spree_api 2.2.0 → 2.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +2 -49
- data/LICENSE +1 -1
- data/app/controllers/spree/api/addresses_controller.rb +0 -4
- data/app/controllers/spree/api/base_controller.rb +20 -18
- data/app/controllers/spree/api/checkouts_controller.rb +2 -7
- data/app/controllers/spree/api/images_controller.rb +11 -3
- data/app/controllers/spree/api/line_items_controller.rb +9 -7
- data/app/controllers/spree/api/orders_controller.rb +1 -5
- data/app/controllers/spree/api/products_controller.rb +1 -2
- data/app/helpers/spree/api/api_helpers.rb +1 -1
- data/app/views/spree/api/line_items/show.v1.rabl +2 -2
- data/app/views/spree/api/products/show.v1.rabl +3 -3
- data/app/views/spree/api/shipments/show.v1.rabl +1 -1
- data/app/views/spree/api/stock_items/show.v1.rabl +1 -1
- data/app/views/spree/api/variants/{variant_full.v1.rabl → big.v1.rabl} +4 -8
- data/app/views/spree/api/variants/index.v1.rabl +1 -1
- data/app/views/spree/api/variants/show.v1.rabl +2 -3
- data/app/views/spree/api/variants/{variant.v1.rabl → small.v1.rabl} +5 -0
- data/config/routes.rb +4 -2
- data/lib/spree/api/controller_setup.rb +0 -12
- data/lib/spree/api/responders/rabl_template.rb +9 -0
- data/lib/spree/api/testing_support/caching.rb +10 -0
- data/lib/spree/api/testing_support/helpers.rb +0 -1
- data/spec/controllers/spree/api/base_controller_spec.rb +23 -0
- data/spec/controllers/spree/api/checkouts_controller_spec.rb +10 -0
- data/spec/controllers/spree/api/images_controller_spec.rb +7 -6
- data/spec/controllers/spree/api/line_items_controller_spec.rb +20 -4
- data/spec/controllers/spree/api/orders_controller_spec.rb +1 -1
- data/spec/controllers/spree/api/products_controller_spec.rb +18 -0
- data/spec/controllers/spree/api/users_controller_spec.rb +2 -3
- data/spec/controllers/spree/api/variants_controller_spec.rb +9 -0
- data/spec/requests/rabl_cache_spec.rb +29 -0
- data/spec/spec_helper.rb +1 -0
- metadata +10 -13
- data/app/models/spree/order_decorator.rb +0 -171
- data/app/models/spree/user_decorator.rb +0 -13
- data/app/overrides/api_admin_user_edit_form.rb +0 -7
- data/app/views/spree/admin/users/_api_fields.html.erb +0 -31
- data/spec/models/spree/order_spec.rb +0 -301
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2b9a1e586735e3cc1e1cee5cd20399b9921dc7b2
|
4
|
+
data.tar.gz: cb20dc4dc54932929151ce653e94964cc367a89f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bdc2ad8bdf4143851a2a16ecbad2dfe6bacde972a4f6e42bfa59907edf62e55ae4f5077bd58a37d84a8cedb29187aaa22f90aeef221b18bc8b873ed82b4b363a
|
7
|
+
data.tar.gz: 8ab5f9384fe52caffe246354ba6b16b62343d5b495d19feee302d89b9fdecbb499b6fb139efe1f0386f1a29dea8549947737ef632c89ce0c8b323a10c63cfe3d
|
data/CHANGELOG.md
CHANGED
@@ -1,51 +1,4 @@
|
|
1
|
-
## Spree 2.2.
|
1
|
+
## Spree 2.2.1 (unreleased) ##
|
2
2
|
|
3
|
-
*
|
4
|
-
|
3
|
+
* refactor the api to use a general importer in core gem.
|
5
4
|
Peter Berkenbosch
|
6
|
-
|
7
|
-
* Improve products_controller #create and #update for better support to create
|
8
|
-
and update variants, option types and option values.
|
9
|
-
See #4172 and #4240
|
10
|
-
|
11
|
-
Bruno Buccolo / Washington Luiz / John Dyer
|
12
|
-
|
13
|
-
* ApiHelpers attributes can now be extended without overriding instance
|
14
|
-
methods. By using the same approach in PermittedAttributes. e.g.
