spree_api 1.1.0 → 1.1.1

data/app/controllers/spree/admin/users_controller_decorator.rb

@@ -0,0 +1,17 @@
+Spree::Admin::UsersController.class_eval do
+  before_filter :load_roles, :only => [:edit, :new, :update, :create, :generate_api_key, :clear_api_key]
+
+  def generate_api_key
+    if @user.generate_api_key!
+      flash.notice = t('key_generated', :scope => 'spree.api')
+    end
+    redirect_to edit_admin_user_path(@user)
+  end
+
+  def clear_api_key
+    if @user.clear_api_key!
+      flash.notice = t('key_cleared', :scope => 'spree.api')
+    end
+    redirect_to edit_admin_user_path(@user)
+  end
+end

data/app/controllers/spree/api/v1/addresses_controller.rb

@@ -0,0 +1,17 @@
+module Spree
+  module Api
+    module V1
+      class AddressesController < Spree::Api::V1::BaseController
+        def show
+          @address = Address.find(params[:id])
+        end
+
+        def update
+          @address = Address.find(params[:id])
+          @address.update_attributes(params[:address])
+          render :show, :status => 200
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v1/images_controller.rb

@@ -2,44 +2,27 @@ module Spree
   module Api
     module V1
       class ImagesController < Spree::Api::V1::BaseController
+        def show
+          @image = Image.find(params[:id])
+        end
+
         def create
-          @image = product_or_variant.images.create!(params[:image])
+          @image = Image.create(params[:image])
           render :show, :status => 201
         end
 
         def update
-          image.update_attributes(params[:image])
+          @image = Image.find(params[:id])
+          @image.update_attributes(params[:image])
           render :show, :status => 200
         end
 
         def destroy
-          image.destroy
+          @image = Image.find(params[:id])
+          @image.destroy
           render :text => nil
         end
 
-        private
-
-        def image
-          @image = product_or_variant.images.find(params[:id])
-        end
-
-        def product_or_variant
-          return @product_or_variant if @product_or_variant
-          if params[:product_id]
-            @product_or_variant = product
-          else
-            @product_or_variant = variant
-          end
-        end
-
-        def variant
-          Variant.find(params[:variant_id])
-        end
-
-        def product
-          find_product(params[:product_id]).master
-        end
-
       end
     end
   end

data/app/controllers/spree/api/v1/orders_controller.rb

@@ -14,6 +14,11 @@ module Spree
           authorize! :read, order
         end
 
+        def search
+          @orders = Order.search(params[:q]).result.page(params[:page])
+          render :index
+        end
+
         def create
           @order = Order.build_from_api(current_api_user, @nested_params)
           next!

data/app/controllers/spree/api/v1/taxonomies_controller.rb

@@ -0,0 +1,47 @@
+module Spree
+  module Api
+    module V1
+      class TaxonomiesController < Spree::Api::V1::BaseController
+        def index
+          @taxonomies = Taxonomy.order('name').includes(:root => :children)
+        end
+
+        def show
+          @taxonomy = Taxonomy.find(params[:id])
+        end
+
+        def create
+          authorize! :create, Taxonomy
+          @taxonomy = Taxonomy.new(params[:taxonomy])
+          if @taxonomy.save
+            render :show, :status => 201
+          else
+            invalid_resource!(@taxonomy)
+          end
+        end
+
+        def update
+          authorize! :update, Taxonomy
+          if taxonomy.update_attributes(params[:taxonomy])
+            render :show, :status => 200
+          else
+            invalid_resource!(taxonomy)
+          end
+        end
+
+        def destroy
+          authorize! :delete, Taxonomy
+          taxonomy.destroy
+          render :text => nil, :status => 200
+        end
+
+        private
+
+        def taxonomy
+          @taxonomy ||= Taxonomy.find(params[:id])
+        end
+
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v1/taxons_controller.rb

@@ -0,0 +1,51 @@
+module Spree
+  module Api
+    module V1
+      class TaxonsController < Spree::Api::V1::BaseController
+        def index
+          @taxons = taxonomy.root.children
+        end
+
+        def show
+          @taxon = taxon
+        end
+
+        def create
+          authorize! :create, Taxon
+          @taxon = Taxon.new(params[:taxon])
+          if @taxon.save
+            render :show, :status => 201
+          else
+            invalid_resource!(@taxon)
+          end
+        end
+
+        def update
+          authorize! :update, Taxon
+          if taxon.update_attributes(params[:taxon])
+            render :show, :status => 200
+          else
+            invalid_resource!(taxon)
+          end
+        end
+
+        def destroy
+          authorize! :delete, Taxon
+          taxon.destroy
+          render :text => nil, :status => 200
+        end
+
+        private
+
+        def taxonomy
+          @taxonomy ||= Taxonomy.find(params[:taxonomy_id])
+        end
+
+        def taxon
+          @taxon ||= taxonomy.taxons.find(params[:id])
+        end
+
+      end
+    end
+  end
+end

