solidus_core 2.11.10 → 2.11.14

Sign up to get free protection for your applications and to get access to all the features.
Files changed (15) hide show
  1. checksums.yaml +4 -4
  2. data/app/models/spree/order.rb +1 -1
  3. data/app/models/spree/payment/cancellation.rb +22 -3
  4. data/app/models/spree/product.rb +0 -1
  5. data/app/models/spree/stock/simple_coordinator.rb +6 -1
  6. data/app/models/spree/variant.rb +1 -1
  7. data/lib/spree/core/engine.rb +8 -0
  8. data/lib/spree/core/validators/email.rb +1 -1
  9. data/lib/spree/core/version.rb +1 -1
  10. data/lib/spree/permitted_attributes.rb +7 -1
  11. data/lib/spree/testing_support/blacklist_urls.rb +1 -1
  12. data/lib/spree/testing_support/dummy_app.rb +1 -0
  13. data/lib/tasks/migrations/migrate_default_billing_addresses_to_address_book.rake +13 -6
  14. data/lib/tasks/solidus/check_orders_with_invalid_email.rake +18 -0
  15. metadata +6 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8eb3e5a4b41af8809472fc7d7875fd2be9101bc2673b2d289bc32e5f6bc0cabc
4
- data.tar.gz: 48aac9f88550bbaa4ce69271426877fed50459b23c5fe3109bed565e553fe0b3
3
+ metadata.gz: 951e0e89e1af8c513b29c60dfbfadcf052e1a7de740535d50153ad6be0115778
4
+ data.tar.gz: 55c861630141295e78ae954c25954e32a5170fa9764f9f586e6c408b2f67167d
5
5
  SHA512:
6
- metadata.gz: 7b3adaf152c0e1a8bf34de8bf8577a8a369e51a6acb0215b558f055a1235b1b7499e50778cc040cf08221ee98d79df07d72b9112f61ad3158dd226b5c8af73e1
7
- data.tar.gz: dd950b0d62311e85c9e72cea449650b04d9388c2443e1dbb187bc885bf24f128338fb96e0b0b5eb177b9b444c2bb738b8d59d6bfdb298eb774b7391367e15b2d
6
+ metadata.gz: 6a7d5eb25cc8d7f509f1de83adcc830872ed3694accbb7f79ecb689ff3d4008551c5deb2058dcbc9157132aada24562013643888c3a3ad269672e1d2ac0a3689
7
+ data.tar.gz: 7a71356dbd7487559b25fa92604a9a7b787752a28e42cb2b373dcf7da15406fdb378ab5b2b7a934f2700546cd71210419334ca4261afb01cde7d6fa229d20d27
data/app/models/spree/order.rb CHANGED
@@ -584,7 +584,7 @@ module Spree
584
584
  raise CannotRebuildShipments.new(I18n.t('spree.cannot_rebuild_shipments_shipments_not_pending'))
585
585
  else
586
586
  shipments.destroy_all
587
- self.shipments = Spree::Config.stock.coordinator_class.new(self).shipments
587
+ shipments.push(*Spree::Config.stock.coordinator_class.new(self).shipments)
588
588
  end
589
589
  end
590
590
 
data/app/models/spree/payment/cancellation.rb CHANGED
@@ -26,10 +26,16 @@ module Spree
26
26
  # @param payment [Spree::Payment] - the payment that should be canceled
27
27
  #
28
28
  def cancel(payment)
29
- if response = payment.payment_method.try_void(payment)
30
- payment.handle_void_response(response)
29
+ # For payment methods already implemeting `try_void`
30
+ if try_void_available?(payment.payment_method)
31
+ if response = payment.payment_method.try_void(payment)
32
+ payment.handle_void_response(response)
33
+ else
34
+ payment.refunds.create!(amount: payment.credit_allowed, reason: refund_reason, perform_after_create: false).perform!
35
+ end
31
36
  else
32
- payment.refunds.create!(amount: payment.credit_allowed, reason: refund_reason, perform_after_create: false).perform!
37
+ # For payment methods not yet implemeting `try_void`
38
+ deprecated_behavior(payment)
33
39
  end
34
40
  end
35
41
 
@@ -38,6 +44,19 @@ module Spree
38
44
  def refund_reason
39
45
  Spree::RefundReason.where(name: reason).first_or_create
40
46
  end
47
+
48
+ def try_void_available?(payment_method)
49
+ payment_method.respond_to?(:try_void) &&
50
+ payment_method.method(:try_void).owner != Spree::PaymentMethod
51
+ end
52
+
53
+ def deprecated_behavior(payment)
54
+ Spree::Deprecation.warn "#{payment.payment_method.class.name}#cancel is deprecated and will be removed. " \
55
+ 'Please implement a `try_void` method instead that returns a response object if void succeeds ' \
56
+ 'or `false|nil` if not. Solidus will refund the payment then.'
57
+ response = payment.payment_method.cancel(payment.response_code)
58
+ payment.handle_void_response(response)
59
+ end
41
60
  end
42
61
  end
43
62
  end
data/app/models/spree/product.rb CHANGED
@@ -49,7 +49,6 @@ module Spree
49
49
 