|
15
|
-
|
16
|
-
Spree::Api::ApiHelpers.order_attributes.push :locked_at
|
17
|
-
|
18
|
-
Washington Luiz
|
19
|
-
|
20
|
-
* Admin users can set the order channel when importing orders. By sing the
|
21
|
-
channel attribute on Order model
|
22
|
-
|
23
|
-
Washington Luiz
|
24
|
-
|
25
|
-
* Cached products/show template, which can lead to drastically (65x) faster loading times on product requests. 806319709c4ce9a3d0026e00ec2d07372f51cdb8
|
26
|
-
|
27
|
-
Ryan Bigg
|
28
|
-
|
29
|
-
* The parts that make up an order's response from /api/orders/:num are cached, which can lead to a 5x improvement of speed for this API endpoint. 80ffb1e739606ac02ac86336ac13a51583bcc225
|
30
|
-
|
31
|
-
Ryan Bigg
|
32
|
-
|
33
|
-
* Cached variant objects which can lead to slightly faster loading times (4x) for each variant.
|
34
|
-
|
35
|
-
Ryan Bigg
|
36
|
-
|
37
|
-
* Added a route to allow for /api/variants/:id requests
|
38
|
-
|
39
|
-
Ryan Bigg
|
40
|
-
|
41
|
-
* Products response now contains a master variant separately from all the other variants. Previously all variants were grouped together.
|
42
|
-
|
43
|
-
Ryan Bigg
|
44
|
-
|
45
|
-
* Added API endpoint to retrieve a user's orders: /api/orders/mine. #4022
|
46
|
-
|
47
|
-
Richard Nuno
|
48
|
-
|
49
|
-
* Order token can now be passed as a header: `X-Spree-Order-Token`. #4148
|
50
|
-
|
51
|
-
Lucjan Suski
|
data/LICENSE
CHANGED
@@ -2,18 +2,16 @@ require_dependency 'spree/api/controller_setup'
|
|
2
2
|
|
3
3
|
module Spree
|
4
4
|
module Api
|
5
|
-
class BaseController < ActionController::
|
6
|
-
include ActionController::StrongParameters
|
5
|
+
class BaseController < ActionController::Base
|
7
6
|
include Spree::Api::ControllerSetup
|
8
7
|
include Spree::Core::ControllerHelpers::SSL
|
9
8
|
include Spree::Core::ControllerHelpers::StrongParameters
|
10
|
-
include ::ActionController::Head
|
11
|
-
include ::ActionController::ConditionalGet
|
12
9
|
|
13
10
|
attr_accessor :current_api_user
|
14
11
|
|
15
12
|
before_filter :set_content_type
|
16
|
-
before_filter :
|
13
|
+
before_filter :load_user
|
14
|
+
before_filter :authorize_for_order, :if => Proc.new { order_token.present? }
|
17
15
|
before_filter :authenticate_user
|
18
16
|
after_filter :set_jsonp_format
|
19
17
|
|
@@ -55,28 +53,23 @@ module Spree
|
|
55
53
|
def set_content_type
|
56
54
|
content_type = case params[:format]
|
57
55
|
when "json"
|
58
|
-
"application/json"
|
56
|
+
"application/json; charset=utf-8"
|
59
57
|
when "xml"
|
60
|
-
"text/xml"
|
58
|
+
"text/xml; charset=utf-8"
|
61
59
|
end
|
62
60
|
headers["Content-Type"] = content_type
|
63
61
|
end
|
64
62
|
|
65
|
-
def
|
66
|
-
|
67
|
-
return true if @current_api_user = try_spree_current_user || !Spree::Api::Config[:requires_authentication]
|
68
|
-
|
69
|
-
if api_key.blank?
|
70
|
-
render "spree/api/errors/must_specify_api_key", :status => 401 and return
|
71
|
-
end
|
63
|
+
def load_user
|
64
|
+
@current_api_user = (try_spree_current_user || Spree.user_class.find_by(spree_api_key: api_key.to_s))
|
72
65
|
end
|
73
66
|
|
74
67
|
def authenticate_user
|
75
68
|
unless @current_api_user
|
76
|
-
if requires_authentication?
