spree_api 2.1.1 → 2.1.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (29) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +18 -0
  3. data/app/controllers/spree/api/base_controller.rb +10 -1
  4. data/app/controllers/spree/api/countries_controller.rb +2 -0
  5. data/app/controllers/spree/api/orders_controller.rb +9 -2
  6. data/app/controllers/spree/api/payments_controller.rb +13 -2
  7. data/app/controllers/spree/api/states_controller.rb +2 -0
  8. data/app/controllers/spree/api/stock_items_controller.rb +2 -1
  9. data/app/controllers/spree/api/stock_locations_controller.rb +1 -0
  10. data/app/controllers/spree/api/stock_movements_controller.rb +1 -0
  11. data/app/helpers/spree/api/api_helpers.rb +2 -3
  12. data/app/models/spree/option_value_decorator.rb +4 -0
  13. data/app/models/spree/order_decorator.rb +25 -18
  14. data/app/views/spree/api/payments/credit_over_limit.v1.rabl +1 -1
  15. data/app/views/spree/api/payments/new.v1.rabl +0 -1
  16. data/app/views/spree/api/payments/update_forbidden.v1.rabl +2 -0
  17. data/config/locales/en.yml +3 -1
  18. data/config/routes.rb +1 -1
  19. data/lib/spree/api/responders/rabl_template.rb +1 -1
  20. data/spec/controllers/spree/api/base_controller_spec.rb +1 -1
  21. data/spec/controllers/spree/api/checkouts_controller_spec.rb +14 -0
  22. data/spec/controllers/spree/api/orders_controller_spec.rb +84 -17
  23. data/spec/controllers/spree/api/payments_controller_spec.rb +118 -77
  24. data/spec/controllers/spree/api/stock_items_controller_spec.rb +62 -26
  25. data/spec/controllers/spree/api/stock_locations_controller_spec.rb +56 -29
  26. data/spec/controllers/spree/api/stock_movements_controller_spec.rb +51 -27
  27. data/spec/controllers/spree/api/zones_controller_spec.rb +2 -2
  28. data/spec/models/spree/order_spec.rb +71 -4
  29. metadata +5 -4
@@ -5,11 +5,12 @@ module Spree
5
5
  render_views
6
6
  let!(:order) { create(:order) }
7
7
  let!(:payment) { create(:payment, :order => order) }
8
- let!(:attributes) { [:id, :source_type, :source_id, :amount,
8
+ let!(:attributes) { [:id, :source_type, :source_id, :amount, :display_amount,
9
9
  :payment_method_id, :response_code, :state, :avs_response,
10
10
  :created_at, :updated_at] }
11
11
 
12
12
  let(:resource_scoping) { { :order_id => order.to_param } }
13
+
13
14
  before do
14
15
  stub_authentication!
15
16
  end
@@ -43,6 +44,11 @@ module Spree
43
44
  json_response.should have_attributes(attributes)
44
45
  end
45
46
 
47
+ it "cannot update a payment" do
48
+ api_put :update, :id => payment.to_param, :payment => { :amount => 2.01 }
49
+ assert_unauthorized!
50
+ end
51
+
46
52
  it "cannot authorize a payment" do
47
53
  api_put :authorize, :id => payment.to_param
48
54
  assert_unauthorized!
@@ -93,84 +99,120 @@ module Spree
93
99
  end
94
100
 
95
101
  context "for a given payment" do
102
+ context "updating" do
103
+ it "can update" do
104
+ payment.update_attributes(:state => 'pending')
105
+ api_put :update, :id => payment.to_param, :payment => { :amount => 2.01 }
106
+ response.status.should == 200
107
+ payment.reload.amount.should == 2.01
108
+ end
96
109
 