data/app/helpers/spree/api/api_helpers.rb

@@ -12,8 +12,8 @@ module Spree
       end
 
       def product_attributes
-        [:id, :name, :description, :price,
-         :available_on, :permalink, :count_on_hand, :meta_description, :meta_keywords]
+        [:id, :name, :description, :price, :available_on, :permalink, 
+          :count_on_hand, :meta_description, :meta_keywords, :taxon_ids]
       end
 
       def variant_attributes
@@ -51,6 +51,14 @@ module Spree
       def shipment_attributes
         [:id, :tracking, :number, :cost, :shipped_at, :state]
       end
+
+      def taxonomy_attributes
+        [:id, :name]
+      end
+
+      def taxon_attributes
+        [:id, :name, :permalink, :position, :parent_id, :taxonomy_id]
+      end
     end
   end
 end

data/app/overrides/api_admin_user_edit_form.rb

@@ -0,0 +1,6 @@
+Deface::Override.new(:virtual_path => "spree/admin/users/edit",
+                     :name => "api_admin_user_edit_form",
+                     :insert_after => "[data-hook='admin_user_edit_form'], #admin_user_edit_form[data-hook]",
+                     :partial => "spree/admin/users/api_fields",
+                     :disabled => false)
+

data/app/views/spree/admin/users/_api_fields.html.erb

@@ -0,0 +1,20 @@
+<h2><%= t('access', :scope => 'spree.api') %></h2>
+
+<% if @user.api_key.present? %>
+  <p><strong><%= t('key', :scope => 'spree.api') %></strong> <%= @user.api_key %></p>
+
+  <%= form_tag spree.clear_api_key_admin_user_path(@user), :method => :put do %>
+    <%= button t('clear_key', :scope => 'spree.api') %>
+  <% end %>
+
+  <%= form_tag spree.generate_api_key_admin_user_path(@user), :method => :put do %>
+    <%= button t('regenerate_key', :scope => 'spree.api') %>
+  <% end %>
+
+<% else %>
+
+  <p><%= t('no_key', :scope => 'spree.api') %></p>
+  <%= form_tag spree.generate_api_key_admin_user_path(@user), :method => :put do %>
+    <%= button t('generate_key', :scope => 'spree.api') %>
+  <% end %>
+<% end %>

data/app/views/spree/api/v1/addresses/show.rabl

@@ -0,0 +1,11 @@
+object @address
+attributes :id, :firstname, :lastname, :address1, :address2,
+           :city, :zipcode, :phone,
+           :company, :alternative_phone, :country_id, :state_id,
+           :state_name
+child(:country) do |address|
+  attributes :id, :iso_name, :iso, :iso3, :name, :numcode
+end
+child(:state) do |address|
+  attributes :abbr, :country_id, :id, :name
+end

data/app/views/spree/api/v1/images/show.rabl

@@ -1,2 +1,3 @@
 object @image
 attributes *image_attributes
+attributes :viewable_type, :viewable_id

data/app/views/spree/api/v1/orders/address.rabl

@@ -1,3 +0,0 @@
-attributes :id, :firstname, :lastname, :address1, :address2,
-           :city, :zipcode, :country, :state, :phone, :state_name,
-           :company, :alternative_phone, :country_id, :state_id

data/app/views/spree/api/v1/orders/show.rabl

@@ -3,11 +3,11 @@ attributes *order_attributes
 extends "spree/api/v1/orders/#{@order.state}"
 
 child :billing_address => :bill_address do
-  extends "spree/api/v1/orders/address"
+  extends "spree/api/v1/addresses/show"
 end
 
 child :shipping_address => :ship_address do
-  extends "spree/api/v1/orders/address"
+  extends "spree/api/v1/addresses/show"
 end
 
 child :line_items => :line_items do
@@ -23,4 +23,4 @@ end
 
 child :shipments => :shipments do
   extends "spree/api/v1/shipments/show"
-end
+end

data/app/views/spree/api/v1/products/show.rabl

@@ -9,7 +9,7 @@ child :variants_including_master => :variants do
 end
 
 child :images => :images do
-  attributes *image_attributes
+  extends "spree/api/v1/images/show"
 end
 
 child :option_types => :option_types do

data/app/views/spree/api/v1/taxonomies/index.rabl

@@ -0,0 +1,2 @@
+collection @taxonomies
+extends "spree/api/v1/taxonomies/show"

