RubyGems - spree_api - Versions diffs - 1.2.0 → 1.2.2 - Mend

spree_api 1.2.0 → 1.2.2

Files changed (55) hide show

data/app/helpers/spree/api/api_helpers.rb CHANGED Viewed

@@ -63,6 +63,14 @@ module Spree
       def taxon_attributes
         [:id, :name, :permalink, :position, :parent_id, :taxonomy_id]
       end
+      def return_authorization_attributes
+        [:id, :number, :state, :amount, :order_id, :reason, :created_at, :updated_at]
+      end
+      def country_attributes
+        [:id, :iso_name, :iso, :iso3, :name, :numcode]
+      end
     end
   end
 end

data/app/models/spree/api_configuration.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Spree
+  class ApiConfiguration < Preferences::Configuration
+    preference :requires_authentication, :boolean, :default => true
+  end
+end

data/app/models/spree/order_decorator.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 Spree::Order.class_eval do
   def self.build_from_api(user, params)
     order = create
+    params[:line_items_attributes] ||= []
     params[:line_items_attributes].each do |line_item|
       order.add_variant(Spree::Variant.find(line_item[:variant_id]), line_item[:quantity])
     end

data/app/views/spree/api/v1/countries/index.rabl CHANGED Viewed

@@ -1,2 +1,7 @@
-collection @countries
-extends "spree/api/v1/countries/show"
+object false
+child(@countries => :countries) do
+  attributes *country_attributes
+end
+node(:count) { @countries.count }
+node(:current_page) { params[:page] || 1 }
+node(:pages) { @countries.num_pages }

data/app/views/spree/api/v1/countries/show.rabl CHANGED Viewed

@@ -1,5 +1,5 @@
 object @country
-attributes :id, :iso_name, :iso, :iso3, :name, :numcode
+attributes *country_attributes
 child :states => :states do
   attributes :id, :name, :abbr, :country_id
-end
+end

data/app/views/spree/api/v1/orders/index.rabl CHANGED Viewed

@@ -1,5 +1,5 @@
 object false
-child(@orders) do
+child(@orders => :orders) do
   attributes *order_attributes
 end
 node(:count) { @orders.count }

data/app/views/spree/api/v1/orders/show.rabl CHANGED Viewed

@@ -1,6 +1,9 @@
 object @order
 attributes *order_attributes
-extends "spree/api/v1/orders/#{@order.state}"
+if lookup_context.find_all("spree/api/v1/orders/#{@order.state}").present?
+  extends "spree/api/v1/orders/#{@order.state}"
+end
 child :billing_address => :bill_address do
   extends "spree/api/v1/addresses/show"

data/app/views/spree/api/v1/payments/index.rabl CHANGED Viewed

@@ -1,2 +1,7 @@
-collection @payments
-attributes *payment_attributes
+object false
+child(@payments => :payments) do
+  attributes *payment_attributes
+end
+node(:count) { @payments.count }
+node(:current_page) { params[:page] || 1 }
+node(:pages) { @payments.num_pages }

data/app/views/spree/api/v1/product_properties/index.rabl ADDED Viewed

@@ -0,0 +1,7 @@
+object false
+child(@product_properties => :product_properties) do
+  attributes *product_property_attributes
+end
+node(:count) { @product_properties.count }
+node(:current_page) { params[:page] || 1 }
+node(:pages) { @product_properties.num_pages }

data/app/views/spree/api/v1/product_properties/new.rabl ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ node(:attributes) { [*product_property_attributes] }
2	+ node(:required_attributes) { [] }

data/app/views/spree/api/v1/product_properties/show.rabl ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ object @product_property
2	+ attributes *product_property_attributes

data/app/views/spree/api/v1/products/index.rabl CHANGED Viewed

@@ -1,5 +1,6 @@
 object false
-node(:count) { @products.total_count }
+node(:count) { @products.count }
+node(:total_count) { @products.total_count }
 node(:current_page) { params[:page] ? params[:page].to_i : 1 }
 node(:pages) { @products.num_pages }
 child(@products) do

