spree_api 2.3.13 → 2.4.0.rc1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (77) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +1 -43
  3. data/Gemfile +1 -1
  4. data/app/controllers/spree/api/addresses_controller.rb +1 -1
  5. data/app/controllers/spree/api/base_controller.rb +22 -9
  6. data/app/controllers/spree/api/checkouts_controller.rb +2 -2
  7. data/app/controllers/spree/api/countries_controller.rb +2 -2
  8. data/app/controllers/spree/api/credit_cards_controller.rb +1 -1
  9. data/app/controllers/spree/api/images_controller.rb +5 -0
  10. data/app/controllers/spree/api/inventory_units_controller.rb +1 -1
  11. data/app/controllers/spree/api/line_items_controller.rb +7 -7
  12. data/app/controllers/spree/api/option_types_controller.rb +2 -2
  13. data/app/controllers/spree/api/orders_controller.rb +17 -6
  14. data/app/controllers/spree/api/payments_controller.rb +3 -11
  15. data/app/controllers/spree/api/product_properties_controller.rb +2 -2
  16. data/app/controllers/spree/api/promotions_controller.rb +26 -0
  17. data/app/controllers/spree/api/properties_controller.rb +1 -1
  18. data/app/controllers/spree/api/return_authorizations_controller.rb +0 -10
  19. data/app/controllers/spree/api/shipments_controller.rb +71 -4
  20. data/app/controllers/spree/api/states_controller.rb +3 -3
  21. data/app/controllers/spree/api/stock_items_controller.rb +1 -1
  22. data/app/controllers/spree/api/stock_movements_controller.rb +1 -1
  23. data/app/controllers/spree/api/taxons_controller.rb +1 -1
  24. data/app/controllers/spree/api/variants_controller.rb +1 -2
  25. data/app/helpers/spree/api/api_helpers.rb +19 -5
  26. data/app/views/spree/api/images/index.v1.rabl +4 -0
  27. data/app/views/spree/api/products/show.v1.rabl +4 -1
  28. data/app/views/spree/api/promotions/handler.v1.rabl +2 -1
  29. data/app/views/spree/api/promotions/show.v1.rabl +2 -0
  30. data/app/views/spree/api/shipments/big.v1.rabl +48 -0
  31. data/app/views/spree/api/shipments/mine.v1.rabl +9 -0
  32. data/app/views/spree/api/shipments/small.v1.rabl +1 -5
  33. data/app/views/spree/api/shipping_rates/show.v1.rabl +2 -2
  34. data/app/views/spree/api/taxonomies/show.v1.rabl +2 -2
  35. data/app/views/spree/api/variants/big.v1.rabl +6 -1
  36. data/app/views/spree/api/variants/show.v1.rabl +1 -1
  37. data/app/views/spree/api/variants/small.v1.rabl +2 -3
  38. data/config/routes.rb +9 -0
  39. data/lib/spree/api/responders/rabl_template.rb +1 -1
  40. data/lib/spree/api/testing_support/helpers.rb +6 -6
  41. data/lib/spree/api/testing_support/setup.rb +2 -2
  42. data/spec/controllers/spree/api/addresses_controller_spec.rb +7 -7
  43. data/spec/controllers/spree/api/base_controller_spec.rb +66 -19
  44. data/spec/controllers/spree/api/checkouts_controller_spec.rb +54 -54
  45. data/spec/controllers/spree/api/classifications_controller_spec.rb +5 -5
  46. data/spec/controllers/spree/api/config_controller_spec.rb +9 -9
  47. data/spec/controllers/spree/api/countries_controller_spec.rb +11 -11
  48. data/spec/controllers/spree/api/credit_cards_controller_spec.rb +16 -16
  49. data/spec/controllers/spree/api/images_controller_spec.rb +37 -11
  50. data/spec/controllers/spree/api/inventory_units_controller_spec.rb +6 -6
  51. data/spec/controllers/spree/api/line_items_controller_spec.rb +34 -35
  52. data/spec/controllers/spree/api/option_types_controller_spec.rb +18 -18
  53. data/spec/controllers/spree/api/option_values_controller_spec.rb +21 -21
  54. data/spec/controllers/spree/api/orders_controller_spec.rb +177 -161
  55. data/spec/controllers/spree/api/payments_controller_spec.rb +52 -89
  56. data/spec/controllers/spree/api/product_properties_controller_spec.rb +21 -21
  57. data/spec/controllers/spree/api/products_controller_spec.rb +103 -60
  58. data/spec/controllers/spree/api/promotion_application_spec.rb +14 -12