data/app/views/spree/api/v1/taxonomies/nested.rabl

@@ -0,0 +1,11 @@
+attributes *taxonomy_attributes
+
+child :root => :root do
+  attributes *taxon_attributes
+
+  child :children => :taxons do
+    attributes *taxon_attributes
+
+    extends "spree/api/v1/taxons/taxons"
+  end
+end

data/app/views/spree/api/v1/taxonomies/new.rabl

@@ -0,0 +1,3 @@
+object false
+node(:attributes) { [*taxonomy_attributes] }
+node(:required_attributes) { required_fields_for(Spree::Taxonomy) }

data/app/views/spree/api/v1/taxonomies/show.rabl

@@ -0,0 +1,15 @@
+object @taxonomy
+
+if set = params[:set]
+  extends "spree/api/v1/taxonomies/#{set}"
+else
+  attributes *taxonomy_attributes
+
+  child :root => :root do
+      attributes *taxon_attributes
+
+    child :children => :taxons do
+      attributes *taxon_attributes
+    end
+  end
+end

data/app/views/spree/api/v1/taxons/index.rabl

@@ -0,0 +1,4 @@
+collection @taxons
+attributes *taxon_attributes
+
+extends "spree/api/v1/taxons/taxons"

data/app/views/spree/api/v1/taxons/new.rabl

@@ -0,0 +1,3 @@
+object false
+node(:attributes) { [*taxon_attributes] }
+node(:required_attributes) { required_fields_for(Spree::Taxon) }

data/app/views/spree/api/v1/taxons/show.rabl

@@ -0,0 +1,8 @@
+object @taxon
+attributes *taxon_attributes
+
+node do |t|
+  child t.children => :taxons do
+    attributes *taxon_attributes
+  end
+end

data/app/views/spree/api/v1/taxons/taxons.rabl

@@ -0,0 +1,7 @@
+node do |t|
+  child t.children => :taxons do
+    attributes *taxon_attributes
+
+    extends "spree/api/v1/taxons/taxons"
+  end
+end

data/config/initializers/metal_load_paths.rb

@@ -0,0 +1 @@
+Spree::Api::V1::BaseController.append_view_path(ApplicationController.view_paths)

data/config/locales/en.yml

@@ -8,7 +8,14 @@ en:
       resource_not_found: "The resource you were looking for could not be found."
       gateway_error: "There was a problem with the payment gateway: %{text}"
       credit_over_limit: "This payment can only be credited up to %{limit}. Please specify an amount less than or equal to this number."
-
+      access: "API Access"
+      key: "Key"
+      clear_key: "Clear key"
+      regenerate_key: "Regenerate Key"
+      no_key: "No key"
+      generate_key: "Generate API key"
+      key_generated: "Key generated"
+      key_cleared: "Key cleared"
       order:
         could_not_transition: "The order could not be transitioned. Please fix the errors and try again."
         invalid_shipping_method: "Invalid shipping method specified."

data/config/routes.rb

@@ -1,4 +1,13 @@
 Spree::Core::Engine.routes.prepend do
+  namespace :admin do
+    resources :users do
+      member do
+        put :generate_api_key
+        put :clear_api_key
+      end
+    end
+  end
+
   namespace :api do
     scope :module => :v1 do
       resources :products do
@@ -7,14 +16,17 @@ Spree::Core::Engine.routes.prepend do
         end
 
         resources :variants
-        resources :images
       end
 
+      resources :images
+
       resources :variants, :only => [:index] do
-        resources :images
       end
 
       resources :orders do
+        collection do
+          get :search
+        end
         member do
           put :address
           put :delivery
@@ -40,6 +52,10 @@ Spree::Core::Engine.routes.prepend do
       end
 
       resources :countries, :only => [:index, :show]
+      resources :addresses, :only => [:show, :update]
+      resources :taxonomies do
+        resources :taxons
+      end
     end
   end
 end

data/lib/spree/api/controller_setup.rb

@@ -17,7 +17,6 @@ module Spree
 
           include CanCan::ControllerAdditions
           append_view_path File.expand_path("../../../app/views", File.dirname(__FILE__))
-          append_view_path Rails.root + "app/views"
 
           respond_to :json
         end

data/spec/controllers/spree/api/v1/addresses_controller_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+module Spree
+  describe Api::V1::AddressesController do
+    render_views
+
+    before do
+      stub_authentication!
+      @address = create(:address)
+    end
+
+    it "gets an address" do
+      api_get :show, :id => @address.id
+      json_response['address']['address1'].should eq @address.address1
+    end
+
+    it "updates an address" do
+      api_put :update, :id => @address.id,
+                       :address => { :address1 => "123 Test Lane" }
+      json_response['address']['address1'].should eq '123 Test Lane'
+    end
+  end
+end

data/spec/controllers/spree/api/v1/countries_controller_spec.rb

@@ -6,7 +6,7 @@ module Spree
 
     before do
       stub_authentication!
-      @state = Factory(:state)
+      @state = create(:state)
       @country = @state.country
     end
 

data/spec/controllers/spree/api/v1/images_controller_spec.rb

@@ -4,9 +4,9 @@ module Spree
   describe Spree::Api::V1::ImagesController do
     render_views
 