data/app/views/spree/api/v1/return_authorizations/index.rabl ADDED Viewed

@@ -0,0 +1,7 @@
+object false
+child(@return_authorizations => :return_authorizations) do
+  attributes *return_authorization_attributes
+end
+node(:count) { @return_authorizations.count }
+node(:current_page) { params[:page] || 1 }
+node(:pages) { @return_authorizations.num_pages }

data/app/views/spree/api/v1/return_authorizations/new.rabl ADDED Viewed

@@ -0,0 +1,3 @@
+object false
+node(:attributes) { [*return_authorization_attributes] }
+node(:required_attributes) { required_fields_for(Spree::ReturnAuthorization) }

data/app/views/spree/api/v1/return_authorizations/show.rabl ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ object @return_authorization
2	+ attributes *return_authorization_attributes

data/app/views/spree/api/v1/taxonomies/index.rabl CHANGED Viewed

@@ -1,2 +1,7 @@
-collection @taxonomies
-extends "spree/api/v1/taxonomies/show"
+object false
+child(@taxonomies => :taxonomies) do
+  extends "spree/api/v1/taxonomies/show"
+end
+node(:count) { @taxonomies.count }
+node(:current_page) { params[:page] || 1 }
+node(:pages) { @taxonomies.num_pages }

data/app/views/spree/api/v1/variants/index.rabl CHANGED Viewed

@@ -1,3 +1,10 @@
-collection @variants
-attributes *variant_attributes
-child(:option_values => :option_values) { attributes *option_value_attributes }
+object false
+node(:count) { @variants.count }
+node(:total_count) { @variants.total_count }
+node(:current_page) { params[:page] ? params[:page].to_i : 1 }
+node(:pages) { @variants.num_pages }
+child(@variants => :variants) do
+  attributes *variant_attributes
+  child(:option_values => :option_values) { attributes *option_value_attributes }
+end

data/app/views/spree/api/v1/zones/index.rabl CHANGED Viewed

@@ -1,2 +1,7 @@
-collection @zones
-extends 'spree/api/v1/zones/show'
+object false
+child(@zones => :zones) do
+  extends 'spree/api/v1/zones/show'
+end
+node(:count) { @zones.count }
+node(:current_page) { params[:page] || 1 }
+node(:pages) { @zones.num_pages }

data/config/routes.rb CHANGED Viewed

@@ -11,22 +11,16 @@ Spree::Core::Engine.routes.prepend do
   namespace :api do
     scope :module => :v1 do
       resources :products do
-        collection do
-          get :search
-        end
         resources :variants
+        resources :product_properties
       end
       resources :images
       resources :variants, :only => [:index] do
       end
       resources :orders do
-        collection do
-          get :search
-        end
+        resources :return_authorizations
         member do
           put :address
           put :delivery
@@ -38,6 +32,7 @@ Spree::Core::Engine.routes.prepend do
         resources :payments do
           member do
             put :authorize
+            put :capture
             put :purchase
             put :void
             put :credit

data/lib/spree/api/engine.rb CHANGED Viewed

@@ -6,6 +6,10 @@ module Spree
       isolate_namespace Spree
       engine_name 'spree_api'
+      initializer "spree.api.environment", :before => :load_config_initializers do |app|
+        Spree::Api::Config = Spree::ApiConfiguration.new
+      end
       def self.activate
         Dir.glob(File.join(File.dirname(__FILE__), "../../../app/**/*_decorator*.rb")) do |c|
           Rails.configuration.cache_classes ? require(c) : load(c)