  59. data/spec/controllers/spree/api/promotions_controller_spec.rb +64 -0
  60. data/spec/controllers/spree/api/properties_controller_spec.rb +25 -25
  61. data/spec/controllers/spree/api/return_authorizations_controller_spec.rb +42 -66
  62. data/spec/controllers/spree/api/shipments_controller_spec.rb +69 -21
  63. data/spec/controllers/spree/api/states_controller_spec.rb +18 -18
  64. data/spec/controllers/spree/api/stock_items_controller_spec.rb +26 -26
  65. data/spec/controllers/spree/api/stock_locations_controller_spec.rb +22 -22
  66. data/spec/controllers/spree/api/stock_movements_controller_spec.rb +16 -16
  67. data/spec/controllers/spree/api/taxonomies_controller_spec.rb +24 -24
  68. data/spec/controllers/spree/api/taxons_controller_spec.rb +39 -39
  69. data/spec/controllers/spree/api/unauthenticated_products_controller_spec.rb +5 -5
  70. data/spec/controllers/spree/api/users_controller_spec.rb +41 -41
  71. data/spec/controllers/spree/api/variants_controller_spec.rb +47 -37
  72. data/spec/controllers/spree/api/zones_controller_spec.rb +40 -18
  73. data/spec/models/spree/legacy_user_spec.rb +5 -5
  74. data/spec/requests/rabl_cache_spec.rb +9 -9
  75. data/spec/spec_helper.rb +1 -0
  76. metadata +14 -9
  77. data/spec/requests/ransackable_attributes_spec.rb +0 -79
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a66783ac8d7fc4ed56b7b502f4b06deac327c166
4
- data.tar.gz: e3e18787faa84ccb9f866ebd3edc1fe60ed25680
3
+ metadata.gz: b3b9e15c2abfeee93d14700e5055bf2ea86fc4cd
4
+ data.tar.gz: 31c34775578e450511df02be8ac85f2413fd0459
5
5
  SHA512:
6
- metadata.gz: 618499c336b0c81307853586db653855fa7657a23a0c18a88ce621419e2402bcf7f4eaa890466cdc2cefac1ddb11d7a5aa0c41094a7614064f54554f2b70caed
7
- data.tar.gz: a22ce4bbbbbd21d6f2bb43745e357a3e3391f73b5e22c96508bf32d6fd8265ab3263d3a936eb6eeab6155efb324f24129b01e02e9e406f0954de45eb5772445f
6
+ metadata.gz: 180ab55ad82be69d4925ea1b56053cb3c2217de4ae5852dc4aecff6c235f544032bd08714c6d257984afbf36a47d28ac54dcc52be185eb800b3d741ea7cd06a3
7
+ data.tar.gz: 1bbc3ac9ec9e5b918c1aafb8de8438f474f64ec98ffee720ccd9846943b1a2920f7ca16e748fd4e5b8bd94b51c84227401dcb5efd9a8d9588122a4a359dd107b
data/CHANGELOG.md CHANGED
@@ -1,43 +1 @@
1
- ## Spree 2.3.2 (unreleased) ##
2
-
3
- * Support existing credit card feature on checkout.
4
-
5
- Checkouts_controller#update now uses the same Order::Checkout#update_from_params
6
- from spree frontend which help us to remove a lot of duplicated logic. As a
7
- result of that `payment_source` params must be sent now outsite the `order` key.
8
-
9
- Before you'd send a request like this:
10
-
11
- ```ruby
12
- api_put :update, :id => order.to_param, :order_token => order.guest_token,
13
- :order => {
14
- :payments_attributes => [{ :payment_method_id => @payment_method.id.to_s }],
15
- :payment_source => { @payment_method.id.to_s => { name: "Spree" } }
16
- }
17
- ```
18
-
19
- Now it should look like this:
20
-
21
- ```ruby
22
- api_put :update, :id => order.to_param, :order_token => order.guest_token,
23
- :order => {
24
- :payments_attributes => [{ :payment_method_id => @payment_method.id.to_s }]
25
- },
26
- :payment_source => {
27
- @payment_method.id.to_s => { name: "Spree" }
28
- }
29
- ```
30
-
31
- Josh Hepworth and Washington
32
-
33
- * api/orders/show now display credit cards as source under payment
34
-
35
- Washington Luiz
36
-
37
- * refactor the api to use a general importer in core gem.
38
-
39
- Peter Berkenbosch
40
-
41
- * Shipment manifests viewed within the context of an order no longer return variant info. The line items for the order already contains this information. #4498
42
-
43
- * Ryan Bigg
1
+ ## Spree 2.4.0 (unreleased) ##
data/Gemfile CHANGED
@@ -1,5 +1,5 @@
1
1
  eval(File.read(File.dirname(__FILE__) + '/../common_spree_dependencies.rb'))
2
2
 