-    let!(:product) { Factory(:product) }
-    let!(:attributes) { [:id, :position, :attachment_content_type, 
-                         :attachment_file_name, :type, :attachment_updated_at, :attachment_width, 
+    let!(:product) { create(:product) }
+    let!(:attributes) { [:id, :position, :attachment_content_type,
+                         :attachment_file_name, :type, :attachment_updated_at, :attachment_width,
                          :attachment_height, :alt] }
 
     before do
@@ -14,19 +14,25 @@ module Spree
     end
 
     it "can upload a new image for a product" do
-      product.images.count.should == 0
-      api_post :create, :product_id => product.to_param, :image => { :attachment => upload_image("thinking-cat.jpg")  }
-      response.status.should == 201
-      json_response.should have_attributes(attributes)
-      product.images.count.should == 1
+      lambda do
+        api_post :create,
+                 :image => { :attachment => upload_image("thinking-cat.jpg"),
+                             :viewable_type => 'Spree::Product',
+                             :viewable_id => product.id  }
+        response.status.should == 201
+        json_response.should have_attributes(attributes)
+      end.should change(Image, :count).by(1)
     end
 
     it "can upload a new image for a variant" do
-      product.master.images.count.should == 0
-      api_post :create, :variant_id => product.master.to_param, :image => { :attachment => upload_image("thinking-cat.jpg") }
-      response.status.should == 201
-      json_response.should have_attributes(attributes)
-      product.images.count.should == 1
+      lambda do
+        api_post :create,
+                 :image => { :attachment => upload_image("thinking-cat.jpg"),
+                             :viewable_type => 'Spree::Variant',
+                             :viewable_id => product.master.to_param  }
+        response.status.should == 201
+        json_response.should have_attributes(attributes)
+      end.should change(Image, :count).by(1)
     end
 
     context "working with an existing image" do
@@ -34,14 +40,14 @@ module Spree
 
       it "can update image data" do
         product_image.position.should == 1
-        api_post :update, :variant_id => product.master.to_param, :image => { :position => 2 }, :id => product_image.id
+        api_post :update, :image => { :position => 2 }, :id => product_image.id
         response.status.should == 200
         json_response.should have_attributes(attributes)
         product_image.reload.position.should == 2
       end
 
       it "can delete an image" do
-        api_delete :destroy, :variant_id => product.master.to_param, :id => product_image.id
+        api_delete :destroy, :id => product_image.id
         response.status.should == 200
         lambda { product_image.reload }.should raise_error(ActiveRecord::RecordNotFound)
       end

data/spec/controllers/spree/api/v1/line_items_controller_spec.rb

@@ -5,12 +5,12 @@ module Spree
     render_views
 
     let!(:order) do
-     order = Factory(:order)
-     order.line_items << Factory(:line_item)
+     order = create(:order)
+     order.line_items << create(:line_item)
      order
     end
 
-    let(:product) { Factory(:product) }
+    let(:product) { create(:product) }
     let(:attributes) { [:id, :quantity, :price, :variant] }
     let(:resource_scoping) { { :order_id => order.to_param } }
 

data/spec/controllers/spree/api/v1/orders_controller_spec.rb

@@ -4,7 +4,7 @@ module Spree
   describe Api::V1::OrdersController do
     render_views
 