50
50
  has_many :variants,
51
51
  -> { where(is_master: false).order(:position) },
52
- inverse_of: :product,
53
52
  class_name: 'Spree::Variant'
54
53
 
55
54
  has_many :variants_including_master,
data/app/models/spree/stock/simple_coordinator.rb CHANGED
@@ -73,11 +73,16 @@ module Spree
73
73
  packages = split_packages(packages)
74
74
 
75
75
  # Turn the Stock::Packages into a Shipment with rates
76
- packages.map do |package|
76
+ shipments = packages.map do |package|
77
77
  shipment = package.shipment = package.to_shipment
78
78
  shipment.shipping_rates = Spree::Config.stock.estimator_class.new.shipping_rates(package)
79
79
  shipment
80
80
  end
81
+
82
+ # Make sure we don't add the proposed shipments to the order
83
+ order.shipments = order.shipments - shipments
84
+
85
+ shipments
81
86
  end
82
87
 
83
88
  def split_packages(initial_packages)
data/app/models/spree/variant.rb CHANGED
@@ -30,7 +30,7 @@ module Spree
30
30
  attr_writer :rebuild_vat_prices
31
31
  include Spree::DefaultPrice
32
32
 
33
- belongs_to :product, -> { with_discarded }, touch: true, class_name: 'Spree::Product', inverse_of: :variants, optional: false
33
+ belongs_to :product, -> { with_discarded }, touch: true, class_name: 'Spree::Product', inverse_of: :variants_including_master, optional: false
34
34
  belongs_to :tax_category, class_name: 'Spree::TaxCategory', optional: true
35
35
 
36
36
  delegate :name, :description, :slug, :available_on, :discontinue_on, :discontinued?,
data/lib/spree/core/engine.rb CHANGED
@@ -103,6 +103,14 @@ module Spree
103
103
  end
104
104
  end
105
105
  end
106
+
107
+ config.after_initialize do
108
+ if defined?(Spree::Auth::Engine) &&
109
+ Gem::Version.new(Spree::Auth::VERSION) < Gem::Version.new('2.5.4') &&
110
+ defined?(Spree::UsersController)
111
+ Spree::UsersController.protect_from_forgery with: :exception
112
+ end
113
+ end
106
114
  end
107
115
  end
108
116
  end
data/lib/spree/core/validators/email.rb CHANGED
@@ -12,7 +12,7 @@ module Spree
12
12
  # end
13
13
  #
14
14
  class EmailValidator < ActiveModel::EachValidator
15
- EMAIL_REGEXP = /\A([^@\.]|[^@\.]([^@\s]*)[^@\.])@([^@\s]+\.)+[^@\s]+\z/
15
+ EMAIL_REGEXP = URI::MailTo::EMAIL_REGEXP
16
16
 
17
17
  def validate_each(record, attribute, value)
18
18
  unless EMAIL_REGEXP.match? value
data/lib/spree/core/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Spree
4
- VERSION = "2.11.10"
4
+ VERSION = "2.11.14"
5
5
 
6
6
  def self.solidus_version
7
7
  VERSION
data/lib/spree/permitted_attributes.rb CHANGED
@@ -52,7 +52,13 @@ module Spree
52
52
  :month, :year, :expiry, :first_name, :last_name, :name
53
53
  ]
54
54
 
55
- @@customer_return_attributes = [:stock_location_id, return_items_attributes: [:id, :inventory_unit_id, :return_authorization_id, :returned, :amount, :reception_status_event, :acceptance_status, :exchange_variant_id, :resellable]]
55
+ @@customer_return_attributes = [
56
+ :stock_location_id, return_items_attributes: [
57
+ :id, :inventory_unit_id, :return_authorization_id, :returned, :amount,
58
+ :reception_status_event, :acceptance_status, :exchange_variant_id,
59
+ :resellable, :return_reason_id
60
+ ]
61
+ ]
56
62
 