|
77
|
-
|
78
|
-
|
79
|
-
|
69
|
+
if requires_authentication? && api_key.blank? && order_token.blank?
|
70
|
+
render "spree/api/errors/must_specify_api_key", :status => 401 and return
|
71
|
+
elsif order_token.blank? && (requires_authentication? || api_key.present?)
|
72
|
+
render "spree/api/errors/invalid_api_key", :status => 401 and return
|
80
73
|
else
|
81
74
|
# An anonymous user
|
82
75
|
@current_api_user = Spree.user_class.new
|
@@ -123,6 +116,10 @@ module Spree
|
|
123
116
|
end
|
124
117
|
helper_method :api_key
|
125
118
|
|
119
|
+
def order_token
|
120
|
+
request.headers["X-Spree-Order-Token"] || params[:order_token]
|
121
|
+
end
|
122
|
+
|
126
123
|
def find_product(id)
|
127
124
|
begin
|
128
125
|
product_scope.friendly.find(id.to_s)
|
@@ -147,6 +144,11 @@ module Spree
|
|
147
144
|
|
148
145
|
scope
|
149
146
|
end
|
147
|
+
|
148
|
+
def authorize_for_order
|
149
|
+
@order = Spree::Order.find_by(number: params[:order_id] || params[:order_number] || params[:id])
|
150
|
+
authorize! :read, @order, order_token
|
151
|
+
end
|
150
152
|
end
|
151
153
|
end
|
152
154
|
end
|
@@ -10,7 +10,7 @@ module Spree
|
|
10
10
|
|
11
11
|
def create
|
12
12
|
authorize! :create, Order
|
13
|
-
@order = Order.
|
13
|
+
@order = Spree::Core::Importer::Order.import(current_api_user, nested_params)
|
14
14
|
respond_with(@order, default_template: 'spree/api/orders/show', status: 201)
|
15
15
|
end
|
16
16
|
|
@@ -31,8 +31,7 @@ module Spree
|
|
31
31
|
end
|
32
32
|
|
33
33
|
def show
|
34
|
-
|
35
|
-
respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
|
34
|
+
redirect_to(api_order_path(params[:id]), status: 301)
|
36
35
|
end
|
37
36
|
|
38
37
|
def update
|
@@ -131,10 +130,6 @@ module Spree
|
|
131
130
|
end
|
132
131
|
false
|
133
132
|
end
|
134
|
-
|
135
|
-
def order_token
|
136
|
-
request.headers["X-Spree-Order-Token"] || params[:order_token]
|
137
|
-
end
|
138
133
|
end
|
139
134
|
end
|
140
135
|
end
|
@@ -9,18 +9,18 @@ module Spree
|
|
9
9
|
|
10
10
|
def create
|
11
11
|
authorize! :create, Image
|
12
|
-
@image =
|
12
|
+
@image = scope.images.create(image_params)
|
13
13
|
respond_with(@image, :status => 201, :default_template => :show)
|
14
14
|
end
|
15
15
|
|
16
16
|
def update
|
17
|
-
@image =
|
17
|
+
@image = scope.images.accessible_by(current_ability, :update).find(params[:id])
|
18
18
|
@image.update_attributes(image_params)
|
19
19
|
respond_with(@image, :default_template => :show)
|
20
20
|
end
|
21
21
|
|
22
22
|
def destroy
|
23
|
-
@image =
|
23
|
+
@image = scope.images.accessible_by(current_ability, :destroy).find(params[:id])
|
24
24
|
@image.destroy
|
25
25
|
respond_with(@image, :status => 204)
|
26
26
|
