solidus_frontend_devise_token_auth 2.8.0.alpha.2

data/app/assets/stylesheets/spree/frontend.css

@@ -0,0 +1,5 @@
+/*
+* This is a manifest file that includes stylesheets for spree_frontend
+ *= require normalize
+ *= require spree/frontend/screen
+*/

data/app/controllers/spree/checkout_controller.rb

@@ -0,0 +1,236 @@
+# frozen_string_literal: true
+
+module Spree
+  # This is somewhat contrary to standard REST convention since there is not
+  # actually a Checkout object. There's enough distinct logic specific to
+  # checkout which has nothing to do with updating an order that this approach
+  # is warranted.
+  class CheckoutController < Spree::StoreController
+    before_action :load_order
+    around_action :lock_order
+    before_action :set_state_if_present
+
+    before_action :ensure_order_not_completed
+    before_action :ensure_checkout_allowed
+    before_action :ensure_sufficient_stock_lines
+    before_action :ensure_valid_state
+
+    before_action :associate_user
+    before_action :check_authorization
+    before_action :apply_coupon_code
+
+    before_action :setup_for_current_state, only: [:edit, :update]
+
+    helper 'spree/orders'
+
+    rescue_from Spree::Core::GatewayError, with: :rescue_from_spree_gateway_error
+
+    # Updates the order and advances to the next state (when possible.)
+    def update
+      if update_order
+
+        assign_temp_address
+
+        unless transition_forward
+          redirect_on_failure
+          return
+        end
+
+        if @order.completed?
+          finalize_order
+        else
+          send_to_next_state
+        end
+
+      else
+        render :edit
+      end
+    end
+
+    private
+
+    def update_order
+      OrderUpdateAttributes.new(@order, update_params, request_env: request.headers.env).apply
+    end
+
+    def assign_temp_address
+      @order.temporary_address = !params[:save_user_address]
+    end
+
+    def redirect_on_failure
+      flash[:error] = @order.errors.full_messages.join("\n")
+      redirect_to(checkout_state_path(@order.state))
+    end
+
+    def transition_forward
+      if @order.can_complete?
+        @order.complete
+      else
+        @order.next
+      end
+    end
+
+    def finalize_order
+      @current_order = nil
+      set_successful_flash_notice
+      redirect_to completion_route
+    end
+
+    def set_successful_flash_notice
+      flash.notice = t('spree.order_processed_successfully')
+      flash['order_completed'] = true
+    end
+
+    def send_to_next_state
+      redirect_to checkout_state_path(@order.state)
+    end
+
+    def update_params
+      if update_params = massaged_params[:order]
+        update_params.permit(permitted_checkout_attributes)
+      else
+        # We currently allow update requests without any parameters in them.
+        {}
+      end
+    end
+
+    def massaged_params
+      massaged_params = params.deep_dup
+
+      move_payment_source_into_payments_attributes(massaged_params)
+      if massaged_params[:order] && massaged_params[:order][:existing_card].present?
+        Spree::Deprecation.warn("Passing order[:existing_card] is deprecated. Send order[:wallet_payment_source_id] instead.", caller)
+        move_existing_card_into_payments_attributes(massaged_params) # deprecated
+      end
+      move_wallet_payment_source_id_into_payments_attributes(massaged_params)
+      set_payment_parameters_amount(massaged_params, @order)
+
+      massaged_params
+    end
+
+    def ensure_valid_state
+      unless skip_state_validation?
+        if (params[:state] && !@order.has_checkout_step?(params[:state])) ||
+           (!params[:state] && !@order.has_checkout_step?(@order.state))
+          @order.state = 'cart'
+          redirect_to checkout_state_path(@order.checkout_steps.first)
+        end
+      end
+
+      # Fix for https://github.com/spree/spree/issues/4117
+      # If confirmation of payment fails, redirect back to payment screen
+      if params[:state] == "confirm" && @order.payment_required? && @order.payments.valid.empty?