57
63
  @@image_attributes = [:alt, :attachment, :position, :viewable_type, :viewable_id]
58
64
 
data/lib/spree/testing_support/blacklist_urls.rb CHANGED
@@ -5,7 +5,7 @@ module Spree
5
5
  module BlacklistUrls
6
6
  def setup_url_blacklist(browser)
7
7
  if browser.respond_to?(:url_blacklist)
8
- browser.url_blacklist = ['http://fonts.googleapis.com']
8
+ browser.url_blacklist = ['https://fonts.googleapis.com']
9
9
  end
10
10
  end
11
11
  end
data/lib/spree/testing_support/dummy_app.rb CHANGED
@@ -45,6 +45,7 @@ module DummyApp
45
45
  end
46
46
 
47
47
  class Application < ::Rails::Application
48
+ config.has_many_inverse = true
48
49
  config.eager_load = false
49
50
  config.cache_classes = true
50
51
  config.cache_store = :memory_store
data/lib/tasks/migrations/migrate_default_billing_addresses_to_address_book.rake CHANGED
@@ -3,22 +3,29 @@
3
3
  namespace :solidus do
4
4
  namespace :migrations do
5
5
  namespace :migrate_default_billing_addresses_to_address_book do
6
- task up: :environment do
7
- print "Migrating default billing addresses to address book ... "
6
+ task :up, [:batch_size] => [:environment] do |_t, args|
7
+ batch_size = args[:batch_size] || 100_000
8
+ print "Migrating default billing addresses to address book in batches of #{batch_size} ... "
8
9
  if Spree::UserAddress.where(default_billing: true).any?
9
- Spree.user_class.joins(:bill_address).update_all(bill_address_id: nil) # rubocop:disable Rails/SkipsModelValidations
10
+ Spree.user_class.joins(:bill_address).in_batches(of: batch_size).each do |batch|
11
+ batch.update_all(bill_address_id: nil) # rubocop:disable Rails/SkipsModelValidations
12
+ end
10
13
  end
11
14
  Spree::UserAddress.joins(
12
15
  <<~SQL
13
16
  JOIN spree_users ON spree_user_addresses.user_id = spree_users.id
14
17
  AND spree_user_addresses.address_id = spree_users.bill_address_id
15
18
  SQL
16
- ).update_all(default_billing: true)
19
+ ).in_batches(of: batch_size).each do |batch|
20
+ batch.update_all(default_billing: true) # rubocop:disable Rails/SkipsModelValidations
21
+ end
22
+
17
23
  puts "Success"
18
24
  end
19
25
 
20
- task down: :environment do
21
- Spree::UserAddress.update_all(default_billing: false) # rubocop:disable Rails/SkipsModelValidations
26
+ task :down, [:batch_size] => [:environment] do |_t, args|
27
+ batch_size = args[:batch_size] || 100_000
28
+ Spree::UserAddress.in_batches(of: batch_size).update_all(default_billing: false) # rubocop:disable Rails/SkipsModelValidations
22
29
  puts "Rolled back default billing address migration to address book"
23
30
  end
24
31
  end
data/lib/tasks/solidus/check_orders_with_invalid_email.rake ADDED
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ namespace :solidus do
4
+ desc 'Prints orders with invalid email (after fix for GHSA-qxmr-qxh6-2cc9)'
5
+ task check_orders_with_invalid_email: :environment do
6
+ matches = Spree::Order.find_each.reduce([]) do |matches, order|
7
+ order.email.nil? || Spree::EmailValidator::EMAIL_REGEXP.match?(order.email) ? matches : matches + [order]
8
+ end
9
+ if matches.any?
10
+ puts 'Email / ID / Number'
11
+ puts(matches.map do |order|
12
+ "#{order.email} / #{order.id} / #{order.number}"
13
+ end.join("\n"))
14
+ else
15
+ puts 'NO MATCHES'
16
+ end
17
+ end
18
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: solidus_core
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.11.10
4
+ version: 2.11.14
5
5
  platform: ruby
6
6
  authors:
7
7
  - Solidus Team
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-10 00:00:00.000000000 Z
11
+ date: 2021-12-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionmailer
@@ -942,6 +942,7 @@ files:
942
942
  - lib/tasks/migrations/migrate_user_addresses.rake
943
943
  - lib/tasks/migrations/rename_gateways.rake
944
944
  - lib/tasks/order_capturing.rake
945
+ - lib/tasks/solidus/check_orders_with_invalid_email.rake
945
946
  - lib/tasks/upgrade.rake
946
947
  - solidus_core.gemspec
947
948
  - vendor/assets/javascripts/jquery.payment.js
@@ -985,8 +986,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
985
986
  - !ruby/object:Gem::Version
986
987
  version: 1.8.23
987
988
  requirements: []
988
- rubygems_version: 3.1.4
989
- signing_key:
989
+ rubygems_version: 3.1.2
990
+ signing_key:
990
991
  specification_version: 4
991
992
  summary: Essential models, mailers, and classes for the Solidus e-commerce project.
992
993
  test_files: []