end
|
@@ -29,6 +29,14 @@ module Spree
|
|
29
29
|
def image_params
|
30
30
|
params.require(:image).permit(permitted_image_attributes)
|
31
31
|
end
|
32
|
+
|
33
|
+
def scope
|
34
|
+
if params[:product_id]
|
35
|
+
scope = Spree::Product.friendly.find(params[:product_id])
|
36
|
+
elsif params[:variant_id]
|
37
|
+
scope = Spree::Variant.find(params[:variant_id])
|
38
|
+
end
|
39
|
+
end
|
32
40
|
end
|
33
41
|
end
|
34
42
|
end
|
@@ -14,7 +14,7 @@ module Spree
|
|
14
14
|
end
|
15
15
|
|
16
16
|
def update
|
17
|
-
@line_item =
|
17
|
+
@line_item = find_line_item
|
18
18
|
if @order.contents.update_cart(line_items_attributes)
|
19
19
|
@order.ensure_updated_shipments
|
20
20
|
@line_item.reload
|
@@ -25,7 +25,7 @@ module Spree
|
|
25
25
|
end
|
26
26
|
|
27
27
|
def destroy
|
28
|
-
@line_item =
|
28
|
+
@line_item = find_line_item
|
29
29
|
variant = Spree::Variant.find(@line_item.variant_id)
|
30
30
|
@order.contents.remove(variant, @line_item.quantity)
|
31
31
|
@order.ensure_updated_shipments
|
@@ -35,10 +35,16 @@ module Spree
|
|
35
35
|
private
|
36
36
|
|
37
37
|
def order
|
38
|
-
@order ||= Spree::Order.find_by!(number: params[:order_id])
|
38
|
+
@order ||= Spree::Order.includes(:line_items).find_by!(number: params[:order_id])
|
39
39
|
authorize! :update, @order, order_token
|
40
40
|
end
|
41
41
|
|
42
|
+
def find_line_item
|
43
|
+
id = params[:id].to_i
|
44
|
+
order.line_items.detect {|line_item| line_item.id == id} or
|
45
|
+
raise ActiveRecord::RecordNotFound
|
46
|
+
end
|
47
|
+
|
42
48
|
def line_items_attributes
|
43
49
|
{ line_items_attributes: {
|
44
50
|
id: params[:id],
|
@@ -49,10 +55,6 @@ module Spree
|
|
49
55
|
def line_item_params
|
50
56
|
params.require(:line_item).permit(:quantity, :variant_id)
|
51
57
|
end
|
52
|
-
|
53
|
-
def order_token
|
54
|
-
request.headers["X-Spree-Order-Token"] || params[:order_token]
|
55
|
-
end
|
56
58
|
end
|
57
59
|
end
|
58
60
|
end
|
@@ -22,7 +22,7 @@ module Spree
|
|
22
22
|
|
23
23
|
def create
|
24
24
|
authorize! :create, Order
|
25
|
-
@order = Order.
|
25
|
+
@order = Spree::Core::Importer::Order.import(current_api_user, order_params)
|
26
26
|
respond_with(@order, default_template: :show, status: 201)
|
27
27
|
end
|
28
28
|
|
@@ -145,10 +145,6 @@ module Spree
|
|
145
145
|
@order.create_proposed_shipments
|
146
146
|
end
|
147
147
|
|
148
|
-
def order_token
|
149
|
-
request.headers["X-Spree-Order-Token"] || params[:order_token]
|
150
|
-
end
|
151
|
-
|
152
148
|
end
|
153
149
|
end
|
154
150
|
end
|
@@ -114,8 +114,7 @@ module Spree
|
|
114
114
|
def destroy
|
115
115
|
@product = find_product(params[:id])
|
116
116
|
authorize! :destroy, @product
|
117
|
-
@product.