-    let!(:order) { Factory(:order) }
+    let!(:order) { create(:order) }
     let(:attributes) { [:number, :item_total, :total,
                         :state, :adjustment_total, :credit_total,
                         :user_id, :created_at, :updated_at,
@@ -35,7 +35,7 @@ module Spree
     end
 
     it "can create an order" do
-      variant = Factory(:variant)
+      variant = create(:variant)
       api_post :create, :order => { :line_items => [{ :variant_id => variant.to_param, :quantity => 5 }] }
       response.status.should == 200
       order = Order.last
@@ -47,7 +47,7 @@ module Spree
 
     context "working with an order" do
       before do
-        Factory(:payment_method)
+        create(:payment_method)
         order.next # Switch from cart to address
         order.ship_address.should be_nil
         order.state.should == "address"
@@ -60,10 +60,10 @@ module Spree
       end
 
       let(:address_params) { { :country_id => Country.first.id, :state_id => State.first.id } }
-      let(:shipping_address) { clean_address(Factory.attributes_for(:address).merge!(address_params)) }
-      let(:billing_address) { clean_address(Factory.attributes_for(:address).merge!(address_params)) }
-      let!(:shipping_method) { Factory(:shipping_method) }
-      let!(:payment_method) { Factory(:payment_method) }
+      let(:shipping_address) { clean_address(attributes_for(:address).merge!(address_params)) }
+      let(:billing_address) { clean_address(attributes_for(:address).merge!(address_params)) }
+      let!(:shipping_method) { create(:shipping_method) }
+      let!(:payment_method) { create(:payment_method) }
 
       it "can add address information to an order" do
         api_put :address, :id => order.to_param, :shipping_address => shipping_address, :billing_address => billing_address
@@ -104,7 +104,7 @@ module Spree
 
       context "with a line item" do
         before do
-          order.line_items << Factory(:line_item)
+          order.line_items << create(:line_item)
         end
 
         context "for delivery" do

data/spec/controllers/spree/api/v1/payments_controller_spec.rb

@@ -2,8 +2,8 @@ require 'spec_helper'
 
 module Spree
   describe Spree::Api::V1::PaymentsController do
-    let!(:order) { Factory(:order) }
-    let!(:payment) { Factory(:payment, :order => order) }
+    let!(:order) { create(:order) }
+    let!(:payment) { create(:payment, :order => order) }
     let!(:attributes) { [:id, :source_type, :source_id, :amount,
                          :payment_method_id, :response_code, :state, :avs_response, 
                          :created_at, :updated_at] }

data/spec/controllers/spree/api/v1/products_controller_spec.rb

@@ -4,9 +4,9 @@ module Spree
   describe Spree::Api::V1::ProductsController do
     render_views
 
-    let!(:product) { Factory(:product) }
-    let!(:inactive_product) { Factory(:product, :available_on => Time.now.tomorrow, :name => "inactive") }
-    let(:attributes) { [:id, :name, :description, :price, :available_on, :permalink, :count_on_hand, :meta_description, :meta_keywords] }
+    let!(:product) { create(:product) }
+    let!(:inactive_product) { create(:product, :available_on => Time.now.tomorrow, :name => "inactive") }
+    let(:attributes) { [:id, :name, :description, :price, :available_on, :permalink, :count_on_hand, :meta_description, :meta_keywords, :taxon_ids] }
 
     before do
       stub_authentication!
@@ -30,7 +30,7 @@ module Spree
         default_per_page(1)
 
         it "can select the next page of products" do
-          second_product = Factory(:product)
+          second_product = create(:product)
           api_get :index, :page => 2
           json_response["products"].first.should have_attributes(attributes)
           json_response["count"].should == 2
@@ -40,7 +40,7 @@ module Spree
       end
 
       it "can search for products" do
-        Factory(:product, :name => "The best product in the world")
+        create(:product, :name => "The best product in the world")
         api_get :search, :q => { :name_cont => "best" }
         json_response["products"].first.should have_attributes(attributes)
         json_response["count"].should == 1
@@ -64,7 +64,7 @@ module Spree
 
 
       context "finds a product by permalink first then by id" do
-        let!(:other_product) { Factory(:product, :permalink => "these-are-not-the-droids-you-are-looking-for") }
+        let!(:other_product) { create(:product, :permalink => "these-are-not-the-droids-you-are-looking-for") }
 
         before do
           product.update_attribute(:permalink, "#{other_product.id}-and-1-ways")

data/spec/controllers/spree/api/v1/shipments_controller_spec.rb

@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe Spree::Api::V1::ShipmentsController do
-  let!(:shipment) { Factory(:shipment) }
+  let!(:shipment) { create(:shipment) }
   let!(:attributes) { [:id, :tracking, :number, :cost, :shipped_at] }
 
