
  @@shipment_attributes = [
83
- :order, :special_instructions, :stock_location_id, :id,
84
- :tracking, :address, :inventory_units, :selected_shipping_rate_id]
83
+ :special_instructions, :stock_location_id, :id, :tracking,
84
+ :selected_shipping_rate_id]
85
85
 
86
86
  # month / year may be provided by some sources, or others may elect to use one field
87
87
  @@source_attributes = [
@@ -110,8 +110,11 @@ module Spree
110
110
 
111
111
  @@transfer_item_attributes = [:variant_id, :expected_quantity, :received_quantity]
112
112
 
113
- # TODO Should probably use something like Spree.user_class.attributes
114
- @@user_attributes = [:email, :password, :password_confirmation]
113
+ # intentionally leaving off email here to prevent privilege escalation
114
+ # by changing a user with higher priveleges' email to one a lower-priveleged
115
+ # admin owns. creating a user with an email is handled separate at the
116
+ # controller level
117
+ @@user_attributes = [:password, :password_confirmation]
115
118
 
116
119
  @@variant_attributes = [
117
120
  :name, :presentation, :cost_price, :lock_version,
@@ -60,8 +60,12 @@ FactoryGirl.define do
60
60
  payment_state 'paid'
61
61
  shipment_state 'ready'
62
62
 
63
- after(:create) do |order|
64
- create(:payment, amount: order.total, order: order, state: 'completed')
63
+ transient do
64
+ payment_type :credit_card_payment
65
+ end
66
+
67
+ after(:create) do |order, evaluator|
68
+ create(evaluator.payment_type, amount: order.total, order: order, state: 'completed')
65
69
  order.shipments.each do |shipment|
66
70
  shipment.inventory_units.update_all state: 'on_hand'
67
71
  shipment.update_column('state', 'ready')
@@ -1,6 +1,5 @@
1
1
  FactoryGirl.define do
2
2
  factory :tracker, class: Spree::Tracker do
3
- environment { Rails.env }
4
3
  analytics_id 'A100'
5
4
  active true
6
5
  end
@@ -1,18 +1,21 @@
1
1
  class OrderWalkthrough
2
2
  def self.up_to(state)
3
+ new.up_to(state)
4
+ end
5
+
6
+ def up_to(state)
3
7
  # Need to create a valid zone too...
4
- zone = FactoryGirl.create(:zone)
5
- country = FactoryGirl.create(:country)
6
- zone.members << Spree::ZoneMember.create(:zoneable => country)
7
- country.states << FactoryGirl.create(:state, :country => country)
8
+ @zone = FactoryGirl.create(:zone)
9
+ @country = FactoryGirl.create(:country)
10
+ @state = FactoryGirl.create(:state, :country => @country)
11
+
12
+ @zone.members << Spree::ZoneMember.create(:zoneable => @country)
8
13
 
9
14
  # A shipping method must exist for rates to be displayed on checkout page
10
- unless Spree::ShippingMethod.exists?
11
- FactoryGirl.create(:shipping_method).tap do |sm|
12
- sm.calculator.preferred_amount = 10
13
- sm.calculator.preferred_currency = Spree::Config[:currency]
14
- sm.calculator.save
15
- end
15
+ FactoryGirl.create(:shipping_method, zones: [@zone]).tap do |sm|
16
+ sm.calculator.preferred_amount = 10
17
+ sm.calculator.preferred_currency = Spree::Config[:currency]
18
+ sm.calculator.save
16
19
  end
17
20
 
18
21
  order = Spree::Order.create!(
@@ -38,22 +41,22 @@ class OrderWalkthrough
38
41
 
39
42
  private
40
43
 
41
- def self.add_line_item!(order)
44
+ def add_line_item!(order)
42
45
  FactoryGirl.create(:line_item, order: order)
43
46
  order.reload
44
47
  end
45
48
 
46
- def self.address(order)
47
- order.bill_address = FactoryGirl.create(:address, :country_id => Spree::Zone.global.members.first.zoneable.id)
48
- order.ship_address = FactoryGirl.create(:address, :country_id => Spree::Zone.global.members.first.zoneable.id)
49
+ def address(order)
50
+ order.bill_address = FactoryGirl.create(:address, :country => @country, state: @state)
51
+ order.ship_address = FactoryGirl.create(:address, :country => @country, state: @state)
49
52
  order.next!
50
53
  end
51
54
 
52
- def self.delivery(order)
55
+ def delivery(order)
53
56
  order.next!
54
57
  end
55
58
 
56
- def self.payment(order)
59
+ def payment(order)
57
60
  credit_card = FactoryGirl.create(:credit_card)
58
61
  order.payments.create!(:payment_method => credit_card.payment_method, :amount => order.total, source: credit_card)
59
62
  # TODO: maybe look at some way of making this payment_state change automatic
@@ -61,15 +64,15 @@ class OrderWalkthrough
61
64
  order.next!
62
65
  end
63
66
 