|
118
|
-
@product.variants_including_master.update_all(:deleted_at => Time.now)
|
117
|
+
@product.destroy
|
119
118
|
respond_with(@product, :status => 204)
|
120
119
|
end
|
121
120
|
|
@@ -75,7 +75,7 @@ module Spree
|
|
75
75
|
:user_id, :created_at, :updated_at, :completed_at, :payment_total,
|
76
76
|
:shipment_state, :payment_state, :email, :special_instructions, :channel,
|
77
77
|
:included_tax_total, :additional_tax_total, :display_included_tax_total,
|
78
|
-
:display_additional_tax_total
|
78
|
+
:display_additional_tax_total, :tax_total, :currency
|
79
79
|
]
|
80
80
|
|
81
81
|
@@line_item_attributes = [:id, :quantity, :price, :variant_id]
|
@@ -5,11 +5,11 @@ node(:single_display_amount) { |li| li.single_display_amount.to_s }
|
|
5
5
|
node(:display_amount) { |li| li.display_amount.to_s }
|
6
6
|
node(:total) { |li| li.total }
|
7
7
|
child :variant do
|
8
|
-
extends "spree/api/variants/
|
8
|
+
extends "spree/api/variants/small"
|
9
9
|
attributes :product_id
|
10
10
|
child(:images => :images) { extends "spree/api/images/show" }
|
11
11
|
end
|
12
12
|
|
13
13
|
child :adjustments => :adjustments do
|
14
14
|
extends "spree/api/adjustments/show"
|
15
|
-
end
|
15
|
+
end
|
@@ -1,14 +1,14 @@
|
|
1
1
|
object @product
|
2
|
-
cache [current_currency,
|
2
|
+
cache [current_currency, root_object]
|
3
3
|
attributes *product_attributes
|
4
4
|
node(:display_price) { |p| p.display_price.to_s }
|
5
5
|
node(:has_variants) { |p| p.has_variants? }
|
6
6
|
child :master => :master do
|
7
|
-
extends "spree/api/variants/
|
7
|
+
extends "spree/api/variants/small"
|
8
8
|
end
|
9
9
|
|
10
10
|
child :variants => :variants do
|
11
|
-
extends "spree/api/variants/
|
11
|
+
extends "spree/api/variants/small"
|
12
12
|
end
|
13
13
|
|
14
14
|
child :option_types => :option_types do
|
@@ -1,13 +1,9 @@
|
|
1
1
|
object @variant
|
2
|
-
|
3
|
-
extends "spree/api/variants/variant"
|
2
|
+
attributes *variant_attributes
|
4
3
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
v.attachment.styles.keys.inject({}) { |urls, style| urls[style] = v.attachment.url(style); urls }
|
9
|
-
end
|
10
|
-
end
|
4
|
+
cache ['big_variant', root_object]
|
5
|
+
|
6
|
+
extends "spree/api/variants/small"
|
11
7
|
|
12
8
|
child(:stock_items => :stock_items) do
|
13
9
|
attributes :id, :count_on_hand, :stock_location_id, :backorderable
|
@@ -1,7 +1,12 @@
|
|
1
1
|
attributes *variant_attributes
|
2
|
+
cache ['small_variant', root_object]
|
3
|
+
|
2
4
|
node(:display_price) { |p| p.display_price.to_s }
|
3
5
|
node(:options_text) { |v| v.options_text }
|
4
6
|
node(:in_stock) { |v| v.in_stock? }
|
7
|
+
|
5
8
|
child :option_values => :option_values do
|
6
9
|
attributes *option_value_attributes
|
7
10
|
end
|
11
|
+
|
12
|
+
child(:images => :images) { extends "spree/api/images/show" }
|
data/config/routes.rb
CHANGED
@@ -10,11 +10,11 @@ Spree::Core::Engine.add_routes do
|
|
10
10
|
|
11
11
|
namespace :api, :defaults => { :format => 'json' } do
|
12
12
|
resources :products do
|
13
|
+
resources :images
|
13
14
|
resources :variants
|
14
15
|
resources :product_properties
|
15
16
|
end
|
16
17
|
|
17
|
-
resources :images
|
18
18
|
resources :checkouts do
|
19
19
|
member do
|
20
20
|
put :next
|
@@ -22,7 +22,9 @@ Spree::Core::Engine.add_routes do
|
|
22
22
|
end
|
23
23
|
end
|
24
24
|
|
25
|
-
resources :variants, :only => [:index, :show]
|
25
|
+
resources :variants, :only => [:index, :show] do
|
26
|
+
resources :images
|
27
|
+
end
|
26
28
|
|
27
29
|
resources :option_types do
|
28
30
|
resources :option_values
|
@@ -5,18 +5,6 @@ module Spree
|
|
5
5
|
module ControllerSetup
|
6
6
|
def self.included(klass)
|
7
7
|
klass.class_eval do
|
8
|
-
include AbstractController::ViewPaths
|
9
|
-
include AbstractController::Callbacks
|
10
|
-
include AbstractController::Helpers
|
11
|
-
|
12
|
-
include ActiveSupport::Rescuable
|
13
|
-
|
14
|
-