data/spec/controllers/spree/api/v1/addresses_controller_spec.rb CHANGED Viewed

@@ -9,15 +9,37 @@ module Spree
       @address = create(:address)
     end
-    it "gets an address" do
-      api_get :show, :id => @address.id
-      json_response['address']['address1'].should eq @address.address1
+    context "with their own address" do
+      before do
+        Address.any_instance.stub :user => current_api_user
+      end
+      it "gets an address" do
+        api_get :show, :id => @address.id
+        json_response['address']['address1'].should eq @address.address1
+      end
+      it "updates an address" do
+        api_put :update, :id => @address.id,
+                         :address => { :address1 => "123 Test Lane" }
+        json_response['address']['address1'].should eq '123 Test Lane'
+      end
     end
-    it "updates an address" do
-      api_put :update, :id => @address.id,
-                       :address => { :address1 => "123 Test Lane" }
-      json_response['address']['address1'].should eq '123 Test Lane'
+    context "on somebody else's address" do
+      before do
+        Address.any_instance.stub :user => stub_model(Spree::LegacyUser)
+      end
+      it "cannot retreive address information" do
+        api_get :show, :id => @address.id
+        assert_unauthorized!
+      end
+      it "cannot update address information" do
+        api_get :update, :id => @address.id
+        assert_unauthorized!
+      end
     end
   end
 end

data/spec/controllers/spree/api/v1/base_controller_spec.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 require 'spec_helper'
 describe Spree::Api::V1::BaseController do
+  render_views
   controller(Spree::Api::V1::BaseController) do
     def index
       render :json => { "products" => [] }

data/spec/controllers/spree/api/v1/countries_controller_spec.rb CHANGED Viewed

@@ -12,7 +12,31 @@ module Spree
     it "gets all countries" do
       api_get :index
-      json_response.first['country']['iso3'].should eq @country.iso3
+      json_response["countries"].first['country']['iso3'].should eq @country.iso3
+    end
+    context "with two countries" do
+      before { @zambia = create(:country, :name => "Zambia") }
+      it "can view all countries" do
+        api_get :index
+        json_response['count'].should == 2
+        json_response['current_page'].should == 1
+        json_response['pages'].should == 1
+      end
+      it 'can query the results through a paramter' do
+        api_get :index, :q => { :name_cont => 'zam' }
+        json_response['count'].should == 1
+        json_response['countries'].first['country']['name'].should eq @zambia.name
+      end
+      it 'can control the page size through a parameter' do
+        api_get :index, :per_page => 1
+        json_response['count'].should == 1
+        json_response['current_page'].should == 1
+        json_response['pages'].should == 2
+      end
     end
     it "includes states" do

data/spec/controllers/spree/api/v1/images_controller_spec.rb CHANGED Viewed

@@ -13,32 +13,53 @@ module Spree
       stub_authentication!
     end
-    it "can upload a new image for a variant" do
-      lambda do
-        api_post :create,
-                 :image => { :attachment => upload_image('thinking-cat.jpg'),
-                             :viewable_type => 'Spree::Variant',
-                             :viewable_id => product.master.to_param  }
-        response.status.should == 201
-        json_response.should have_attributes(attributes)
-      end.should change(Image, :count).by(1)
+    context "as an admin" do
+      sign_in_as_admin!
+      it "can upload a new image for a variant" do
+        lambda do
+          api_post :create,
+                   :image => { :attachment => upload_image('thinking-cat.jpg'),
+                               :viewable_type => 'Spree::Variant',
+                               :viewable_id => product.master.to_param  }
+          response.status.should == 201
+          json_response.should have_attributes(attributes)
+        end.should change(Image, :count).by(1)
+      end
+      context "working with an existing image" do
+        let!(:product_image) { product.master.images.create!(:attachment => image('thinking-cat.jpg')) }
+        it "can update image data" do
+          product_image.position.should == 1
+          api_post :update, :image => { :position => 2 }, :id => product_image.id
+          response.status.should == 200
+          json_response.should have_attributes(attributes)
+          product_image.reload.position.should == 2
+        end
+        it "can delete an image" do
+          api_delete :destroy, :id => product_image.id
+          response.status.should == 204
+          lambda { product_image.reload }.should raise_error(ActiveRecord::RecordNotFound)
+        end
+      end
     end
-    context "working with an existing image" do
-      let!(:product_image) { product.master.images.create!(:attachment => image('thinking-cat.jpg')) }
+    context "as a non-admin" do
+      it "cannot create an image" do
+        api_post :create
+        assert_unauthorized!
+      end
-      it "can update image data" do
-        product_image.position.should == 1
-        api_post :update, :image => { :position => 2 }, :id => product_image.id
-        response.status.should == 200
-        json_response.should have_attributes(attributes)
-        product_image.reload.position.should == 2
+      it "cannot update an image" do
+        api_put :update, :id => 1
+        assert_unauthorized!
       end
-      it "can delete an image" do
-        api_delete :destroy, :id => product_image.id
-        response.status.should == 200
-        lambda { product_image.reload }.should raise_error(ActiveRecord::RecordNotFound)
+      it "cannot delete an image" do
+        api_delete :destroy, :id => 1
+        assert_unauthorized!
       end
     end
   end

