RubyGems - solidus_frontend - Versions diffs - 2.10.0.beta1 → 2.10.5 - Mend

solidus_frontend 2.10.0.beta1 → 2.10.5

Potentially problematic release.

This version of solidus_frontend might be problematic. Click here for more details.

Files changed (11) hide show

checksums.yaml +4 -4
data/app/assets/stylesheets/spree/frontend/screen.css.scss +3 -3
data/app/controllers/spree/checkout_controller.rb +21 -5
data/app/controllers/spree/orders_controller.rb +6 -2
data/lib/generators/solidus/views/override_generator.rb +3 -2
data/lib/spree/frontend/middleware/seo_assist.rb +4 -4
data/solidus_frontend.gemspec +1 -1
data/spec/controllers/spree/checkout_controller_spec.rb +41 -12
data/spec/controllers/spree/orders_controller_spec.rb +25 -0
data/spec/features/checkout_spec.rb +59 -0
metadata +11 -11

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 310fa3a7c2ffb353cad6a3c0079333d95c073943e0abc47fab729f5540adc33d
-  data.tar.gz: 450b021d8e2016edcc7b0a0a219437077a41e9d0336cef670ddbf5ab1cdea3d6
+  metadata.gz: ce7f908d3872005dd581845445d085019bd2a9386418024ac13c0a80b07182cb
+  data.tar.gz: 1e99aabbf189a2731f6bdf656312e30c66fa683d2246d679a2ae825003857fce
 SHA512:
-  metadata.gz: dd6a633f4cb60280996525a0baf5dfeb26de2a8b6b09ccd8764b3ae875a6f7ed1ce9042de398fe71e55f86b5e5a8fb7eec451e830d04f907409227651eeb23fa
-  data.tar.gz: d58fb10140bcef216ae59b79ce1cb53237c7d8b19556dc5dc7cde72fa36d0bc7d37ad8815cc7b7c595145447f66f9d9cef5b0b6b23b8d3a84e39b71eb482f1b5
+  metadata.gz: a731ec7c6b6919a6a45b4c4774eaad542eb9b81a175f3bec58835cedb357da13c3db0c98b142ab123ef50d6825deb84a44ee407986599ee03dbee0aad1e0a2df
+  data.tar.gz: 20a84b9001b6f4de3a8ed97e817d2ce942eb7111d3619505de4d721ca3eb46fe24cb7c034e0d3daf24216b2f078fd76754710dcb2523b38d376bdbbc01f98b0f

data/app/assets/stylesheets/spree/frontend/screen.css.scss CHANGED Viewed

@@ -963,8 +963,8 @@ p[data-hook="use_billing"] {
   }
   input[type="text"] {
-    flex: 3 0;
-    width: 100%;
+    flex: 1 auto;
+    width: 50%;
     margin-right: 5px;
   }
@@ -1268,7 +1268,7 @@ table.order-summary {
 // # Logo
 #logo {
   padding: 20px 0;
   > a {
     display: inline-block;
   }

data/app/controllers/spree/checkout_controller.rb CHANGED Viewed

@@ -17,7 +17,7 @@ module Spree
     before_action :associate_user
     before_action :check_authorization
-    before_action :apply_coupon_code
+    before_action :apply_coupon_code, only: [:update]
     before_action :setup_for_current_state, only: [:edit, :update]
@@ -87,11 +87,23 @@ module Spree
     end
     def update_params
-      if update_params = massaged_params[:order]
-        update_params.permit(permitted_checkout_attributes)
+      case params[:state].to_sym
+      when :address
+        massaged_params.require(:order).permit(
+          permitted_checkout_address_attributes
+        )
+      when :delivery
+        massaged_params.require(:order).permit(
+          permitted_checkout_delivery_attributes
+        )
+      when :payment
+        massaged_params.require(:order).permit(
+          permitted_checkout_payment_attributes
+        )
       else
-        # We currently allow update requests without any parameters in them.
-        {}
+        massaged_params.fetch(:order, {}).permit(
+          permitted_checkout_confirm_attributes
+        )
       end
     end
@@ -137,6 +149,10 @@ module Spree
       redirect_to(spree.cart_path) && return unless @order
     end
+    # Allow the customer to only go back or stay on the current state
+    # when trying to change it via params[:state]. It's not allowed to
+    # jump forward and skip states (unless #skip_state_validation? is
+    # truthy).
     def set_state_if_present
       if params[:state]
         redirect_to checkout_state_path(@order.state) if @order.can_go_to_state?(params[:state]) && !skip_state_validation?