include ActionController::Rendering
|
15
|
-
include ActionController::ImplicitRender
|
16
|
-
include ActionController::Rescue
|
17
|
-
include ActionController::MimeResponds
|
18
|
-
include ActionController::Head
|
19
|
-
|
20
8
|
include CanCan::ControllerAdditions
|
21
9
|
include Spree::Core::ControllerHelpers::Auth
|
22
10
|
|
@@ -16,6 +16,15 @@ module Spree
|
|
16
16
|
def template
|
17
17
|
request.headers['X-Spree-Template'] || controller.params[:template] || options[:default_template]
|
18
18
|
end
|
19
|
+
|
20
|
+
def api_behavior(error)
|
21
|
+
if controller.params[:action] == "destroy"
|
22
|
+
# Render a blank template
|
23
|
+
super
|
24
|
+
else
|
25
|
+
# Do nothing and fallback to the default template
|
26
|
+
end
|
27
|
+
end
|
19
28
|
end
|
20
29
|
end
|
21
30
|
end
|
@@ -21,6 +21,29 @@ describe Spree::Api::BaseController do
|
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
|
+
context "when validating based on an order token" do
|
25
|
+
let!(:order) { create :order }
|
26
|
+
|
27
|
+
context "with a correct order token" do
|
28
|
+
it "succeeds" do
|
29
|
+
api_get :index, order_token: order.token, order_id: order.number
|
30
|
+
response.status.should == 200
|
31
|
+
end
|
32
|
+
|
33
|
+
it "succeeds with an order_number parameter" do
|
34
|
+
api_get :index, order_token: order.token, order_number: order.number
|
35
|
+
response.status.should == 200
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
context "with an incorrect order token" do
|
40
|
+
it "returns unauthorized" do
|
41
|
+
api_get :index, order_token: "NOT_A_TOKEN", order_id: order.number
|
42
|
+
response.status.should == 401
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
24
47
|
context "cannot make a request to the API" do
|
25
48
|
it "without an API key" do
|
26
49
|
api_get :index
|
@@ -21,6 +21,16 @@ module Spree
|
|
21
21
|
Spree::Config[:track_inventory_levels] = true
|
22
22
|
end
|
23
23
|
|
24
|
+
context "GET 'show'" do
|
25
|
+
let(:order) { create(:order) }
|
26
|
+
|
27
|
+
it "redirects to Orders#show" do
|
28
|
+
api_get :show, :id => order.number
|
29
|
+
response.status.should == 301
|
30
|
+
response.should redirect_to("/api/orders/#{order.number}")
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
24
34
|
context "POST 'create'" do
|
25
35
|
it "creates a new order when no parameters are passed" do
|
26
36
|
api_post :create
|
@@ -21,7 +21,8 @@ module Spree
|
|
21
21
|
api_post :create,
|
22
22
|
:image => { :attachment => upload_image('thinking-cat.jpg'),
|
23
23
|
:viewable_type => 'Spree::Variant',
|
24
|
-
:viewable_id => product.master.to_param }
|
24
|
+
:viewable_id => product.master.to_param },
|
25
|
+
:product_id => product.id
|
25
26
|
response.status.should == 201
|
26
27
|
json_response.should have_attributes(attributes)
|
27
28
|
end.should change(Image, :count).by(1)
|
@@ -32,14 +33,14 @@ module Spree
|
|
32
33
|
|
33
34
|
it "can update image data" do
|
34
35
|
product_image.position.should == 1
|
35
|
-
api_post :update, :image => { :position => 2 }, :id => product_image.id
|
36
|
+
api_post :update, :image => { :position => 2 }, :id => product_image.id, :product_id => product.id
|
36
37
|
response.status.should == 200
|
37
38
|
json_response.should have_attributes(attributes)
|
38
39
|
product_image.reload.position.should == 2
|
39
40
|
end
|
40
41
|
|
41
42
|
it "can delete an image" do
|
42
|
-
api_delete :destroy, :id => product_image.id
|
43
|
+
api_delete :destroy, :id => product_image.id, :product_id => product.id
|
43
44
|
response.status.should == 204
|
44
45
|
lambda { product_image.reload }.should raise_error(ActiveRecord::RecordNotFound)
|
45
46
|
end
|
@@ -48,17 +49,17 @@ module Spree
|
|
48
49
|
|
49
50
|
context "as a non-admin" do
|
50
51
|
it "cannot create an image" do
|
51
|
-
api_post :create
|
52
|
+
api_post :create, :product_id => product.id
|
52
53
|
assert_unauthorized!