97
- it "can authorize" do
98
- api_put :authorize, :id => payment.to_param
99
- response.status.should == 200
100
- payment.reload
101
- payment.state.should == "pending"
110
+ context "update fails" do
111
+ it "returns a 422 status when the amount is invalid" do
112
+ payment.update_attributes(:state => 'pending')
113
+ api_put :update, :id => payment.to_param, :payment => { :amount => 'invalid' }
114
+ response.status.should == 422
115
+ json_response["error"].should == "Invalid resource. Please fix errors and try again."
116
+ end
117
+
118
+ it "returns a 403 status when the payment is not pending" do
119
+ payment.update_attributes(:state => 'completed')
120
+ api_put :update, :id => payment.to_param, :payment => { :amount => 2.01 }
121
+ response.status.should == 403
122
+ json_response["error"].should == "This payment cannot be updated because it is completed."
123
+ end
124
+ end
102
125
  end
103
126
 
104
- context "authorization fails" do
105
- before do
106
- fake_response = double(:success? => false, :to_s => "Could not authorize card")
107
- Spree::Gateway::Bogus.any_instance.should_receive(:authorize).and_return(fake_response)
127
+ context "authorizing" do
128
+ it "can authorize" do
108
129
  api_put :authorize, :id => payment.to_param
109
- end
110
-
111
- it "returns a 422 status" do
112
- response.status.should == 422
113
- json_response["error"].should == "There was a problem with the payment gateway: Could not authorize card"
130
+ response.status.should == 200
131
+ payment.reload.state.should == "pending"
114
132
  end
115
133
 
116
- it "returns a 422 status" do
117
- pending "Investigate why a payment.reload after the request raises 'stack level too deep'"
118
- payment.reload
119
- payment.state.should == "failed"
134
+ context "authorization fails" do
135
+ before do
136
+ fake_response = double(:success? => false, :to_s => "Could not authorize card")
137
+ Spree::Gateway::Bogus.any_instance.should_receive(:authorize).and_return(fake_response)
138
+ api_put :authorize, :id => payment.to_param
139
+ end
140
+
141
+ it "returns a 422 status" do
142
+ response.status.should == 422
143
+ json_response["error"].should == "There was a problem with the payment gateway: Could not authorize card"
144
+ end
145
+
146
+ it "does not raise a stack level error" do
147
+ pending "Investigate why a payment.reload after the request raises 'stack level too deep'"
148
+ payment.reload.state.should == "failed"
149
+ end
120
150
  end
121
151
  end
122
152
 
123
- it "can capture" do
124
- api_put :capture, :id => payment.to_param
125
- response.status.should == 200
126
- payment.reload
127
- payment.state.should == "completed"
128
- end
129
-
130
- it "returns a 422 status when purchasing fails" do
131
- fake_response = double(:success? => false, :to_s => "Insufficient funds")
132
- Spree::Gateway::Bogus.any_instance.should_receive(:capture).and_return(fake_response)
133
- api_put :capture, :id => payment.to_param
134
- response.status.should == 422
135
- json_response["error"].should == "There was a problem with the payment gateway: Insufficient funds"
136
- end
153
+ context "capturing" do
154
+ it "can capture" do
155
+ api_put :capture, :id => payment.to_param
156
+ response.status.should == 200
157
+ payment.reload.state.should == "completed"
158
+ end
137
159
 
138
- it "can purchase" do
139
- api_put :purchase, :id => payment.to_param
140
- response.status.should == 200
141
- payment.reload
142
- payment.state.should == "completed"
160
+ context "capturing fails" do
161
+ before do
162
+ fake_response = double(:success? => false, :to_s => "Insufficient funds")
163
+ Spree::Gateway::Bogus.any_instance.should_receive(:capture).and_return(fake_response)
164
+ end
165
+
166
+ it "returns a 422 status" do
167
+ api_put :capture, :id => payment.to_param
168
+ response.status.should == 422
169
+ json_response["error"].should == "There was a problem with the payment gateway: Insufficient funds"
170
+ end
171
+ end
143
172
  end
144
173
 
145
- context "purchasing fails" do
146
- before do
147
- fake_response = double(:success? => false, :to_s => "Insufficient funds")
148
- Spree::Gateway::Bogus.any_instance.should_receive(:purchase).and_return(fake_response)
174
+ context "purchasing" do
175
+ it "can purchase" do
176
+ api_put :purchase, :id => payment.to_param
177
+ response.status.should == 200
178
+ payment.reload.state.should == "completed"
149
179
  end
150
180
 