   before do

data/spec/controllers/spree/api/v1/taxonomies_controller_spec.rb

@@ -0,0 +1,88 @@
+require 'spec_helper'
+
+module Spree
+  describe Api::V1::TaxonomiesController do
+    render_views
+
+    let(:taxonomy) { create(:taxonomy) }
+    let(:taxon) { create(:taxon, :name => "Ruby", :taxonomy => taxonomy) }
+    let(:taxon2) { create(:taxon, :name => "Rails", :taxonomy => taxonomy) }
+    let(:attributes) { [:id, :name] }
+
+    before do
+      stub_authentication!
+      taxon2.children << create(:taxon, :name => "3.2.2", :taxonomy => taxonomy)
+      taxon.children << taxon2
+      taxonomy.root.children << taxon
+    end
+
+    context "as a normal user" do
+      it "gets all taxonomies" do
+        api_get :index
+
+        json_response.first['taxonomy']['name'].should eq taxonomy.name
+        json_response.first['taxonomy']['root']['taxons'].count.should eq 1
+      end
+
+      it "gets a single taxonomy" do
+        api_get :show, :id => taxonomy.id
+
+        json_response['taxonomy']['name'].should eq taxonomy.name
+
+        children = json_response['taxonomy']['root']['taxons']
+        children.count.should eq 1
+        children.first['taxon']['name'].should eq taxon.name
+        children.first['taxon'].key?('taxons').should be_false
+      end
+
+      it "gets a single taxonomy with set=nested" do
+        api_get :show, :id => taxonomy.id, :set => 'nested'
+
+        json_response['taxonomy']['name'].should eq taxonomy.name
+
+        children = json_response['taxonomy']['root']['taxons']
+        children.first['taxon'].key?('taxons').should be_true
+      end
+
+      it "can learn how to create a new taxonomy" do
+        api_get :new
+        json_response["attributes"].should == attributes.map(&:to_s)
+        required_attributes = json_response["required_attributes"]
+        required_attributes.should include("name")
+      end
+
+      it "cannot create a new taxonomy if not an admin" do
+        api_post :create, :taxonomy => { :name => "Location" }
+        assert_unauthorized!
+      end
+
+      it "cannot update a taxonomy" do
+        api_put :update, :id => taxonomy.id, :taxonomy => { :name => "I hacked your store!" }
+        assert_unauthorized!
+      end
+
+      it "cannot delete a taxonomy" do
+        api_delete :destroy, :id => taxonomy.id
+        assert_unauthorized!
+      end
+    end
+
+    context "as an admin" do
+      sign_in_as_admin!
+
+      it "can create" do
+        api_post :create, :taxonomy => { :name => "Colors"}
+        json_response.should have_attributes(attributes)
+        response.status.should == 201
+      end
+
+      it "cannot create a new taxonomy with invalid attributes" do
+        api_post :create, :taxonomy => {}
+        response.status.should == 422
+        json_response["error"].should == "Invalid resource. Please fix errors and try again."
+        errors = json_response["errors"]
+      end
+    end
+
+  end
+end

data/spec/controllers/spree/api/v1/taxons_controller_spec.rb

@@ -0,0 +1,82 @@
+require 'spec_helper'
+
+module Spree
+  describe Api::V1::TaxonsController do
+    render_views
+
+    let(:taxonomy) { Factory(:taxonomy) }
+    let(:taxon) { Factory(:taxon, :name => "Ruby", :taxonomy => taxonomy) }
+    let(:taxon2) { Factory(:taxon, :name => "Rails", :taxonomy => taxonomy) }
+    let(:attributes) { ["id", "name", "permalink", "position", "parent_id", "taxonomy_id"] }
+
+    before do
+      stub_authentication!
+      taxon2.children << create(:taxon, :name => "3.2.2", :taxonomy => taxonomy)
+      taxon.children << taxon2
+      taxonomy.root.children << taxon
+    end
+
+    context "as a normal user" do
+      it "gets all taxons" do
+        api_get :index, :taxonomy_id => taxonomy.id
+
+        json_response.first['taxon']['name'].should eq taxon.name
+        children = json_response.first['taxon']['taxons']
+        children.count.should eq 1
+        children.first['taxon']['name'].should eq taxon2.name
+        children.first['taxon']['taxons'].count.should eq 1
+      end
+
+      it "gets a single taxon" do
+        api_get :show, :id => taxon.id, :taxonomy_id => taxonomy.id
+
+        json_response['taxon']['name'].should eq taxon.name
+        json_response['taxon']['taxons'].count.should eq 1
+      end
+
+      it "can learn how to create a new taxon" do
+        api_get :new, :taxonomy_id => taxonomy.id
+        json_response["attributes"].should == attributes.map(&:to_s)
+        required_attributes = json_response["required_attributes"]
+        required_attributes.should include("name")
+      end
+
+      it "cannot create a new taxon if not an admin" do
+        api_post :create, :taxonomy_id => taxonomy.id, :taxon => { :name => "Location" }
+        assert_unauthorized!
+      end
+
+      it "cannot update a taxon" do
+        api_put :update, :taxonomy_id => taxonomy.id, :id => taxon.id, :taxon => { :name => "I hacked your store!" }
+        assert_unauthorized!
+      end
+
+      it "cannot delete a taxon" do
+        api_delete :destroy, :taxonomy_id => taxonomy.id, :id => taxon.id
+        assert_unauthorized!
+      end
+    end
+
+    context "as an admin" do
+      sign_in_as_admin!
+
+      it "can create" do
+        api_post :create, :taxonomy_id => taxonomy.id, :taxon => { :name => "Colors", :parent_id => taxon.id}
+        json_response.should have_attributes(attributes)
+        response.status.should == 201
+
+        taxon.reload.children.count.should eq 2
+      end
+
+      it "cannot create a new taxon with invalid attributes" do
+        api_post :create, :taxonomy_id => taxonomy.id, :taxon => {}
+        response.status.should == 422
+        json_response["error"].should == "Invalid resource. Please fix errors and try again."
+        errors = json_response["errors"]
+
+        taxon.reload.children.count.should eq 1
+      end
+    end
+
+  end
+end