3
- gem 'spree_core', :path => "../core"
3
+ gem 'spree_core', :path => '../core'
4
4
 
5
5
  gemspec
@@ -1,7 +1,7 @@
1
1
  module Spree
2
2
  module Api
3
3
  class AddressesController < Spree::Api::BaseController
4
- before_filter :find_order
4
+ before_action :find_order
5
5
 
6
6
  def show
7
7
  authorize! :read, @order, order_token
@@ -10,11 +10,15 @@ module Spree
10
10
 
11
11
  attr_accessor :current_api_user
12
12
 
13
- before_filter :set_content_type
14
- before_filter :load_user
15
- before_filter :authorize_for_order, :if => Proc.new { order_token.present? }
16
- before_filter :authenticate_user
17
- before_filter :load_user_roles
13
+ class_attribute :error_notifier
14
+
15
+ before_action :set_content_type
16
+ before_action :load_user
17
+ before_action :authorize_for_order, if: Proc.new { order_token.present? }
18
+ before_action :authenticate_user
19
+ before_action :load_user_roles
20
+
21
+ after_filter :set_jsonp_format
18
22
 
19
23
  rescue_from Exception, with: :error_during_processing
20
24
  rescue_from ActiveRecord::RecordNotFound, with: :not_found
@@ -25,6 +29,13 @@ module Spree
25
29
 
26
30
  ssl_allowed
27
31
 
32
+ def set_jsonp_format
33
+ if params[:callback] && request.get?
34
+ self.response_body = "#{params[:callback]}(#{response.body})"
35
+ headers["Content-Type"] = 'application/javascript'
36
+ end
37
+ end
38
+
28
39
  def map_nested_attributes_keys(klass, attributes)
29
40
  nested_keys = klass.nested_attributes_options.keys
30
41
  attributes.inject({}) do |h, (k,v)|
@@ -37,7 +48,7 @@ module Spree
37
48
  # users should be able to set price when importing orders via api
38
49
  def permitted_line_item_attributes
39
50
  if @current_user_roles.include?("admin")
40
- super + [:price, :variant_id, :sku]
51
+ super << [:price, :variant_id, :sku]
41
52
  else
42
53
  super
43
54
  end
@@ -56,7 +67,7 @@ module Spree
56
67
  end
57
68
 
58
69
  def load_user
59
- @current_api_user = Spree.user_class.find_by(spree_api_key: api_key.to_s)
70
+ @current_api_user = (try_spree_current_user || Spree.user_class.find_by(spree_api_key: api_key.to_s))
60
71
  end
61
72
 