151
- it "returns a 422" do
152
- api_put :purchase, :id => payment.to_param
153
- response.status.should == 422
154
- json_response["error"].should == "There was a problem with the payment gateway: Insufficient funds"
181
+ context "purchasing fails" do
182
+ before do
183
+ fake_response = double(:success? => false, :to_s => "Insufficient funds")
184
+ Spree::Gateway::Bogus.any_instance.should_receive(:purchase).and_return(fake_response)
185
+ end
186
+
187
+ it "returns a 422 status" do
188
+ api_put :purchase, :id => payment.to_param
189
+ response.status.should == 422
190
+ json_response["error"].should == "There was a problem with the payment gateway: Insufficient funds"
191
+ end
155
192
  end
156
193
  end
157
194
 
158
- it "can void" do
159
- api_put :void, :id => payment.to_param
160
- response.status.should == 200
161
- payment.reload
162
- payment.state.should == "void"
163
- end
195
+ context "voiding" do
196
+ it "can void" do
197
+ api_put :void, :id => payment.to_param
198
+ response.status.should == 200
199
+ payment.reload.state.should == "void"
200
+ end
164
201
 
165
- it "returns a 422 status when voiding fails" do
166
- fake_response = double(:success? => false, :to_s => "NO REFUNDS")
167
- Spree::Gateway::Bogus.any_instance.should_receive(:void).and_return(fake_response)
168
- api_put :void, :id => payment.to_param
169
- response.status.should == 422
170
- json_response["error"].should == "There was a problem with the payment gateway: NO REFUNDS"
202
+ context "voiding fails" do
203
+ before do
204
+ fake_response = double(:success? => false, :to_s => "NO REFUNDS")
205
+ Spree::Gateway::Bogus.any_instance.should_receive(:void).and_return(fake_response)
206
+ end
171
207
 
172
- payment.reload
173
- payment.state.should == "checkout"
208
+ it "returns a 422 status" do
209
+ api_put :void, :id => payment.to_param
210
+ response.status.should == 422
211
+ json_response["error"].should == "There was a problem with the payment gateway: NO REFUNDS"
212
+
213
+ payment.reload.state.should == "checkout"
214
+ end
215
+ end
174
216
  end
175
217
 
176
218
  context "crediting" do
@@ -181,31 +223,30 @@ module Spree
181
223
  it "can credit" do
182
224
  api_put :credit, :id => payment.to_param
183
225
  response.status.should == 200
184
- payment.reload
185
- payment.state.should == "completed"
226
+ payment.reload.state.should == "completed"
186
227
 
187
- # Ensur that a credit payment was created, and it has correct credit amount
228
+ # Ensure that a credit payment was created, and it has correct credit amount
188
229
  credit_payment = Payment.where(:source_type => 'Spree::Payment', :source_id => payment.id).last
189
230
  credit_payment.amount.to_f.should == -45.75
190
231
  end
191
232
 
192
- it "returns a 422 status when crediting fails" do
193
- fake_response = double(:success? => false, :to_s => "NO CREDIT FOR YOU")
194
- Spree::Gateway::Bogus.any_instance.should_receive(:credit).and_return(fake_response)
195
- api_put :credit, :id => payment.to_param
196
- response.status.should == 422
197
- json_response["error"].should == "There was a problem with the payment gateway: NO CREDIT FOR YOU"
198
- end
199
-
200
- it "cannot credit over credit_allowed limit" do
201
- api_put :credit, :id => payment.to_param, :amount => 1000000
202
- response.status.should == 422
203
- json_response["error"].should == "This payment can only be credited up to 45.75. Please specify an amount less than or equal to this number."
233
+ context "crediting fails" do
234
+ it "returns a 422 status" do
235
+ fake_response = double(:success? => false, :to_s => "NO CREDIT FOR YOU")
236
+ Spree::Gateway::Bogus.any_instance.should_receive(:credit).and_return(fake_response)
237
+ api_put :credit, :id => payment.to_param
238
+ response.status.should == 422
239
+ json_response["error"].should == "There was a problem with the payment gateway: NO CREDIT FOR YOU"
240
+ end
241
+
242
+ it "cannot credit over credit_allowed limit" do
243
+ api_put :credit, :id => payment.to_param, :amount => 1000000
244
+ response.status.should == 422
245
+ json_response["error"].should == "This payment can only be credited up to 45.75. Please specify an amount less than or equal to this number."
246
+ end
204
247
  end
205
248
  end
206
249
  end
207
-
208
250
  end
209
-
210
251
  end
211
252
  end
@@ -13,40 +13,76 @@ module Spree
13
13
  stub_authentication!
14
14
  end
15
15
 
