spiffy_stores_api 4.11.0

data/lib/spiffy_stores_api/resources/product.rb

@@ -0,0 +1,32 @@
+module SpiffyStoresAPI
+  class Product < Base
+    include Metafields
+
+    # compute the price range
+    def price_range
+      prices = variants.collect(&:price).collect(&:to_f)
+      format =  "%0.2f"
+      if prices.min != prices.max
+        "#{format % prices.min} - #{format % prices.max}"
+      else
+        format % prices.min
+      end
+    end
+
+    def collections
+      StandardCollection.find(:all, :params => {:product_id => self.id})
+    end
+
+    def super_collections
+      SmartCollection.find(:all, :params => {:product_id => self.id})
+    end
+
+    def add_to_collection(collection)
+      collection.add_product(self)
+    end
+
+    def remove_from_collection(collection)
+      collection.remove_product(self)
+    end
+  end
+end

data/lib/spiffy_stores_api/resources/province.rb

@@ -0,0 +1,5 @@
+module SpiffyStoresAPI
+  class Province < Base
+    init_prefix :country
+  end
+end

data/lib/spiffy_stores_api/resources/script_tag.rb

@@ -0,0 +1,4 @@
+module SpiffyStoresAPI
+  class ScriptTag < Base
+  end
+end

data/lib/spiffy_stores_api/resources/standard_collection.rb

@@ -0,0 +1,18 @@
+module SpiffyStoresAPI
+  class StandardCollection < Base
+    include Metafields
+
+    def products
+      Product.find(:all, :params => {:collection_id => self.id})
+    end
+
+    def add_product(product)
+      Collect.create(:collection_id => self.id, :product_id => product.id)
+    end
+
+    def remove_product(product)
+      collect = Collect.find(:first, :params => {:collection_id => self.id, :product_id => product.id})
+      collect.destroy if collect
+    end
+  end
+end

data/lib/spiffy_stores_api/resources/store.rb

@@ -0,0 +1,18 @@
+module SpiffyStoresAPI
+  # Store object. Use Store.current to retrieve the store settings.
+  class Store < Base
+    def self.current(options={})
+      find(:one, options.merge({from: "/api/store.#{format.extension}"}))
+    end
+
+    def metafields(**options)
+      Metafield.find(:all, params: options)
+    end
+
+    def add_metafield(metafield)
+      raise ArgumentError, "You can only add metafields to resource that has been saved" if new?
+      metafield.save
+      metafield
+    end
+  end
+end

data/lib/spiffy_stores_api/resources/super_collection.rb

@@ -0,0 +1,14 @@
+module SpiffyStoresAPI
+  class SuperCollection < Base
+    include Metafields
+
+    def products
+      Product.find(:all, :params => {:collection_id => self.id})
+    end
+
+    def order(options={})
+      load_attributes_from_response(put(:order, options, only_id))
+    end
+
+  end
+end

data/lib/spiffy_stores_api/resources/variant.rb

@@ -0,0 +1,8 @@
+module SpiffyStoresAPI
+  class Variant < Base
+    include Metafields
+    include DisablePrefixCheck
+
+    conditional_prefix :product
+  end
+end