|
53
54
|
end
|
54
55
|
|
55
56
|
it "cannot update an image" do
|
56
|
-
api_put :update, :id => 1
|
57
|
+
api_put :update, :id => 1, :product_id => product.id
|
57
58
|
assert_not_found!
|
58
59
|
end
|
59
60
|
|
60
61
|
it "cannot delete an image" do
|
61
|
-
api_delete :destroy, :id => 1
|
62
|
+
api_delete :destroy, :id => 1, :product_id => product.id
|
62
63
|
assert_not_found!
|
63
64
|
end
|
64
65
|
end
|
@@ -10,11 +10,8 @@ module Spree
|
|
10
10
|
let(:attributes) { [:id, :quantity, :price, :variant, :total, :display_amount, :single_display_amount] }
|
11
11
|
let(:resource_scoping) { { :order_id => order.to_param } }
|
12
12
|
|
13
|
-
before do
|
14
|
-
stub_authentication!
|
15
|
-
end
|
16
|
-
|
17
13
|
it "can learn how to create a new line item" do
|
14
|
+
controller.stub :try_spree_current_user => current_api_user
|
18
15
|
api_get :new
|
19
16
|
json_response["attributes"].should == ["quantity", "price", "variant_id"]
|
20
17
|
required_attributes = json_response["required_attributes"]
|
@@ -40,6 +37,7 @@ module Spree
|
|
40
37
|
|
41
38
|
context "as the order owner" do
|
42
39
|
before do
|
40
|
+
controller.stub :try_spree_current_user => current_api_user
|
43
41
|
Order.any_instance.stub :user => current_api_user
|
44
42
|
end
|
45
43
|
|
@@ -102,10 +100,28 @@ module Spree
|
|
102
100
|
api_delete :destroy, :id => line_item.id
|
103
101
|
expect(order.reload.shipments).to be_empty
|
104
102
|
end
|
103
|
+
|
104
|
+
context "order is completed" do
|
105
|
+
before do
|
106
|
+
order.stub completed?: true
|
107
|
+
Order.stub_chain :includes, find_by!: order
|
108
|
+
end
|
109
|
+
|
110
|
+
it "doesn't destroy shipments or restart checkout flow" do
|
111
|
+
expect(order.reload.shipments).not_to be_empty
|
112
|
+
api_post :create, :line_item => { :variant_id => product.master.to_param, :quantity => 1 }
|
113
|
+
expect(order.reload.shipments).not_to be_empty
|
114
|
+
end
|
115
|
+
end
|
105
116
|
end
|
106
117
|
end
|
107
118
|
|
108
119
|
context "as just another user" do
|
120
|
+
before do
|
121
|
+
user = create(:user)
|
122
|
+
controller.stub :try_spree_current_user => user
|
123
|
+
end
|
124
|
+
|
109
125
|
it "cannot add a new line item to the order" do
|
110
126
|
api_post :create, :line_item => { :variant_id => product.master.to_param, :quantity => 1 }
|
111
127
|
assert_unauthorized!
|
@@ -13,7 +13,7 @@ module Spree
|
|
13
13
|
:user_id, :created_at, :updated_at,
|
14
14
|
:completed_at, :payment_total, :shipment_state,
|
15
15
|
:payment_state, :email, :special_instructions,
|
16
|
-
:total_quantity, :display_item_total] }
|
16
|
+
:total_quantity, :display_item_total, :currency] }
|
17
17
|
|
18
18
|
let(:address_params) { { :country_id => Country.first.id, :state_id => State.first.id } }
|
19
19
|
|