data/app/controllers/spree/orders_controller.rb CHANGED Viewed

@@ -42,6 +42,10 @@ module Spree
       @order = current_order || Spree::Order.incomplete.find_or_initialize_by(guest_token: cookies.signed[:guest_token])
       authorize! :read, @order, cookies.signed[:guest_token]
       associate_user
+      if params[:id] && @order.number != params[:id]
+        flash[:error] = t('spree.cannot_edit_orders')
+        redirect_to cart_path
+      end
     end
     # Adds a new item to the order (creating a new order if none already exists)
@@ -59,8 +63,8 @@ module Spree
       begin
         @line_item = @order.contents.add(variant, quantity)
-      rescue ActiveRecord::RecordInvalid => e
-        @order.errors.add(:base, e.record.errors.full_messages.join(", "))
+      rescue ActiveRecord::RecordInvalid => error
+        @order.errors.add(:base, error.record.errors.full_messages.join(", "))
       end
       respond_with(@order) do |format|

data/lib/generators/solidus/views/override_generator.rb CHANGED Viewed

@@ -24,6 +24,7 @@ module Solidus
       def copy_views
         views_to_copy.each do |file|
           next if File.directory?(file)
           dest_file = Pathname.new(file).relative_path_from(source_dir)
           copy_file file, Rails.root.join('app', 'views', 'spree', dest_file)
         end
@@ -33,8 +34,8 @@ module Solidus
       def views_to_copy
         if @options['only']
-          VIEWS.select do |v|
-            Pathname.new(v).relative_path_from(source_dir).to_s.include?(@options['only'])
+          VIEWS.select do |view|
+            Pathname.new(view).relative_path_from(source_dir).to_s.include?(@options['only'])
           end
         else
           VIEWS

data/lib/spree/frontend/middleware/seo_assist.rb CHANGED Viewed

@@ -38,11 +38,11 @@ module Spree
         end
         def build_query(params)
-          params.map { |k, v|
-            if v.class == Array
-              build_query(v.map { |x| ["#{k}[]", x] })
+          params.map { |key, value|
+            if value.class == Array
+              build_query(value.map { |parameter| ["#{key}[]", parameter] })
             else
-              k + "=" + Rack::Utils.escape(v)
+              key + "=" + Rack::Utils.escape(value)
             end
           }.join("&")
         end

data/solidus_frontend.gemspec CHANGED Viewed

@@ -18,7 +18,7 @@ Gem::Specification.new do |s|
   s.require_path = 'lib'
   s.requirements << 'none'
-  s.required_ruby_version = '>= 2.2.2'
+  s.required_ruby_version = '>= 2.4.0'
   s.required_rubygems_version = '>= 1.8.23'
   s.add_dependency 'solidus_api', s.version