data/lib/spiffy_stores_api/resources/webhook.rb

@@ -0,0 +1,4 @@
+module SpiffyStoresAPI
+  class Webhook < Base
+  end
+end

data/lib/spiffy_stores_api/session.rb

@@ -0,0 +1,145 @@
+require 'openssl'
+require 'rack'
+
+module SpiffyStoresAPI
+
+  class ValidationException < StandardError
+  end
+
+  class Session
+    cattr_accessor :api_key, :secret, :protocol, :spiffy_stores_domain, :port
+    self.protocol = 'https'
+    self.spiffy_stores_domain = 'spiffystores.com'
+
+    attr_accessor :url, :token, :shop, :name, :extra
+
+    class << self
+
+      def setup(params)
+        params.each { |k,value| public_send("#{k}=", value) }
+      end
+
+      def temp(domain, token, &block)
+        session = new(domain, token)
+        original_site = SpiffyStoresAPI::Base.site.to_s
+        original_token = SpiffyStoresAPI::Base.headers['Authorization'].try(:gsub, /^Bearer /i, '')
+        original_session = new(original_site, original_token)
+
+        begin
+          SpiffyStoresAPI::Base.activate_session(session)
+          yield
+        ensure
+          SpiffyStoresAPI::Base.activate_session(original_session)
+        end
+      end
+
+      def prepare_url(url)
+        return nil if url.blank?
+        # remove http:// or https://
+        url = url.strip.gsub(/\Ahttps?:\/\//, '')
+        # extract host, removing any username, password or path
+        store = URI.parse("https://#{url}").host
+        # extract subdomain of .spiffystores.com
+        if idx = store.index(".")
+          store = store.slice(0, idx)
+        end
+        return nil if store.empty?
+        store = "#{store}.#{spiffy_stores_domain}"
+        port ? "#{store}:#{port}" : store
+      rescue URI::InvalidURIError
+        nil
+      end
+
+      def validate_signature(params)
+        params = params.with_indifferent_access
+        return false unless signature = params[:hmac]
+
+        calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new(), secret, encoded_params_for_signature(params))
+
+        Rack::Utils.secure_compare(calculated_signature, signature)
+      end
+
+      private
+
+      def encoded_params_for_signature(params)
+        params = params.except(:signature, :hmac, :action, :controller)
+        params.map{|k,v| "#{URI.escape(k.to_s, '&=%')}=#{URI.escape(v.to_s, '&%')}"}.sort.join('&')
+      end
+    end
+
+    def initialize(url, token = nil, shop = nil, extra = {})
+      self.url = self.class.prepare_url(url)
+      self.token = token
+      self.shop = shop
+      self.extra = extra
+    end
+
+    def create_permission_url(scope, redirect_uri = nil)
+      params = {:client_id => api_key, :scope => scope.join(',')}
+      params[:redirect_uri] = redirect_uri if redirect_uri
+      "#{site}/admin/oauth/authorize?#{parameterize(params)}"
+    end
+
+    def request_token(params)
+      return token if token
+
+      unless self.class.validate_signature(params) && params[:timestamp].to_i > 24.hours.ago.utc.to_i
+        raise SpiffyStoresAPI::ValidationException, "Invalid Signature: Possible malicious login"
+      end
+
+      response = access_token_request(params['code'])
+      if response.code == "200"
+        self.extra = JSON.parse(response.body)
+        self.token = extra.delete('access_token')
+
+        if expires_in = extra.delete('expires_in')
+          extra['expires_at'] = Time.now.utc.to_i + expires_in
+        end
+        token
+      else
+        raise RuntimeError, response.msg
+      end
+    end
+
+    def store
+      Store.current
+    end
+
+    def site
+      "#{protocol}://#{url}/api"
+    end
+
+    def valid?
+      url.present? && token.present?
+    end
+
+    def expires_in
+      return unless expires_at.present?
+      [0, expires_at.to_i - Time.now.utc.to_i].max
+    end
+
+    def expires_at
+      return unless extra.present?
+      @expires_at ||= Time.at(extra['expires_at']).utc
+    end
+
+    def expired?
+      return false if expires_in.nil?
+      expires_in <= 0
+    end
+
+    private
+      def parameterize(params)
+        URI.escape(params.collect{|k,v| "#{k}=#{v}"}.join('&'))
+      end
+
+      def access_token_request(code)
+        uri = URI.parse("#{protocol}://#{url}/admin/oauth/token")
+        https = Net::HTTP.new(uri.host, uri.port)
+        https.use_ssl = true
+        request = Net::HTTP::Post.new(uri.request_uri)
+        request.set_form_data({"client_id" => api_key, "client_secret" => secret, "code" => code})
+        https.request(request)
+      end
+  end
+end

data/lib/spiffy_stores_api/version.rb

@@ -0,0 +1,3 @@
+module SpiffyStoresAPI
+  VERSION = "4.11.0"
+end

data/spiffy_stores_api.gemspec

@@ -0,0 +1,34 @@
+$:.push File.expand_path("../lib", __FILE__)
+require "spiffy_stores_api/version"
+
+Gem::Specification.new do |s|
+  s.name = %q{spiffy_stores_api}
+  s.version = SpiffyStoresAPI::VERSION
+  s.author = "Spiffy Stores"
+
+  s.summary = %q{The SpiffyStores API gem is a lightweight gem for accessing the Spiffy Stores admin REST web services}
+  s.description = %q{The SpiffyStores API gem allows Ruby developers to programmatically access the admin section of SpiffyStores stores. The API is implemented as JSON or XML over HTTP using all four verbs (GET/POST/PUT/DELETE). Each resource, like Order, Product, or Collection, has its own URL and is manipulated in isolation.}
+  s.email = %q{brian@spiffy.com.au}
+  s.homepage = %q{https://www.spiffystores.com.au}
+
+  s.extra_rdoc_files = [
+    "README.md"
+  ]
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.summary = %q{SpiffyStoresAPI is a lightweight gem for accessing the Spiffy Stores admin REST web services}
+  s.license = "MIT"
+
+  s.required_ruby_version = ">= 2.2"
+
+  s.add_runtime_dependency("activeresource", ">= 3.0.0")
+  s.add_runtime_dependency("rack")
+
+  s.add_development_dependency("mocha", ">= 0.9.8")
+  s.add_development_dependency("fakeweb")
+  s.add_development_dependency("minitest", ">= 4.0")
+  s.add_development_dependency("rake")
+end