+        flash.keep
+        redirect_to checkout_state_path("payment")
+      end
+    end
+
+    # Should be overriden if you have areas of your checkout that don't match
+    # up to a step within checkout_steps, such as a registration step
+    def skip_state_validation?
+      false
+    end
+
+    def load_order
+      @order = current_order
+      redirect_to(spree.cart_path) && return unless @order
+    end
+
+    def set_state_if_present
+      if params[:state]
+        redirect_to checkout_state_path(@order.state) if @order.can_go_to_state?(params[:state]) && !skip_state_validation?
+        @order.state = params[:state]
+      end
+    end
+
+    def ensure_checkout_allowed
+      unless @order.checkout_allowed?
+        redirect_to spree.cart_path
+      end
+    end
+
+    def ensure_order_not_completed
+      redirect_to spree.cart_path if @order.completed?
+    end
+
+    def ensure_sufficient_stock_lines
+      if @order.insufficient_stock_lines.present?
+        out_of_stock_items = @order.insufficient_stock_lines.collect(&:name).to_sentence
+        flash[:error] = t('spree.inventory_error_flash_for_insufficient_quantity', names: out_of_stock_items)
+        redirect_to spree.cart_path
+      end
+    end
+
+    # Provides a route to redirect after order completion
+    def completion_route
+      spree.order_path(@order)
+    end
+
+    def apply_coupon_code
+      if update_params[:coupon_code].present?
+        @order.coupon_code = update_params[:coupon_code]
+
+        handler = PromotionHandler::Coupon.new(@order).apply
+
+        if handler.error.present?
+          flash.now[:error] = handler.error
+        elsif handler.success
+          flash[:success] = handler.success
+        end
+
+        setup_for_current_state
+        respond_with(@order) { |format| format.html { render :edit } } && return
+      end
+    end
+
+    def setup_for_current_state
+      method_name = :"before_#{@order.state}"
+      send(method_name) if respond_to?(method_name, true)
+    end
+
+    def before_address
+      @order.assign_default_user_addresses
+      # If the user has a default address, the previous method call takes care
+      # of setting that; but if he doesn't, we need to build an empty one here
+      default = { country_id: Spree::Country.default.id }
+      @order.build_bill_address(default) unless @order.bill_address
+      @order.build_ship_address(default) if @order.checkout_steps.include?('delivery') && !@order.ship_address
+    end
+
+    def before_delivery
+      return if params[:order].present?
+
+      packages = @order.shipments.map(&:to_package)
+      @differentiator = Spree::Stock::Differentiator.new(@order, packages)
+    end
+
+    def before_payment
+      if @order.checkout_steps.include? "delivery"
+        packages = @order.shipments.map(&:to_package)
+        @differentiator = Spree::Stock::Differentiator.new(@order, packages)
+        @differentiator.missing.each do |variant, quantity|
+          @order.contents.remove(variant, quantity)
+        end
+      end
+
+      if try_spree_current_user && try_spree_current_user.respond_to?(:wallet)
+        @wallet_payment_sources = try_spree_current_user.wallet.wallet_payment_sources
+        @default_wallet_payment_source = @wallet_payment_sources.detect(&:default) ||
+                                         @wallet_payment_sources.first
+        # TODO: How can we deprecate this instance variable?  We could try
+        # wrapping it in a delegating object that produces deprecation warnings.
+        @payment_sources = try_spree_current_user.wallet.wallet_payment_sources.map(&:payment_source).select { |ps| ps.is_a?(Spree::CreditCard) }
+      end
+    end
+
+    def rescue_from_spree_gateway_error(exception)
+      flash.now[:error] = t('spree.spree_gateway_error_flash_for_checkout')
+      @order.errors.add(:base, exception.message)
+      render :edit
+    end
+
+    def check_authorization
+      authorize!(:edit, current_order, cookies.signed[:guest_token])
+    end
+  end
+end