64
- def self.confirm(order)
67
+ def confirm(order)
65
68
  order.complete!
66
69
  end
67
70
 
68
- def self.complete(order)
71
+ def complete(order)
69
72
  #noop?
70
73
  end
71
74
 
72
- def self.states
75
+ def states
73
76
  [:address, :delivery, :payment, :confirm]
74
77
  end
75
78
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: solidus_core
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0.pre1
4
+ version: 1.1.0.pre2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Solidus Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-09-30 00:00:00.000000000 Z
11
+ date: 2015-11-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activemerchant
@@ -72,14 +72,14 @@ dependencies:
72
72
  requirements:
73
73
  - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: 1.10.0
75
+ version: '1.10'
76
76
  type: :runtime
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: 1.10.0
82
+ version: '1.10'
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: deface
85
85
  requirement: !ruby/object:Gem::Requirement
@@ -452,29 +452,6 @@ files:
452
452
  - app/models/spree/payment_method.rb
453
453
  - app/models/spree/payment_method/check.rb
454
454
  - app/models/spree/payment_method/store_credit.rb
455
- - app/models/spree/permission_sets/base.rb
456
- - app/models/spree/permission_sets/configuration_display.rb
457
- - app/models/spree/permission_sets/configuration_management.rb
458
- - app/models/spree/permission_sets/dashboard_display.rb
459
- - app/models/spree/permission_sets/default_customer.rb
460
- - app/models/spree/permission_sets/order_display.rb
461
- - app/models/spree/permission_sets/order_management.rb
462
- - app/models/spree/permission_sets/product_display.rb
463
- - app/models/spree/permission_sets/product_management.rb
464
- - app/models/spree/permission_sets/promotion_display.rb
465
- - app/models/spree/permission_sets/promotion_management.rb
466
- - app/models/spree/permission_sets/report_display.rb
467
- - app/models/spree/permission_sets/restricted_stock_display.rb
468
- - app/models/spree/permission_sets/restricted_stock_management.rb
469
- - app/models/spree/permission_sets/restricted_stock_transfer_display.rb
470
- - app/models/spree/permission_sets/restricted_stock_transfer_management.rb
471
- - app/models/spree/permission_sets/stock_display.rb
472
- - app/models/spree/permission_sets/stock_management.rb
473
- - app/models/spree/permission_sets/stock_transfer_display.rb
474
- - app/models/spree/permission_sets/stock_transfer_management.rb
475
- - app/models/spree/permission_sets/super_user.rb
476
- - app/models/spree/permission_sets/user_display.rb
477
- - app/models/spree/permission_sets/user_management.rb
478
455
  - app/models/spree/preference.rb
479
456
  - app/models/spree/preferences/configuration.rb
480
457
  - app/models/spree/preferences/preferable.rb
@@ -496,6 +473,7 @@ files:
496
473
  - app/models/spree/promotion/actions/create_quantity_adjustments.rb
497
474
  - app/models/spree/promotion/actions/free_shipping.rb
498
475
  - app/models/spree/promotion/rules/first_order.rb
476
+ - app/models/spree/promotion/rules/first_repeat_purchase_since.rb
499
477
  - app/models/spree/promotion/rules/item_total.rb
500
478
  - app/models/spree/promotion/rules/nth_order.rb
501
479
  - app/models/spree/promotion/rules/one_use_per_user.rb
@@ -518,6 +496,7 @@ files:
518
496
  - app/models/spree/promotion_rule_user.rb
519
497
  - app/models/spree/property.rb
520
498
  - app/models/spree/prototype.rb
499
+ - app/models/spree/prototype_taxon.rb
521
500
  - app/models/spree/refund.rb
522
501
  - app/models/spree/refund_reason.rb
523
502
  - app/models/spree/reimbursement.rb
@@ -826,6 +805,7 @@ files:
826
805
  - db/migrate/20150121202544_add_restock_inventory_to_stock_location.rb
827
806
  - db/migrate/20150122202432_add_code_to_spree_promotion_categories.rb
828
807
  - db/migrate/20150127161843_create_order_stock_locations.rb
808
+ - db/migrate/20150128032538_remove_environment_from_tracker.rb
829
809
  - db/migrate/20150203151219_add_fulfillable_to_stock_location.rb
830
810
  - db/migrate/20150205210527_add_code_to_refund_reason.rb
831
811
