spree_api 2.1.1 → 2.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +18 -0
  3. data/app/controllers/spree/api/base_controller.rb +10 -1
  4. data/app/controllers/spree/api/countries_controller.rb +2 -0
  5. data/app/controllers/spree/api/orders_controller.rb +9 -2
  6. data/app/controllers/spree/api/payments_controller.rb +13 -2
  7. data/app/controllers/spree/api/states_controller.rb +2 -0
  8. data/app/controllers/spree/api/stock_items_controller.rb +2 -1
  9. data/app/controllers/spree/api/stock_locations_controller.rb +1 -0
  10. data/app/controllers/spree/api/stock_movements_controller.rb +1 -0
  11. data/app/helpers/spree/api/api_helpers.rb +2 -3
  12. data/app/models/spree/option_value_decorator.rb +4 -0
  13. data/app/models/spree/order_decorator.rb +25 -18
  14. data/app/views/spree/api/payments/credit_over_limit.v1.rabl +1 -1
  15. data/app/views/spree/api/payments/new.v1.rabl +0 -1
  16. data/app/views/spree/api/payments/update_forbidden.v1.rabl +2 -0
  17. data/config/locales/en.yml +3 -1
  18. data/config/routes.rb +1 -1
  19. data/lib/spree/api/responders/rabl_template.rb +1 -1
  20. data/spec/controllers/spree/api/base_controller_spec.rb +1 -1
  21. data/spec/controllers/spree/api/checkouts_controller_spec.rb +14 -0
  22. data/spec/controllers/spree/api/orders_controller_spec.rb +84 -17
  23. data/spec/controllers/spree/api/payments_controller_spec.rb +118 -77
  24. data/spec/controllers/spree/api/stock_items_controller_spec.rb +62 -26
  25. data/spec/controllers/spree/api/stock_locations_controller_spec.rb +56 -29
  26. data/spec/controllers/spree/api/stock_movements_controller_spec.rb +51 -27
  27. data/spec/controllers/spree/api/zones_controller_spec.rb +2 -2
  28. data/spec/models/spree/order_spec.rb +71 -4
  29. metadata +5 -4
@@ -5,11 +5,12 @@ module Spree
5
5
  render_views
6
6
  let!(:order) { create(:order) }
7
7
  let!(:payment) { create(:payment, :order => order) }
8
- let!(:attributes) { [:id, :source_type, :source_id, :amount,
8
+ let!(:attributes) { [:id, :source_type, :source_id, :amount, :display_amount,
9
9
  :payment_method_id, :response_code, :state, :avs_response,
10
10
  :created_at, :updated_at] }
11
11
 
12
12
  let(:resource_scoping) { { :order_id => order.to_param } }
13
+
13
14
  before do
14
15
  stub_authentication!
15
16
  end
@@ -43,6 +44,11 @@ module Spree
43
44
  json_response.should have_attributes(attributes)
44
45
  end
45
46
 
47
+ it "cannot update a payment" do
48
+ api_put :update, :id => payment.to_param, :payment => { :amount => 2.01 }
49
+ assert_unauthorized!
50
+ end
51
+
46
52
  it "cannot authorize a payment" do
47
53
  api_put :authorize, :id => payment.to_param
48
54
  assert_unauthorized!
@@ -93,84 +99,120 @@ module Spree
93
99
  end
94
100
 
95
101
  context "for a given payment" do
102
+ context "updating" do
103
+ it "can update" do
104
+ payment.update_attributes(:state => 'pending')
105
+ api_put :update, :id => payment.to_param, :payment => { :amount => 2.01 }
106
+ response.status.should == 200
107
+ payment.reload.amount.should == 2.01
108
+ end
96
109
 