data/app/controllers/spree/content_controller.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Spree
+  class ContentController < Spree::StoreController
+    respond_to :html
+
+    def cvv
+      render layout: false
+    end
+  end
+end

data/app/controllers/spree/home_controller.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Spree
+  class HomeController < Spree::StoreController
+    helper 'spree/products'
+    respond_to :html
+
+    def index
+      @searcher = build_searcher(params.merge(include_images: true))
+      @products = @searcher.retrieve_products
+      @taxonomies = Spree::Taxonomy.includes(root: :children)
+    end
+  end
+end

data/app/controllers/spree/locale_controller.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Spree
+  class LocaleController < Spree::StoreController
+    def set
+      available_locales = Spree.i18n_available_locales
+      requested_locale = params[:switch_to_locale] || params[:locale]
+
+      if requested_locale && available_locales.map(&:to_s).include?(requested_locale)
+        session[:locale] = requested_locale
+        I18n.locale = requested_locale
+        flash.notice = t('spree.locale_changed')
+      else
+        flash[:error] = t('spree.locale_not_changed')
+      end
+
+      redirect_to spree.root_path
+    end
+  end
+end

data/app/controllers/spree/orders_controller.rb

@@ -0,0 +1,138 @@
+# frozen_string_literal: true
+
+module Spree
+  class OrdersController < Spree::StoreController
+    helper 'spree/products', 'spree/orders'
+
+    respond_to :html
+
+    before_action :store_guest_token
+    before_action :assign_order, only: :update
+    # note: do not lock the #edit action because that's where we redirect when we fail to acquire a lock
+    around_action :lock_order, only: :update
+    before_action :apply_coupon_code, only: :update
+    skip_before_action :verify_authenticity_token, only: [:populate]
+
+    def show
+      @order = Spree::Order.find_by!(number: params[:id])
+      authorize! :read, @order, cookies.signed[:guest_token]
+    end
+
+    def update
+      authorize! :update, @order, cookies.signed[:guest_token]
+      if @order.contents.update_cart(order_params)
+        @order.next if params.key?(:checkout) && @order.cart?
+
+        respond_with(@order) do |format|
+          format.html do
+            if params.key?(:checkout)
+              redirect_to checkout_state_path(@order.checkout_steps.first)
+            else
+              redirect_to cart_path
+            end
+          end
+        end
+      else
+        respond_with(@order)
+      end
+    end
+
+    # Shows the current incomplete order from the session
+    def edit
+      @order = current_order || Spree::Order.incomplete.find_or_initialize_by(guest_token: cookies.signed[:guest_token])
+      authorize! :read, @order, cookies.signed[:guest_token]
+      associate_user
+    end
+
+    # Adds a new item to the order (creating a new order if none already exists)
+    def populate
+      @order = current_order(create_order_if_necessary: true)
+      authorize! :update, @order, cookies.signed[:guest_token]
+
+      variant  = Spree::Variant.find(params[:variant_id])
+      quantity = params[:quantity].present? ? params[:quantity].to_i : 1
+
+      # 2,147,483,647 is crazy. See issue https://github.com/spree/spree/issues/2695.
+      if !quantity.between?(1, 2_147_483_647)
+        @order.errors.add(:base, t('spree.please_enter_reasonable_quantity'))
+      end
+
+      begin
+        @line_item = @order.contents.add(variant, quantity)
+      rescue ActiveRecord::RecordInvalid => e
+        @order.errors.add(:base, e.record.errors.full_messages.join(", "))
+      end
+
+      respond_with(@order) do |format|
+        format.html do
+          if @order.errors.any?
+            flash[:error] = @order.errors.full_messages.join(", ")
+            redirect_back_or_default(spree.root_path)
+            return
+          else
+            redirect_to cart_path
+          end
+        end
+      end
+    end
+
+    def populate_redirect
+      flash[:error] = t('spree.populate_get_error')
+      redirect_to spree.cart_path
+    end
+
+    def empty
+      if @order = current_order
+        authorize! :update, @order, cookies.signed[:guest_token]
+        @order.empty!
+      end
+
+      redirect_to spree.cart_path
+    end
+
+    def accurate_title
+      if @order && @order.completed?
+        t('spree.order_number', number: @order.number)
+      else
+        t('spree.shopping_cart')
+      end
+    end
+
+    private
+
+    def store_guest_token
+      cookies.permanent.signed[:guest_token] = params[:token] if params[:token]
+    end
+
+    def order_params
+      if params[:order]
+        params[:order].permit(*permitted_order_attributes)
+      else
+        {}
+      end
+    end
+
+    def assign_order
+      @order = current_order
+      unless @order
+        flash[:error] = t('spree.order_not_found')
+        redirect_to(root_path) && return
+      end
+    end
+
+    def apply_coupon_code
+      if order_params[:coupon_code].present?
+        @order.coupon_code = order_params[:coupon_code]
+
+        handler = PromotionHandler::Coupon.new(@order).apply
+
+        if handler.error.present?
+          flash.now[:error] = handler.error
+          respond_with(@order) { |format| format.html { render :edit } } && return
+        elsif handler.success
+          flash[:success] = handler.success
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/products_controller.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Spree
+  class ProductsController < Spree::StoreController
+    before_action :load_product, only: :show
+    before_action :load_taxon, only: :index
+
+    helper 'spree/taxons', 'spree/taxon_filters'
+
+    respond_to :html
+
+    def index
+      @searcher = build_searcher(params.merge(include_images: true))
+      @products = @searcher.retrieve_products
+      @taxonomies = Spree::Taxonomy.includes(root: :children)
+    end
+
+    def show
+      @variants = @product.
+        variants_including_master.
+        display_includes.
+        with_prices(current_pricing_options).
+        includes([:option_values, :images])
+
+      @product_properties = @product.product_properties.includes(:property)
+      @taxon = Spree::Taxon.find(params[:taxon_id]) if params[:taxon_id]
+    end
+
+    private
+
+    def accurate_title
+      if @product
+        @product.meta_title.blank? ? @product.name : @product.meta_title
+      else
+        super
+      end
+    end
+
+    def load_product
+      if try_spree_current_user.try(:has_spree_role?, "admin")
+        @products = Spree::Product.with_deleted
+      else
+        @products = Spree::Product.available
+      end
+      @product = @products.friendly.find(params[:id])
+    end
+
+    def load_taxon
+      @taxon = Spree::Taxon.find(params[:taxon]) if params[:taxon].present?
+    end
+  end
+end