data/spec/controllers/spree/api/v1/line_items_controller_spec.rb CHANGED Viewed

@@ -47,7 +47,7 @@ module Spree
       it "can delete a line item on the order" do
         line_item = order.line_items.first
         api_delete :destroy, :id => line_item.id
-        response.status.should == 200
+        response.status.should == 204
         lambda { line_item.reload }.should raise_error(ActiveRecord::RecordNotFound)
       end
     end

data/spec/controllers/spree/api/v1/orders_controller_spec.rb CHANGED Viewed

@@ -28,6 +28,13 @@ module Spree
       json_response.should have_attributes(attributes)
     end
+    # Regression test for #1992
+    it "can view an order not in a standard state" do
+      Order.any_instance.stub :user => current_api_user
+      order.update_column(:state, 'shipped')
+      api_get :show, :id => order.to_param
+    end
     it "can not view someone else's order" do
       Order.any_instance.stub :user => stub_model(Spree::LegacyUser)
       api_get :show, :id => order.to_param
@@ -54,7 +61,7 @@ module Spree
     it "can create an order" do
       variant = create(:variant)
       api_post :create, :order => { :line_items => [{ :variant_id => variant.to_param, :quantity => 5 }] }
-      response.status.should == 200
+      response.status.should == 201
       order = Order.last
       order.line_items.count.should == 1
       order.line_items.first.variant.should == variant
@@ -62,6 +69,13 @@ module Spree
       json_response["order"]["state"].should == "address"
     end
+    it "can create an order without any parameters" do
+      lambda { api_post :create }.should_not raise_error(NoMethodError)
+      response.status.should == 201
+      order = Order.last
+      json_response["order"]["state"].should == "address"
+    end
     context "working with an order" do
       before do
         Order.any_instance.stub :user => current_api_user
@@ -97,6 +111,15 @@ module Spree
         json_response["order"]["shipping_methods"].should_not be_empty
       end
+      it "can add just shipping address information to an order" do
+        api_put :address, :id => order.to_param, :shipping_address => shipping_address
+        response.status.should == 200
+        order.reload
+        order.shipping_address.reload
+        order.shipping_address.firstname.should == shipping_address[:firstname]
+        order.bill_address.should be_nil
+      end
       it "cannot use an address that has no valid shipping methods" do
         shipping_method.destroy
         api_put :address, :id => order.to_param, :shipping_address => shipping_address, :billing_address => billing_address
@@ -165,6 +188,14 @@ module Spree
     context "as an admin" do
       sign_in_as_admin!
+      context "with no orders" do
+        before { Spree::Order.delete_all }
+        it "still returns a root :orders key" do
+          api_get :index
+          json_response["orders"].should == []
+        end
+      end
       context "with two orders" do
         before { create(:order) }
@@ -187,6 +218,25 @@ module Spree
         end
       end
+      context "search" do
+        before do
+          create(:order)
+          Spree::Order.last.update_attribute(:email, 'spree@spreecommerce.com')
+        end
+        let(:expected_result) { Spree::Order.last }
+        it "can query the results through a parameter" do
+          api_get :index, :q => { :email_cont => 'spree' }
+          json_response["orders"].count.should == 1
+          json_response["orders"].first.should have_attributes(attributes)
+          json_response["orders"].first["order"]["email"].should == expected_result.email
+          json_response["count"].should == 1
+          json_response["current_page"].should == 1
+          json_response["pages"].should == 1
+        end
+      end
       context "can cancel an order" do
         before do
           order.completed_at = Time.now