97
- it "can authorize" do
98
- api_put :authorize, :id => payment.to_param
99
- response.status.should == 200
100
- payment.reload
101
- payment.state.should == "pending"
110
+ context "update fails" do
111
+ it "returns a 422 status when the amount is invalid" do
112
+ payment.update_attributes(:state => 'pending')
113
+ api_put :update, :id => payment.to_param, :payment => { :amount => 'invalid' }
114
+ response.status.should == 422
115
+ json_response["error"].should == "Invalid resource. Please fix errors and try again."
116
+ end
117
+
118
+ it "returns a 403 status when the payment is not pending" do
119
+ payment.update_attributes(:state => 'completed')
120
+ api_put :update, :id => payment.to_param, :payment => { :amount => 2.01 }
121
+ response.status.should == 403
122
+ json_response["error"].should == "This payment cannot be updated because it is completed."
123
+ end
124
+ end
102
125
  end
103
126
 
104
- context "authorization fails" do
105
- before do
106
- fake_response = double(:success? => false, :to_s => "Could not authorize card")
107
- Spree::Gateway::Bogus.any_instance.should_receive(:authorize).and_return(fake_response)
127
+ context "authorizing" do
128
+ it "can authorize" do
108
129
  api_put :authorize, :id => payment.to_param
109
- end
110
-
111
- it "returns a 422 status" do
112
- response.status.should == 422
113
- json_response["error"].should == "There was a problem with the payment gateway: Could not authorize card"
130
+ response.status.should == 200
131
+ payment.reload.state.should == "pending"
114
132
  end
115
133
 
116
- it "returns a 422 status" do
117
- pending "Investigate why a payment.reload after the request raises 'stack level too deep'"
118
- payment.reload
119
- payment.state.should == "failed"
134
+ context "authorization fails" do
135
+ before do
136
+ fake_response = double(:success? => false, :to_s => "Could not authorize card")
137
+ Spree::Gateway::Bogus.any_instance.should_receive(:authorize).and_return(fake_response)
138
+ api_put :authorize, :id => payment.to_param
139
+ end
140
+
141
+ it "returns a 422 status" do
142
+ response.status.should == 422
143
+ json_response["error"].should == "There was a problem with the payment gateway: Could not authorize card"
144
+ end
145
+
146
+ it "does not raise a stack level error" do
147
+ pending "Investigate why a payment.reload after the request raises 'stack level too deep'"
148
+ payment.reload.state.should == "failed"
149
+ end
120
150
  end
121
151
  end
122
152
 
123
- it "can capture" do
124
- api_put :capture, :id => payment.to_param
125
- response.status.should == 200
126
- payment.reload
127
- payment.state.should == "completed"
128
- end
129
-
130
- it "returns a 422 status when purchasing fails" do
131
- fake_response = double(:success? => false, :to_s => "Insufficient funds")
132
- Spree::Gateway::Bogus.any_instance.should_receive(:capture).and_return(fake_response)
133
- api_put :capture, :id => payment.to_param
134
- response.status.should == 422
135
- json_response["error"].should == "There was a problem with the payment gateway: Insufficient funds"
136
- end
153
+ context "capturing" do
154
+ it "can capture" do
155
+ api_put :capture, :id => payment.to_param
156
+ response.status.should == 200
157
+ payment.reload.state.should == "completed"
158
+ end
137
159
 
138
- it "can purchase" do
139
- api_put :purchase, :id => payment.to_param
140
- response.status.should == 200
141
- payment.reload
142
- payment.state.should == "completed"
160
+ context "capturing fails" do
161
+ before do
162
+ fake_response = double(:success? => false, :to_s => "Insufficient funds")
163
+ Spree::Gateway::Bogus.any_instance.should_receive(:capture).and_return(fake_response)
164
+ end
165
+
166
+ it "returns a 422 status" do
167
+ api_put :capture, :id => payment.to_param
168
+ response.status.should == 422
169
+ json_response["error"].should == "There was a problem with the payment gateway: Insufficient funds"
170
+ end
171
+ end
143
172
  end
144
173
 
145
- context "purchasing fails" do
146
- before do
147
- fake_response = double(:success? => false, :to_s => "Insufficient funds")
148
- Spree::Gateway::Bogus.any_instance.should_receive(:purchase).and_return(fake_response)
174
+ context "purchasing" do
175
+ it "can purchase" do
176
+ api_put :purchase, :id => payment.to_param
177
+ response.status.should == 200
178
+ payment.reload.state.should == "completed"
149
179
  end
150
180
 