data/app/controllers/spree/store_controller.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Spree
+  class StoreController < Spree::BaseController
+    include Spree::Core::ControllerHelpers::Pricing
+    include Spree::Core::ControllerHelpers::Order
+
+    def unauthorized
+      render 'spree/shared/unauthorized', layout: Spree::Config[:layout], status: 401
+    end
+
+    def cart_link
+      render partial: 'spree/shared/link_to_cart'
+      fresh_when(current_order, template: 'spree/shared/_link_to_cart')
+    end
+
+    private
+
+    def config_locale
+      Spree::Frontend::Config[:locale]
+    end
+
+    def lock_order
+      Spree::OrderMutex.with_lock!(@order) { yield }
+    rescue Spree::OrderMutex::LockFailed
+      flash[:error] = t('spree.order_mutex_error')
+      redirect_to spree.cart_path
+    end
+  end
+end

data/app/controllers/spree/taxons_controller.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module Spree
+  class TaxonsController < Spree::StoreController
+    helper 'spree/products', 'spree/taxon_filters'
+
+    before_action :load_taxon, only: [:show]
+
+    respond_to :html
+
+    def show
+      @searcher = build_searcher(params.merge(taxon: @taxon.id, include_images: true))
+      @products = @searcher.retrieve_products
+      @taxonomies = Spree::Taxonomy.includes(root: :children)
+    end
+
+    private
+
+    def load_taxon
+      @taxon = Spree::Taxon.find_by!(permalink: params[:id])
+    end
+
+    def accurate_title
+      if @taxon
+        @taxon.seo_title
+      else
+        super
+      end
+    end
+  end
+end

data/app/helpers/spree/orders_helper.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'truncate_html'
+require 'app/helpers/truncate_html_helper'
+
+module Spree
+  module OrdersHelper
+    include TruncateHtmlHelper
+
+    def truncated_product_description(product)
+      truncate_html(raw(product.description))
+    end
+
+    def order_just_completed?(order)
+      flash[:order_completed] && order.present?
+    end
+  end
+end

data/app/helpers/spree/taxon_filters_helper.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spree/core/product_filters'
+
+module Spree
+  module TaxonFiltersHelper
+    def applicable_filters_for(_taxon)
+      [:brand_filter, :price_filter].map do |filter_name|
+        Spree::Core::ProductFilters.send(filter_name) if Spree::Core::ProductFilters.respond_to?(filter_name)
+      end.compact
+    end
+  end
+end

data/app/models/spree/frontend_configuration.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module Spree
+  class FrontendConfiguration < Preferences::Configuration
+    preference :locale, :string, default: Rails.application.config.i18n.default_locale
+
+    # Add your terms and conditions in app/views/spree/checkout/_terms_and_conditions.en.html.erb
+    preference :require_terms_and_conditions_acceptance, :boolean, default: false
+  end
+end