data/spec/controllers/spree/checkout_controller_spec.rb CHANGED Viewed

@@ -68,7 +68,7 @@ describe Spree::CheckoutController, type: :controller do
     it 'should check if the user is authorized for :edit' do
       expect(controller).to receive(:authorize!).with(:edit, order, token)
       request.cookie_jar.signed[:guest_token] = token
-      post :update, params: { state: 'address' }
+      post :update, params: { state: 'address', order: { bill_address_attributes: address_params } }
     end
     context "save successful" do
@@ -96,7 +96,7 @@ describe Spree::CheckoutController, type: :controller do
         end
         it "should assign order" do
-          post :update, params: { state: "address" }
+          post :update, params: { state: "address", order: { bill_address_attributes: address_params } }
           expect(assigns[:order]).not_to be_nil
         end
@@ -271,6 +271,31 @@ describe Spree::CheckoutController, type: :controller do
             expect(order.payments).to be_empty
           end
         end
+        context 'trying to change the address' do
+          let(:params) do
+            {
+              state: 'payment',
+              order: {
+                payments_attributes: [
+                  {
+                    payment_method_id: payment_method.id.to_s,
+                    source_attributes: attributes_for(:credit_card)
+                  }
+                ],
+                ship_address_attributes: {
+                  zipcode: 'TEST'
+                }
+              }
+            }
+          end
+          it 'does not change the address' do
+            expect do
+              post :update, params: params
+            end.not_to change { order.reload.ship_address.zipcode }
+          end
+        end
       end
       context "when in the confirm state" do
@@ -310,16 +335,18 @@ describe Spree::CheckoutController, type: :controller do
       end
       it "should not assign order" do
-        post :update, params: { state: "address", email: '' }
+        post :update, params: { state: "address", order: { email: ''}  }
         expect(assigns[:order]).not_to be_nil
       end
       it "should not change the order state" do
-        post :update, params: { state: 'address' }
+        expect do
+          post :update, params: { state: 'address', order: { bill_address_attributes: address_params } }
+        end.not_to change { order.reload.state }
       end
       it "should render the edit template" do
-        post :update, params: { state: 'address' }
+        post :update, params: { state: 'address', order: { bill_address_attributes: address_params } }
         expect(response).to render_template :edit
       end
     end
@@ -342,7 +369,7 @@ describe Spree::CheckoutController, type: :controller do
       before do
         order.update! user: user
         allow(order).to receive(:next).and_raise(Spree::Core::GatewayError.new("Invalid something or other."))
-        post :update, params: { state: "address" }
+        post :update, params: { state: "address", order: { bill_address_attributes: address_params } }
       end
       it "should render the edit template and display exception message" do
@@ -373,7 +400,7 @@ describe Spree::CheckoutController, type: :controller do
         end
         it "due to the order having errors" do
-          put :update, params: { state: order.state, order: {} }
+          put :update, params: { state: order.state, order: { bill_address_attributes: address_params } }
           expect(flash[:error]).to eq("Base error\nAdjustments error")
           expect(response).to redirect_to(spree.checkout_state_path('address'))
         end
@@ -387,7 +414,7 @@ describe Spree::CheckoutController, type: :controller do
         end
         it "due to no available shipping rates for any of the shipments" do
-          put :update, params: { state: "address", order: {} }
+          put :update, params: { state: "address", order: { bill_address_attributes: address_params } }
           expect(flash[:error]).to eq(I18n.t('spree.items_cannot_be_shipped'))
           expect(response).to redirect_to(spree.checkout_state_path('address'))
         end
@@ -437,7 +464,7 @@ describe Spree::CheckoutController, type: :controller do
         end
         it "redirects the customer to the cart page with an error message" do
-          put :update, params: { state: order.state, order: {} }
+          put :update, params: { state: order.state, order: { bill_address_attributes: address_params } }
           expect(flash[:error]).to eq(I18n.t('spree.insufficient_stock_for_order'))
           expect(response).to redirect_to(spree.cart_path)
         end
@@ -494,9 +521,11 @@ describe Spree::CheckoutController, type: :controller do
       allow(controller).to receive_messages check_authorization: true
     end
-    it "doesn't set shipping address on the order" do
+    # This does not test whether the shipping address is set via params.
+    # It only tests whether it is set in the before action.
+    it "doesn't set a default shipping address on the order" do
       expect(order).to_not receive(:ship_address=)
-      post :update, params: { state: order.state }
+      post :update, params: { state: order.state, order: { bill_address_attributes: address_params } }
     end
     it "doesn't remove unshippable items before payment" do
@@ -511,7 +540,7 @@ describe Spree::CheckoutController, type: :controller do
     allow(controller).to receive_messages check_authorization: true
     expect {
-      post :update, params: { state: "payment" }
+      post :update, params: { state: "payment", order: { email: "johndoe@example.com"} }
     }.to change { order.line_items.to_a.size }.from(1).to(0)
   end