data/spec/controllers/spree/api/v1/variants_controller_spec.rb

@@ -5,10 +5,10 @@ module Spree
     render_views
 
 
-    let!(:product) { Factory(:product) }
+    let!(:product) { create(:product) }
     let!(:variant) do
       variant = product.master
-      variant.option_values << Factory(:option_value)
+      variant.option_values << create(:option_value)
       variant
     end
     let!(:attributes) { [:id, :name, :count_on_hand,

data/spec/spec_helper.rb

@@ -16,6 +16,7 @@ require 'spree/api/testing_support/setup'
 RSpec.configure do |config|
   config.backtrace_clean_patterns = [/gems\/activesupport/, /gems\/actionpack/, /gems\/rspec/]
 
+  config.include FactoryGirl::Syntax::Methods
   config.include Spree::Api::TestingSupport::Helpers, :type => :controller
   config.extend Spree::Api::TestingSupport::Setup, :type => :controller
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: spree_api
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.1.1
   prerelease: 
 platform: ruby
 authors:
@@ -9,33 +9,33 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-04-28 00:00:00.000000000 Z
+date: 2012-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: spree_core
-  requirement: &70116387070120 !ruby/object:Gem::Requirement
+  requirement: &70243020240540 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
       - !ruby/object:Gem::Version
-        version: 1.1.0
+        version: 1.1.1
   type: :runtime
   prerelease: false
-  version_requirements: *70116387070120
+  version_requirements: *70243020240540
 - !ruby/object:Gem::Dependency
   name: spree_auth
-  requirement: &70116387068680 !ruby/object:Gem::Requirement
+  requirement: &70243020240060 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
       - !ruby/object:Gem::Version
-        version: 1.1.0
+        version: 1.1.1
   type: :runtime
   prerelease: false
-  version_requirements: *70116387068680
+  version_requirements: *70243020240060
 - !ruby/object:Gem::Dependency
   name: rabl
-  requirement: &70116387015640 !ruby/object:Gem::Requirement
+  requirement: &70243020239600 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -43,10 +43,10 @@ dependencies:
         version: 0.6.5
   type: :runtime
   prerelease: false
-  version_requirements: *70116387015640
+  version_requirements: *70243020239600
 - !ruby/object:Gem::Dependency
   name: rspec-rails
-  requirement: &70116387011680 !ruby/object:Gem::Requirement
+  requirement: &70243020238960 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - =
@@ -54,10 +54,10 @@ dependencies:
         version: 2.9.0
   type: :development
   prerelease: false
-  version_requirements: *70116387011680
+  version_requirements: *70243020238960
 - !ruby/object:Gem::Dependency
   name: database_cleaner
-  requirement: &70116387010380 !ruby/object:Gem::Requirement
+  requirement: &70243020238580 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -65,7 +65,7 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70116387010380
+  version_requirements: *70243020238580
 description: Spree's API
 email:
 - ryan@spreecommerce.com
@@ -76,8 +76,9 @@ files:
 - .gitignore
 - Gemfile
 - LICENSE
-- README.md
 - Rakefile
+- app/controllers/spree/admin/users_controller_decorator.rb
+- app/controllers/spree/api/v1/addresses_controller.rb
 - app/controllers/spree/api/v1/base_controller.rb
 - app/controllers/spree/api/v1/countries_controller.rb
 - app/controllers/spree/api/v1/images_controller.rb
@@ -86,6 +87,8 @@ files:
 - app/controllers/spree/api/v1/payments_controller.rb
 - app/controllers/spree/api/v1/products_controller.rb
 - app/controllers/spree/api/v1/shipments_controller.rb
+- app/controllers/spree/api/v1/taxonomies_controller.rb
+- app/controllers/spree/api/v1/taxons_controller.rb
 - app/controllers/spree/api/v1/variants_controller.rb