151
- it "returns a 422" do
152
- api_put :purchase, :id => payment.to_param
153
- response.status.should == 422
154
- json_response["error"].should == "There was a problem with the payment gateway: Insufficient funds"
181
+ context "purchasing fails" do
182
+ before do
183
+ fake_response = double(:success? => false, :to_s => "Insufficient funds")
184
+ Spree::Gateway::Bogus.any_instance.should_receive(:purchase).and_return(fake_response)
185
+ end
186
+
187
+ it "returns a 422 status" do
188
+ api_put :purchase, :id => payment.to_param
189
+ response.status.should == 422
190
+ json_response["error"].should == "There was a problem with the payment gateway: Insufficient funds"
191
+ end
155
192
  end
156
193
  end
157
194
 
158
- it "can void" do
159
- api_put :void, :id => payment.to_param
160
- response.status.should == 200
161
- payment.reload
162
- payment.state.should == "void"
163
- end
195
+ context "voiding" do
196
+ it "can void" do
197
+ api_put :void, :id => payment.to_param
198
+ response.status.should == 200
199
+ payment.reload.state.should == "void"
200
+ end
164
201
 
165
- it "returns a 422 status when voiding fails" do
166
- fake_response = double(:success? => false, :to_s => "NO REFUNDS")
167
- Spree::Gateway::Bogus.any_instance.should_receive(:void).and_return(fake_response)
168
- api_put :void, :id => payment.to_param
169
- response.status.should == 422
170
- json_response["error"].should == "There was a problem with the payment gateway: NO REFUNDS"
202
+ context "voiding fails" do
203
+ before do
204
+ fake_response = double(:success? => false, :to_s => "NO REFUNDS")
205
+ Spree::Gateway::Bogus.any_instance.should_receive(:void).and_return(fake_response)
206
+ end
171
207
 
172
- payment.reload
173
- payment.state.should == "checkout"
208
+ it "returns a 422 status" do
209
+ api_put :void, :id => payment.to_param
210
+ response.status.should == 422
211
+ json_response["error"].should == "There was a problem with the payment gateway: NO REFUNDS"
212
+
213
+ payment.reload.state.should == "checkout"
214
+ end
215
+ end
174
216
  end
175
217
 
176
218
  context "crediting" do
@@ -181,31 +223,30 @@ module Spree
181
223
  it "can credit" do
182
224
  api_put :credit, :id => payment.to_param
183
225
  response.status.should == 200
184
- payment.reload
185
- payment.state.should == "completed"
226
+ payment.reload.state.should == "completed"
186
227
 
187
- # Ensur that a credit payment was created, and it has correct credit amount
228
+ # Ensure that a credit payment was created, and it has correct credit amount
188
229
  credit_payment = Payment.where(:source_type => 'Spree::Payment', :source_id => payment.id).last
189
230
  credit_payment.amount.to_f.should == -45.75
190
231
  end
191
232
 
192
- it "returns a 422 status when crediting fails" do
193
- fake_response = double(:success? => false, :to_s => "NO CREDIT FOR YOU")
194
- Spree::Gateway::Bogus.any_instance.should_receive(:credit).and_return(fake_response)
195
- api_put :credit, :id => payment.to_param
196
- response.status.should == 422
197
- json_response["error"].should == "There was a problem with the payment gateway: NO CREDIT FOR YOU"
198
- end
199
-
200
- it "cannot credit over credit_allowed limit" do
201
- api_put :credit, :id => payment.to_param, :amount => 1000000
202
- response.status.should == 422
203
- json_response["error"].should == "This payment can only be credited up to 45.75. Please specify an amount less than or equal to this number."
233
+ context "crediting fails" do
234
+ it "returns a 422 status" do
235
+ fake_response = double(:success? => false, :to_s => "NO CREDIT FOR YOU")
236
+ Spree::Gateway::Bogus.any_instance.should_receive(:credit).and_return(fake_response)
237
+ api_put :credit, :id => payment.to_param
238
+ response.status.should == 422
239
+ json_response["error"].should == "There was a problem with the payment gateway: NO CREDIT FOR YOU"
240
+ end
241
+
242
+ it "cannot credit over credit_allowed limit" do
243
+ api_put :credit, :id => payment.to_param, :amount => 1000000
244
+ response.status.should == 422
245
+ json_response["error"].should == "This payment can only be credited up to 45.75. Please specify an amount less than or equal to this number."
246
+ end
204
247
  end
205
248
  end
206
249
  end
207
-
208
250
  end
209
-
210
251
  end
211
252
  end
@@ -13,40 +13,76 @@ module Spree
13
13
  stub_authentication!
14
14
  end
15
15
 