  - db/migrate/20150213160148_add_promotion_code_id_to_orders_promotions.rb
@@ -861,9 +841,11 @@ files:
861
841
  - db/migrate/20150514185559_add_invalidated_at_to_spree_store_credits.rb
862
842
  - db/migrate/20150514201836_migrate_deleted_store_credits_to_invalidated.rb
863
843
  - db/migrate/20150515170322_add_check_stock_on_transfer.rb
844
+ - db/migrate/20150515211137_fix_adjustment_order_id.rb
864
845
  - db/migrate/20150528125647_delete_inventory_units_without_shipment.rb
865
846
  - db/migrate/20150601191251_add_deleted_at_to_stock_transfers.rb
866
847
  - db/migrate/20150601204148_add_deleted_at_to_transfer_items.rb
848
+ - db/migrate/20150609093816_increase_scale_on_pre_tax_amounts.rb
867
849
  - db/migrate/20150609193231_add_preferences_to_promotion_actions.rb
868
850
  - db/migrate/20150610182638_add_id_to_spree_option_values_variants.rb
869
851
  - db/migrate/20150611200247_add_frontend_viewable_to_spree_orders.rb
@@ -889,7 +871,14 @@ files:
889
871
  - db/migrate/20150824213633_convert_habtm_to_hmt_for_shipping_methods_zones.rb
890
872
  - db/migrate/20150824214129_convert_habtm_to_hmt_for_products_promotion_rules.rb
891
873
  - db/migrate/20150825204216_drop_spree_gateways.rb
874
+ - db/migrate/20150826002555_convert_habtm_to_hmt_for_taxon_prototypes.rb
892
875
  - db/migrate/20150909123605_create_variant_properties_and_rules.rb
876
+ - db/migrate/20151010003252_add_foreign_keys_for_taxons_prototypes.rb
877
+ - db/migrate/20151013222921_remove_token_permissions_table.rb
878
+ - db/migrate/20151014213349_rename_identifier_to_number_for_payment.rb
879
+ - db/migrate/20151015203732_add_foreign_keys_for_product_promotion_rules.rb
880
+ - db/migrate/20151021113730_add_sale_to_spree_promotions.rb
881
+ - db/migrate/20151021163309_convert_sale_promotions.rb
893
882
  - db/seeds.rb
894
883
  - lib/generators/spree/custom_user/custom_user_generator.rb
895
884
  - lib/generators/spree/custom_user/templates/authentication_helpers.rb.tt
@@ -939,12 +928,37 @@ files:
939
928
  - lib/spree/core/unreturned_item_charger.rb
940
929
  - lib/spree/core/validators/email.rb
941
930
  - lib/spree/core/version.rb
931
+ - lib/spree/deprecation.rb
942
932
  - lib/spree/i18n.rb
943
933
  - lib/spree/localized_number.rb
944
934
  - lib/spree/mailer_previews/carton_preview.rb
945
935
  - lib/spree/mailer_previews/order_preview.rb
946
936
  - lib/spree/migrations.rb
947
937
  - lib/spree/money.rb
938
+ - lib/spree/permission_sets.rb
939
+ - lib/spree/permission_sets/base.rb
940
+ - lib/spree/permission_sets/configuration_display.rb
941
+ - lib/spree/permission_sets/configuration_management.rb
942
+ - lib/spree/permission_sets/dashboard_display.rb
943
+ - lib/spree/permission_sets/default_customer.rb
944
+ - lib/spree/permission_sets/order_display.rb
945
+ - lib/spree/permission_sets/order_management.rb
946
+ - lib/spree/permission_sets/product_display.rb
947
+ - lib/spree/permission_sets/product_management.rb
948
+ - lib/spree/permission_sets/promotion_display.rb
949
+ - lib/spree/permission_sets/promotion_management.rb
950
+ - lib/spree/permission_sets/report_display.rb
951
+ - lib/spree/permission_sets/restricted_stock_display.rb
952
+ - lib/spree/permission_sets/restricted_stock_management.rb
953
+ - lib/spree/permission_sets/restricted_stock_transfer_display.rb
954
+ - lib/spree/permission_sets/restricted_stock_transfer_management.rb
955
+ - lib/spree/permission_sets/stock_display.rb
956
+ - lib/spree/permission_sets/stock_management.rb
957
+ - lib/spree/permission_sets/stock_transfer_display.rb
958
+ - lib/spree/permission_sets/stock_transfer_management.rb
959
+ - lib/spree/permission_sets/super_user.rb
960
+ - lib/spree/permission_sets/user_display.rb
961
+ - lib/spree/permission_sets/user_management.rb
948
962
  - lib/spree/permitted_attributes.rb
949
963
  - lib/spree/promo/environment.rb
950
964
  - lib/spree/responder.rb
@@ -1,12 +0,0 @@
1
- module Spree
2
- module PermissionSets
3
- class UserManagement < PermissionSets::Base
4
- def activate!
5
- can :manage, Spree.user_class
6
- cannot [:delete, :destroy], Spree.user_class
7
- can :manage, Spree::StoreCredit
8
- can :display, Spree::Role
9
- end
10
- end
11
- end
12
- end