data/spec/controllers/spree/orders_controller_spec.rb CHANGED Viewed

@@ -102,6 +102,31 @@ describe Spree::OrdersController, type: :controller do
       end
     end
+    context '#edit' do
+      before do
+        allow(controller).to receive :authorize!
+        allow(controller).to receive_messages current_order: order
+      end
+      it 'should render cart' do
+        get :edit, params: { id: order.number }
+        expect(flash[:error]).to be_nil
+        expect(response).to be_ok
+      end
+      context 'with another order number than the current_order' do
+        let(:other_order) { create(:completed_order_with_totals) }
+        it 'should display error message' do
+          get :edit, params: { id: other_order.number }
+          expect(flash[:error]).to eq "You may only edit your current shopping cart."
+          expect(response).to redirect_to cart_path
+        end
+      end
+    end
     context "#update" do
       context "with authorization" do
         before do

data/spec/features/checkout_spec.rb CHANGED Viewed

@@ -374,6 +374,14 @@ describe "Checkout", type: :feature, inaccessible: true do
       expect(page).to have_current_path(spree.order_path(Spree::Order.last))
       expect(page).to have_content('Ending in 1111')
     end
+    it "allows user to save a billing address associated to the credit card" do
+      choose "use_existing_card_no"
+      fill_in_credit_card
+      click_on "Save and Continue"
+      expect(Spree::CreditCard.last.address).to be_present
+    end
   end
   # regression for https://github.com/spree/spree/issues/2921
@@ -672,6 +680,57 @@ describe "Checkout", type: :feature, inaccessible: true do
     end
   end
+  # Regression test for: https://github.com/solidusio/solidus/issues/2998
+  context 'when two shipping categories are available' do
+    let!(:first_category) { create(:shipping_category) }
+    let!(:second_category) { create(:shipping_category) }
+    let!(:first_shipping_method) do
+      create(:shipping_method,
+             shipping_categories: [first_category],
+             stores: [store])
+    end
+    let!(:second_shipping_method) do
+      create(:shipping_method,
+             shipping_categories: [second_category],
+             stores: [store])
+    end
+    context 'assigned to two different products' do
+      let!(:first_product) do
+        create(:product,
+               name: 'First product',
+               shipping_category: first_category)
+      end
+      let!(:second_product) do
+        create(:product,
+               name: 'Second product',
+               shipping_category: second_category)
+      end
+      before do
+        stock_location.stock_items.update_all(count_on_hand: 10)
+      end
+      it 'transitions successfully to the delivery step', js: true do
+        visit spree.product_path(first_product)
+        click_button 'add-to-cart-button'
+        visit spree.product_path(second_product)
+        click_button 'add-to-cart-button'
+        click_button 'Checkout'
+        fill_in_address
+        fill_in 'order_email', with: 'test@example.com'
+        click_button 'Save and Continue'
+        expect(Spree::Order.last.state).to eq('delivery')
+      end
+    end
+  end
   def fill_in_credit_card(number: "4111 1111 1111 1111")
     fill_in "Name on card", with: 'Mary Doe'
     fill_in_with_force "Card Number", with: number

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: solidus_frontend
 version: !ruby/object:Gem::Version
-  version: 2.10.0.beta1
+  version: 2.10.5
 platform: ruby
 authors:
 - Solidus Team
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-09-19 00:00:00.000000000 Z
+date: 2021-05-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: solidus_api
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.10.0.beta1
+        version: 2.10.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.10.0.beta1
+        version: 2.10.5
 - !ruby/object:Gem::Dependency
   name: solidus_core
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.10.0.beta1
+        version: 2.10.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.10.0.beta1
+        version: 2.10.5
 - !ruby/object:Gem::Dependency
   name: canonical-rails
   requirement: !ruby/object:Gem::Requirement
@@ -331,7 +331,7 @@ homepage: http://solidus.io/
 licenses:
 - BSD-3-Clause
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -339,7 +339,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.2.2
+      version: 2.4.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -347,8 +347,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.8.23
 requirements:
 - none
-rubygems_version: 3.0.6
-signing_key:
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Cart and storefront for the Solidus e-commerce project.
 test_files: []