data/test/active_resource/json_errors_test.rb

@@ -0,0 +1,19 @@
+require 'test_helper'
+
+module ActiveResource
+  class JsonErrorsTest < Test::Unit::TestCase
+
+    def test_parsing_of_error_json_hash
+      @model = SpiffyStoresAPI::Order.new
+      @model.errors.from_json({errors: {name: ['missing']}}.to_json)
+      assert_equal ['missing'], @model.errors[:name]
+    end
+
+    def test_parsing_of_error_json_plain_string
+      @model = SpiffyStoresAPI::Order.new
+      @model.errors.from_json({errors: 'some generic error'}.to_json)
+      assert_equal ['some generic error'], @model.errors[:base]
+      assert_equal 'some generic error', @model.errors.full_messages.to_sentence
+    end
+  end
+end

data/test/article_test.rb

@@ -0,0 +1,73 @@
+require 'test_helper'
+
+class ArticleTest < Test::Unit::TestCase
+
+  def test_create_article
+    fake "blogs/1008414260/articles", :method => :post, :body => load_fixture('article')
+    article = SpiffyStoresAPI::Article.new(:blog_id => 1008414260)
+    article.save
+    assert_equal "First Post", article.title
+  end
+
+  def test_get_article
+    fake "articles/6242736", :method => :get, :body => load_fixture('article')
+    article = SpiffyStoresAPI::Article.find(6242736)
+    assert_equal "First Post", article.title
+    assert_equal 1008414260, article.blog_id
+  end
+
+  def test_get_articles
+    fake "articles", :method => :get, :body => load_fixture('articles')
+    articles = SpiffyStoresAPI::Article.all
+    assert_equal 3, articles.length
+    assert_equal 1008414260, articles.first.blog_id
+  end
+
+  def test_get_articles_namespaced
+    fake "blogs/1008414260/articles", :method => :get, :body => load_fixture('articles')
+    articles = SpiffyStoresAPI::Article.find(:all, :params => {:blog_id => 1008414260})
+    assert_equal 3, articles.length
+    assert_equal 1008414260, articles.first.blog_id
+  end
+
+  def test_get_article_namespaced
+    fake "blogs/1008414260/articles/6242736", :method => :get, :body => load_fixture('article')
+    article = SpiffyStoresAPI::Article.find(6242736, :params => {:blog_id => 1008414260})
+    assert_equal "First Post", article.title
+    assert_equal 1008414260, article.blog_id
+  end
+
+  def test_get_authors
+    fake "articles/authors", :method => :get, :body => load_fixture('authors')
+    authors = SpiffyStoresAPI::Article.authors
+    assert_equal "Spiffy Stores", authors.first
+    assert_equal "development shop", authors.last
+  end
+
+  def test_get_authors_for_blog_id
+    fake "blogs/1008414260/articles/authors", :method => :get, :body => load_fixture('authors')
+    authors = SpiffyStoresAPI::Article.authors(:blog_id => 1008414260)
+    assert_equal 3, authors.length
+  end
+
+# def test_get_tags
+#   fake "articles/tags", :method => :get, :body => load_fixture('tags')
+#   tags = SpiffyStoresAPI::Article.tags
+#   assert_equal "consequuntur", tags.first
+#   assert_equal "repellendus", tags.last
+# end
+
+# def test_get_tags_for_blog_id
+#   fake "blogs/1008414260/articles/tags", :method => :get, :body => load_fixture('tags')
+#   tags = SpiffyStoresAPI::Article.tags(:blog_id => 1008414260)
+#   assert_equal "consequuntur", tags.first
+#   assert_equal "repellendus", tags.last
+# end
+#
+# def test_get_popular_tags
+#   fake "articles/tags.json?limit=1&popular=1", :extension => false, :method => :get, :body => load_fixture('tags')
+#   tags = SpiffyStoresAPI::Article.tags(:popular => 1, :limit => 1)
+#   assert_equal 3, tags.length
+# end
+
+end