16
- it 'gets list of stock items' do
17
- api_get :index, stock_location_id: stock_location.to_param
18
- json_response['stock_items'].first.should have_attributes(attributes)
19
- json_response['stock_items'].first['variant']['sku'].should eq 'ABC'
20
- end
16
+ context "as a normal user" do
17
+ it "cannot list stock items for a stock location" do
18
+ api_get :index, stock_location_id: stock_location.to_param
19
+ response.status.should == 404
20
+ end
21
21
 
22
- it 'requires a stock_location_id to be passed as a parameter' do
23
- api_get :index
24
- json_response['error'].should =~ /stock_location_id parameter must be provided/
25
- response.status.should == 422
26
- end
22
+ it "cannot see a stock item" do
23
+ api_get :show, stock_location_id: stock_location.to_param, id: stock_item.to_param
24
+ response.status.should == 404
25
+ end
27
26
 
28
- it 'can control the page size through a parameter' do
29
- api_get :index, stock_location_id: stock_location.to_param, per_page: 1
30
- json_response['count'].should == 1
31
- json_response['current_page'].should == 1
32
- end
27
+ it "cannot create a stock item" do
28
+ variant = create(:variant)
29
+ params = {
30
+ stock_location_id: stock_location.to_param,
31
+ stock_item: {
32
+ variant_id: variant.id,
33
+ count_on_hand: '20'
34
+ }
35
+ }
33
36
 
34
- it 'can query the results through a paramter' do
35
- stock_item.update_column(:count_on_hand, 30)
36
- api_get :index, stock_location_id: stock_location.to_param, q: { count_on_hand_eq: '30' }
37
- json_response['count'].should == 1
38
- json_response['stock_items'].first['count_on_hand'].should eq 30
39
- end
37
+ api_post :create, params
38
+ response.status.should == 404
39
+ end
40
+
41
+ it "cannot update a stock item" do
42
+ api_put :update, stock_location_id: stock_location.to_param, stock_item_id: stock_item.to_param
43
+ response.status.should == 404
44
+ end
40
45
 
41
- it 'gets a stock item' do
42
- api_get :show, stock_location_id: stock_location.to_param, id: stock_item.to_param
43
- json_response.should have_attributes(attributes)
44
- json_response['count_on_hand'].should eq stock_item.count_on_hand
46
+ it "cannot destroy a stock item" do
47
+ api_delete :destroy, stock_location_id: stock_location.to_param, stock_item_id: stock_item.to_param
48
+ response.status.should == 404
49
+ end
45
50
  end
46
51
 
47
- context 'as an admin' do
52
+ context "as an admin" do
48
53
  sign_in_as_admin!
49
54
 
55
+ it 'cannot list of stock items' do
56
+ api_get :index, stock_location_id: stock_location.to_param
57
+ json_response['stock_items'].first.should have_attributes(attributes)
58
+ json_response['stock_items'].first['variant']['sku'].should eq 'ABC'
59
+ end
60
+
61
+ it 'requires a stock_location_id to be passed as a parameter' do
62
+ api_get :index
63
+ json_response['error'].should =~ /stock_location_id parameter must be provided/
64
+ response.status.should == 422
65
+ end
66
+
67
+ it 'can control the page size through a parameter' do
68
+ api_get :index, stock_location_id: stock_location.to_param, per_page: 1
69
+ json_response['count'].should == 1
70
+ json_response['current_page'].should == 1
71
+ end
72
+
73
+ it 'can query the results through a paramter' do
74
+ stock_item.update_column(:count_on_hand, 30)
75
+ api_get :index, stock_location_id: stock_location.to_param, q: { count_on_hand_eq: '30' }
76
+ json_response['count'].should == 1
77
+ json_response['stock_items'].first['count_on_hand'].should eq 30
78
+ end
79
+
80
+ it 'gets a stock item' do
81
+ api_get :show, stock_location_id: stock_location.to_param, id: stock_item.to_param
82
+ json_response.should have_attributes(attributes)
83
+ json_response['count_on_hand'].should eq stock_item.count_on_hand
84
+ end
85
+
50
86
  it 'can create a new stock item' do
51
87
  variant = create(:variant)
52
88
  # Creating a variant also creates stock items.
@@ -11,45 +11,72 @@ module Spree
11
11
  stub_authentication!
12
12
  end
13
13
 