16
- it 'gets list of stock items' do
17
- api_get :index, stock_location_id: stock_location.to_param
18
- json_response['stock_items'].first.should have_attributes(attributes)
19
- json_response['stock_items'].first['variant']['sku'].should eq 'ABC'
20
- end
16
+ context "as a normal user" do
17
+ it "cannot list stock items for a stock location" do
18
+ api_get :index, stock_location_id: stock_location.to_param
19
+ response.status.should == 404
20
+ end
21
21
 
22
- it 'requires a stock_location_id to be passed as a parameter' do
23
- api_get :index
24
- json_response['error'].should =~ /stock_location_id parameter must be provided/
25
- response.status.should == 422
26
- end
22
+ it "cannot see a stock item" do
23
+ api_get :show, stock_location_id: stock_location.to_param, id: stock_item.to_param
24
+ response.status.should == 404
25
+ end
27
26
 
28
- it 'can control the page size through a parameter' do
29
- api_get :index, stock_location_id: stock_location.to_param, per_page: 1
30
- json_response['count'].should == 1
31
- json_response['current_page'].should == 1
32
- end
27
+ it "cannot create a stock item" do
28
+ variant = create(:variant)
29
+ params = {
30
+ stock_location_id: stock_location.to_param,
31
+ stock_item: {
32
+ variant_id: variant.id,
33
+ count_on_hand: '20'
34
+ }
35
+ }
33
36
 
34
- it 'can query the results through a paramter' do
35
- stock_item.update_column(:count_on_hand, 30)
36
- api_get :index, stock_location_id: stock_location.to_param, q: { count_on_hand_eq: '30' }
37
- json_response['count'].should == 1
38
- json_response['stock_items'].first['count_on_hand'].should eq 30
39
- end
37
+ api_post :create, params
38
+ response.status.should == 404
39
+ end
40
+
41
+ it "cannot update a stock item" do
42
+ api_put :update, stock_location_id: stock_location.to_param, stock_item_id: stock_item.to_param
43
+ response.status.should == 404
44
+ end
40
45
 
41
- it 'gets a stock item' do
42
- api_get :show, stock_location_id: stock_location.to_param, id: stock_item.to_param
43
- json_response.should have_attributes(attributes)
44
- json_response['count_on_hand'].should eq stock_item.count_on_hand
46
+ it "cannot destroy a stock item" do
47
+ api_delete :destroy, stock_location_id: stock_location.to_param, stock_item_id: stock_item.to_param
48
+ response.status.should == 404
49
+ end
45
50
  end
46
51
 
47
- context 'as an admin' do
52
+ context "as an admin" do
48
53
  sign_in_as_admin!
49
54
 
55
+ it 'cannot list of stock items' do
56
+ api_get :index, stock_location_id: stock_location.to_param
57
+ json_response['stock_items'].first.should have_attributes(attributes)
58
+ json_response['stock_items'].first['variant']['sku'].should eq 'ABC'
59
+ end
60
+
61
+ it 'requires a stock_location_id to be passed as a parameter' do
62
+ api_get :index
63
+ json_response['error'].should =~ /stock_location_id parameter must be provided/
64
+ response.status.should == 422
65
+ end
66
+
67
+ it 'can control the page size through a parameter' do
68
+ api_get :index, stock_location_id: stock_location.to_param, per_page: 1
69
+ json_response['count'].should == 1
70
+ json_response['current_page'].should == 1
71
+ end
72
+
73
+ it 'can query the results through a paramter' do
74
+ stock_item.update_column(:count_on_hand, 30)
75
+ api_get :index, stock_location_id: stock_location.to_param, q: { count_on_hand_eq: '30' }
76
+ json_response['count'].should == 1
77
+ json_response['stock_items'].first['count_on_hand'].should eq 30
78
+ end
79
+
80
+ it 'gets a stock item' do
81
+ api_get :show, stock_location_id: stock_location.to_param, id: stock_item.to_param
82
+ json_response.should have_attributes(attributes)
83
+ json_response['count_on_hand'].should eq stock_item.count_on_hand
84
+ end
85
+
50
86
  it 'can create a new stock item' do
51
87
  variant = create(:variant)
52
88
  # Creating a variant also creates stock items.
@@ -11,45 +11,72 @@ module Spree
11
11
  stub_authentication!
12
12
  end
13
13
 