data/test/base_test.rb

@@ -0,0 +1,112 @@
+require 'test_helper'
+
+
+class BaseTest < Test::Unit::TestCase
+
+  def setup
+    @session1 = SpiffyStoresAPI::Session.new('shop1.spiffystores.com', 'token1')
+    @session2 = SpiffyStoresAPI::Session.new('shop2.spiffystores.com', 'token2')
+  end
+
+  def teardown
+    clear_header('X-Custom')
+  end
+
+  test '#activate_session should set site and headers for given session' do
+    SpiffyStoresAPI::Base.activate_session @session1
+
+    assert_nil ActiveResource::Base.site
+    assert_equal 'https://shop1.spiffystores.com/api', SpiffyStoresAPI::Base.site.to_s
+    assert_equal 'https://shop1.spiffystores.com/api', SpiffyStoresAPI::Store.site.to_s
+
+    assert_nil ActiveResource::Base.headers['Authorization']
+    assert_equal 'Bearer token1', SpiffyStoresAPI::Base.headers['Authorization']
+    assert_equal 'Bearer token1', SpiffyStoresAPI::Store.headers['Authorization']
+  end
+
+  test '#clear_session should clear site and headers from Base' do
+    SpiffyStoresAPI::Base.activate_session @session1
+    SpiffyStoresAPI::Base.clear_session
+
+    assert_nil ActiveResource::Base.site
+    assert_nil SpiffyStoresAPI::Base.site
+    assert_nil SpiffyStoresAPI::Store.site
+
+    assert_nil ActiveResource::Base.headers['Authorization']
+    assert_nil SpiffyStoresAPI::Base.headers['Authorization']
+    assert_nil SpiffyStoresAPI::Store.headers['Authorization']
+  end
+
+  test '#activate_session with one session, then clearing and activating with another session should send request to correct shop' do
+    SpiffyStoresAPI::Base.activate_session @session1
+    SpiffyStoresAPI::Base.clear_session
+    SpiffyStoresAPI::Base.activate_session @session2
+
+    assert_nil ActiveResource::Base.site
+    assert_equal 'https://shop2.spiffystores.com/api', SpiffyStoresAPI::Base.site.to_s
+    assert_equal 'https://shop2.spiffystores.com/api', SpiffyStoresAPI::Store.site.to_s
+
+    assert_nil ActiveResource::Base.headers['Authorization']
+    assert_equal 'Bearer token2', SpiffyStoresAPI::Base.headers['Authorization']
+    assert_equal 'Bearer token2', SpiffyStoresAPI::Store.headers['Authorization']
+  end
+
+  test '#activate_session with nil raises an InvalidSessionError' do
+    assert_raises SpiffyStoresAPI::Base::InvalidSessionError do
+      SpiffyStoresAPI::Base.activate_session nil
+    end
+  end
+
+  test "#delete should send custom headers with request" do
+    SpiffyStoresAPI::Base.activate_session @session1
+    SpiffyStoresAPI::Base.headers['X-Custom'] = 'abc'
+    SpiffyStoresAPI::Base.connection.expects(:delete).with('/api/bases/1.json', has_entry('X-Custom', 'abc'))
+    SpiffyStoresAPI::Base.delete "1"
+  end
+
+  test "#headers includes the User-Agent" do
+    assert_not_includes ActiveResource::Base.headers.keys, 'User-Agent'
+    assert_includes SpiffyStoresAPI::Base.headers.keys, 'User-Agent'
+    thread = Thread.new do
+      assert_includes SpiffyStoresAPI::Base.headers.keys, 'User-Agent'
+    end
+    thread.join
+  end
+
+  if ActiveResource::VERSION::MAJOR >= 4
+    test "#headers propagates changes to subclasses" do
+      SpiffyStoresAPI::Base.headers['X-Custom'] = "the value"
+      assert_equal "the value", SpiffyStoresAPI::Base.headers['X-Custom']
+      assert_equal "the value", SpiffyStoresAPI::Product.headers['X-Custom']
+    end
+
+    test "#headers clears changes to subclasses" do
+      SpiffyStoresAPI::Base.headers['X-Custom'] = "the value"
+      assert_equal "the value", SpiffyStoresAPI::Product.headers['X-Custom']
+      SpiffyStoresAPI::Base.headers['X-Custom'] = nil
+      assert_nil SpiffyStoresAPI::Product.headers['X-Custom']
+    end
+  end
+
+  if ActiveResource::VERSION::MAJOR >= 5 || (ActiveResource::VERSION::MAJOR >= 4 && ActiveResource::VERSION::PRE == "threadsafe")
+    test "#headers set in the main thread affect spawned threads" do
+      SpiffyStoresAPI::Base.headers['X-Custom'] = "the value"
+      Thread.new do
+        assert_equal "the value", SpiffyStoresAPI::Base.headers['X-Custom']
+      end.join
+    end
+
+    test "#headers set in spawned threads do not affect the main thread" do
+      Thread.new do
+        SpiffyStoresAPI::Base.headers['X-Custom'] = "the value"
+      end.join
+      assert_nil SpiffyStoresAPI::Base.headers['X-Custom']
+    end
+  end
+
+  def clear_header(header)
+    [ActiveResource::Base, SpiffyStoresAPI::Base, SpiffyStoresAPI::Product].each do |klass|
+      klass.headers.delete(header)
+    end
+  end
+end