 - app/helpers/spree/api/api_helpers.rb
 - app/models/spree/line_item_decorator.rb
@@ -93,6 +96,9 @@ files:
 - app/models/spree/order_decorator.rb
 - app/models/spree/payment_decorator.rb
 - app/models/spree/user_decorator.rb
+- app/overrides/api_admin_user_edit_form.rb
+- app/views/spree/admin/users/_api_fields.html.erb
+- app/views/spree/api/v1/addresses/show.rabl
 - app/views/spree/api/v1/countries/index.rabl
 - app/views/spree/api/v1/countries/show.rabl
 - app/views/spree/api/v1/errors/gateway_error.rabl
@@ -123,10 +129,19 @@ files:
 - app/views/spree/api/v1/products/product.rabl
 - app/views/spree/api/v1/products/show.rabl
 - app/views/spree/api/v1/shipments/show.rabl
+- app/views/spree/api/v1/taxonomies/index.rabl
+- app/views/spree/api/v1/taxonomies/nested.rabl
+- app/views/spree/api/v1/taxonomies/new.rabl
+- app/views/spree/api/v1/taxonomies/show.rabl
+- app/views/spree/api/v1/taxons/index.rabl
+- app/views/spree/api/v1/taxons/new.rabl
+- app/views/spree/api/v1/taxons/show.rabl
+- app/views/spree/api/v1/taxons/taxons.rabl
 - app/views/spree/api/v1/variants/index.rabl
 - app/views/spree/api/v1/variants/new.rabl
 - app/views/spree/api/v1/variants/show.rabl
 - app/views/spree/api/v1/variants/variant.rabl
+- config/initializers/metal_load_paths.rb
 - config/locales/en.yml
 - config/routes.rb
 - db/migrate/20100107141738_add_api_key_to_spree_users.rb
@@ -139,6 +154,7 @@ files:
 - lib/spree/api/version.rb
 - lib/spree_api.rb
 - script/rails
+- spec/controllers/spree/api/v1/addresses_controller_spec.rb
 - spec/controllers/spree/api/v1/base_controller_spec.rb
 - spec/controllers/spree/api/v1/countries_controller_spec.rb
 - spec/controllers/spree/api/v1/images_controller_spec.rb
@@ -147,6 +163,8 @@ files:
 - spec/controllers/spree/api/v1/payments_controller_spec.rb
 - spec/controllers/spree/api/v1/products_controller_spec.rb
 - spec/controllers/spree/api/v1/shipments_controller_spec.rb
+- spec/controllers/spree/api/v1/taxonomies_controller_spec.rb
+- spec/controllers/spree/api/v1/taxons_controller_spec.rb
 - spec/controllers/spree/api/v1/variants_controller_spec.rb
 - spec/fixtures/thinking-cat.jpg
 - spec/models/spree/order_spec.rb
@@ -170,7 +188,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 618732053223266577
+      hash: -3593481641416743509
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -179,7 +197,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 618732053223266577
+      hash: -3593481641416743509
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.10
@@ -187,6 +205,7 @@ signing_key:
 specification_version: 3
 summary: Spree's API
 test_files:
+- spec/controllers/spree/api/v1/addresses_controller_spec.rb
 - spec/controllers/spree/api/v1/base_controller_spec.rb
 - spec/controllers/spree/api/v1/countries_controller_spec.rb
 - spec/controllers/spree/api/v1/images_controller_spec.rb
@@ -195,6 +214,8 @@ test_files:
 - spec/controllers/spree/api/v1/payments_controller_spec.rb
 - spec/controllers/spree/api/v1/products_controller_spec.rb
 - spec/controllers/spree/api/v1/shipments_controller_spec.rb
+- spec/controllers/spree/api/v1/taxonomies_controller_spec.rb
+- spec/controllers/spree/api/v1/taxons_controller_spec.rb
 - spec/controllers/spree/api/v1/variants_controller_spec.rb
 - spec/fixtures/thinking-cat.jpg
 - spec/models/spree/order_spec.rb

data/README.md

@@ -1,29 +0,0 @@
-# Api
-
-TODO: Write a gem description
-
-## Installation
-
-Add this line to your application's Gemfile:
-
-    gem 'api'
-
-And then execute:
-
-    $ bundle
-
-Or install it yourself as:
-
-    $ gem install api
-
-## Usage
-
-TODO: Write usage instructions here
-
-## Contributing
-
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Added some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request