14
- it "gets list of stock locations" do
15
- api_get :index
16
- json_response['stock_locations'].first.should have_attributes(attributes)
17
- end
14
+ context "as a user" do
15
+ it "cannot see stock locations" do
16
+ api_get :index
17
+ response.status.should == 401
18
+ end
18
19
 
19
- it "includes the country" do
20
- api_get :index
21
- json_response['stock_locations'].first['country'].should_not be_nil
22
- end
20
+ it "cannot see a single stock location" do
21
+ api_get :show, :id => stock_location.id
22
+ response.status.should == 404
23
+ end
23
24
 
24
- it "includes the state" do
25
- api_get :index
26
- json_response['stock_locations'].first['state'].should_not be_nil
27
- end
25
+ it "cannot create a new stock location" do
26
+ params = {
27
+ stock_location: {
28
+ name: "North Pole",
29
+ active: true
30
+ }
31
+ }
28
32
 
29
- it 'can control the page size through a parameter' do
30
- create(:stock_location)
31
- api_get :index, per_page: 1
32
- json_response['count'].should == 1
33
- json_response['current_page'].should == 1
34
- json_response['pages'].should == 2
35
- end
33
+ api_post :create, params
34
+ response.status.should == 401
35
+ end
36
36
 
37
- it 'can query the results through a paramter' do
38
- expected_result = create(:stock_location, name: 'South America')
39
- api_get :index, q: { name_cont: 'south' }
40
- json_response['count'].should == 1
41
- json_response['stock_locations'].first['name'].should eq expected_result.name
42
- end
37
+ it "cannot update a stock location" do
38
+ api_put :update, :stock_location => { :name => "South Pole" }, :id => stock_location.to_param
39
+ response.status.should == 404
40
+ end
43
41
 
44
- it "gets a stock location" do
45
- api_get :show, id: stock_location.to_param
46
- json_response.should have_attributes(attributes)
47
- json_response['name'].should eq stock_location.name
42
+ it "cannot delete a stock location" do
43
+ api_put :destroy, :id => stock_location.to_param
44
+ response.status.should == 404
45
+ end
48
46
  end
49
47
 
48
+
50
49
  context "as an admin" do
51
50
  sign_in_as_admin!
52
51
 
52
+ it "gets list of stock locations" do
53
+ api_get :index
54
+ json_response['stock_locations'].first.should have_attributes(attributes)
55
+ json_response['stock_locations'].first['country'].should_not be_nil
56
+ json_response['stock_locations'].first['state'].should_not be_nil
57
+ end
58
+
59
+ it 'can control the page size through a parameter' do
60
+ create(:stock_location)
61
+ api_get :index, per_page: 1
62
+ json_response['count'].should == 1
63
+ json_response['current_page'].should == 1
64
+ json_response['pages'].should == 2
65
+ end
66
+
67
+ it 'can query the results through a paramter' do
68
+ expected_result = create(:stock_location, name: 'South America')
69
+ api_get :index, q: { name_cont: 'south' }
70
+ json_response['count'].should == 1
71
+ json_response['stock_locations'].first['name'].should eq expected_result.name
72
+ end
73
+
74
+ it "gets a stock location" do
75
+ api_get :show, id: stock_location.to_param
76
+ json_response.should have_attributes(attributes)
77
+ json_response['name'].should eq stock_location.name
78
+ end
79
+
53
80
  it "can create a new stock location" do
54
81
  params = {
55
82
  stock_location: {