data/app/views/spree/address/_form.html.erb

@@ -0,0 +1,96 @@
+<% address_id = address_type.chars.first %>
+<div class="inner" data-hook=<%="#{address_type}_inner" %>>
+  <div class="field field-required" id=<%="#{address_id}firstname" %>>
+    <%= form.label :firstname, t('spree.first_name') %>
+    <%= form.text_field :firstname, class: 'required', autocomplete: address_type + ' given-name', required: true, autofocus: true %>
+  </div>
+
+  <div class="field" id=<%="#{address_id}lastname" %>>
+    <%= form.label :lastname, t('spree.last_name') %>
+    <%= form.text_field :lastname, autocomplete: address_type + ' family-name' %>
+  </div>
+
+  <% if Spree::Config[:company] %>
+    <div class="field" id=<%="#{address_id}company" %>>
+      <%= form.label :company, t('spree.company') %>
+      <%= form.text_field :company, autocomplete: address_type + ' organization' %>
+    </div>
+  <% end %>
+
+  <div class="field field-required" id=<%="#{address_id}address1" %>>
+    <%= form.label :address1, t('spree.street_address') %>
+    <%= form.text_field :address1, class: 'required', autocomplete: address_type + ' address-line1',  required: true %>
+  </div>
+
+  <div class="field" id=<%="#{address_id}address2" %>>
+    <%= form.label :address2, I18n.t('spree.street_address_2') %>
+    <%= form.text_field :address2, autocomplete: address_type + ' address-line2' %>
+  </div>
+
+  <div class="field field-required" id=<%="#{address_id}city" %>>
+    <%= form.label :city, t('spree.city') %>
+    <%= form.text_field :city, class: 'required', autocomplete: address_type + ' address-level2',  required: true %>
+  </div>
+
+  <div class="field field-required" id=<%="#{address_id}country" %>>
+    <%= form.label :country_id, t('spree.country') %>
+    <span id=<%="#{address_id}country-selection" %>>
+      <%= form.collection_select :country_id, available_countries, :id, :name, {},
+          class: 'required',
+          autocomplete: address_type + ' country-name',
+          required: true
+        %>
+    </span>
+  </div>
+
+  <% if Spree::Config[:address_requires_state] %>
+    <div class="field field-required" id=<%="#{address_id}state" %>>
+      <% have_states = !address.country.states.empty? %>
+      <%= form.label :state, t('spree.state') %>
+
+      <span class="js-address-fields" style="display: none;">
+        <%=
+          form.collection_select(
+            :state_id, address.country.states, :id, :name,
+            {include_blank: true},
+            {
+              class: have_states ? 'required' : '',
+              style: have_states ? '' : 'display: none;',
+              disabled: !have_states,
+              autocomplete: address_type + ' address-level1',
+            })
+          %>
+        <%=
+          form.text_field(
+            :state_name,
+            class: !have_states ? 'required' : '',
+            style: have_states ? 'display: none;' : '',
+            disabled: have_states,
+            autocomplete: address_type + ' address-level1',
+          )
+        %>
+      </span>
+      <noscript>
+        <%= form.text_field :state_name, class: 'required', autocomplete: address_type + ' address-level1',  required: true %>
+      </noscript>
+    </div>
+  <% end %>
+
+  <div class="field <%= 'field-required' if address.require_zipcode? %>" id=<%="#{address_id}zipcode" %>>
+    <%= form.label :zipcode, t('spree.zip') %>
+    <%= form.text_field :zipcode, class: "#{'required' if address.require_zipcode?}", autocomplete: address_type + ' postal-code',  required: true %>
+  </div>
+
+  <div class="field <%= 'field-required' if address.require_phone? %>" id=<%="#{address_id}phone" %>>
+    <%= form.label :phone, t('spree.phone') %>
+    <% phone_hash = address.require_phone? ? { class: 'required', required: true } : {} %>
+    <%= form.phone_field :phone, phone_hash.merge({ autocomplete: address_type + ' home tel' }) %>
+  </div>
+
+  <% if Spree::Config[:alternative_shipping_phone] %>
+    <div class="field" id=<%="#{address_id}altphone" %>>
+      <%= form.label :alternative_phone, t('spree.alternative_phone') %>
+      <%= form.phone_field :alternative_phone, autocomplete: address_type + ' tel'%>
+    </div>
+  <% end %>
+</div>