14
- it "gets list of stock locations" do
15
- api_get :index
16
- json_response['stock_locations'].first.should have_attributes(attributes)
17
- end
14
+ context "as a user" do
15
+ it "cannot see stock locations" do
16
+ api_get :index
17
+ response.status.should == 401
18
+ end
18
19
 
19
- it "includes the country" do
20
- api_get :index
21
- json_response['stock_locations'].first['country'].should_not be_nil
22
- end
20
+ it "cannot see a single stock location" do
21
+ api_get :show, :id => stock_location.id
22
+ response.status.should == 404
23
+ end
23
24
 
24
- it "includes the state" do
25
- api_get :index
26
- json_response['stock_locations'].first['state'].should_not be_nil
27
- end
25
+ it "cannot create a new stock location" do
26
+ params = {
27
+ stock_location: {
28
+ name: "North Pole",
29
+ active: true
30
+ }
31
+ }
28
32
 
29
- it 'can control the page size through a parameter' do
30
- create(:stock_location)
31
- api_get :index, per_page: 1
32
- json_response['count'].should == 1
33
- json_response['current_page'].should == 1
34
- json_response['pages'].should == 2
35
- end
33
+ api_post :create, params
34
+ response.status.should == 401
35
+ end
36
36
 
37
- it 'can query the results through a paramter' do
38
- expected_result = create(:stock_location, name: 'South America')
39
- api_get :index, q: { name_cont: 'south' }
40
- json_response['count'].should == 1
41
- json_response['stock_locations'].first['name'].should eq expected_result.name
42
- end
37
+ it "cannot update a stock location" do
38
+ api_put :update, :stock_location => { :name => "South Pole" }, :id => stock_location.to_param
39
+ response.status.should == 404
40
+ end
43
41
 
44
- it "gets a stock location" do
45
- api_get :show, id: stock_location.to_param
46
- json_response.should have_attributes(attributes)
47
- json_response['name'].should eq stock_location.name
42
+ it "cannot delete a stock location" do
43
+ api_put :destroy, :id => stock_location.to_param
44
+ response.status.should == 404
45
+ end
48
46
  end
49
47
 
48
+
50
49
  context "as an admin" do
51
50
  sign_in_as_admin!
52
51
 
52
+ it "gets list of stock locations" do
53
+ api_get :index
54
+ json_response['stock_locations'].first.should have_attributes(attributes)
55
+ json_response['stock_locations'].first['country'].should_not be_nil
56
+ json_response['stock_locations'].first['state'].should_not be_nil
57
+ end
58
+
59
+ it 'can control the page size through a parameter' do
60
+ create(:stock_location)
61
+ api_get :index, per_page: 1
62
+ json_response['count'].should == 1
63
+ json_response['current_page'].should == 1
64
+ json_response['pages'].should == 2
65
+ end
66
+
67
+ it 'can query the results through a paramter' do
68
+ expected_result = create(:stock_location, name: 'South America')
69
+ api_get :index, q: { name_cont: 'south' }
70
+ json_response['count'].should == 1
71
+ json_response['stock_locations'].first['name'].should eq expected_result.name
72
+ end
73
+
74
+ it "gets a stock location" do
75
+ api_get :show, id: stock_location.to_param
76
+ json_response.should have_attributes(attributes)
77
+ json_response['name'].should eq stock_location.name
78
+ end
79
+
53
80
  it "can create a new stock location" do
54
81
  params = {
55
82
  stock_location: {