62
73
  def authenticate_user
@@ -88,8 +99,10 @@ module Spree
88
99
  Rails.logger.error exception.message
89
100
  Rails.logger.error exception.backtrace.join("\n")
90
101
 
91
- render text: { exception: exception.message }.to_json,
92
- status: 422 and return
102
+ error_notifier.call(exception, self) if error_notifier
103
+
104
+ render :text => { :exception => exception.message }.to_json,
105
+ :status => 422 and return
93
106
  end
94
107
 
95
108
  def gateway_error(exception)
@@ -1,12 +1,12 @@
1
1
  module Spree
2
2
  module Api
3
3
  class CheckoutsController < Spree::Api::BaseController
4
- before_filter :associate_user, only: :update
4
+ before_action :associate_user, only: :update
5
5
 
6
6
  include Spree::Core::ControllerHelpers::Auth
7
7
  include Spree::Core::ControllerHelpers::Order
8
8
  # This before_filter comes from Spree::Core::ControllerHelpers::Order
9
- skip_before_filter :set_current_order
9
+ skip_before_action :set_current_order
10
10
 
11
11
  def next
12
12
  load_order(true)
@@ -1,8 +1,8 @@
1
1
  module Spree
2
2
  module Api
3
3
  class CountriesController < Spree::Api::BaseController
4
- skip_before_filter :check_for_user_or_api_key
5
- skip_before_filter :authenticate_user
4
+ skip_before_action :check_for_user_or_api_key
5
+ skip_before_action :authenticate_user
6
6
 
7
7
  def index
8
8
  @countries = Country.accessible_by(current_ability, :read).ransack(params[:q]).result.
@@ -1,7 +1,7 @@
1
1
  module Spree
2
2
  module Api
3
3
  class CreditCardsController < Spree::Api::BaseController
4
- before_filter :user
4
+ before_action :user
5
5
 
6
6
  def index
7
7
  @credit_cards = user
@@ -2,6 +2,11 @@ module Spree
2
2
  module Api
3
3
  class ImagesController < Spree::Api::BaseController
4
4
 
5
+ def index
6
+ @images = scope.images.accessible_by(current_ability, :read)
7
+ respond_with(@images)
8
+ end
9
+
5
10
  def show
6
11
  @image = Image.accessible_by(current_ability, :read).find(params[:id])
7
12
  respond_with(@image)
@@ -1,7 +1,7 @@
1
1
  module Spree
2
2
  module Api
3
3
  class InventoryUnitsController < Spree::Api::BaseController
4
- before_filter :prepare_event, :only => :update
4
+ before_action :prepare_event, only: :update
5
5
 
6
6
  def show
7
7
  @inventory_unit = inventory_unit
@@ -37,15 +37,15 @@ module Spree
37
37
 
38
38
  def find_line_item
39
39
  id = params[:id].to_i
40
- order.line_items.detect {|line_item| line_item.id == id} or
41
- raise ActiveRecord::RecordNotFound
40
+ order.line_items.detect { |line_item| line_item.id == id } or
41
+ raise ActiveRecord::RecordNotFound
42
42
  end
43
43
 
44
44
  def line_items_attributes
45
- { line_items_attributes: {
46
- id: params[:id],
47
- quantity: params[:line_item][:quantity]
48
- } }
45
+ {line_items_attributes: {
46
+ id: params[:id],
47
+ quantity: params[:line_item][:quantity]
48
+ }}
49
49
  end
50
50
 
51
51
  def line_item_params
@@ -53,4 +53,4 @@ module Spree
53
53
  end
54
54
  end
55
55
  end
56
- end
56
+ end
@@ -3,9 +3,9 @@ module Spree
3
3
  class OptionTypesController < Spree::Api::BaseController
4
4
  def index
5
5
  if params[:ids]
6
- @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).where(id: params[:ids].split(','))
6
+ @option_types = Spree::OptionType.accessible_by(current_ability, :read).where(:id => params[:ids].split(','))
7
7
  else
8
- @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).load.ransack(params[:q]).result
8
+ @option_types = Spree::OptionType.accessible_by(current_ability, :read).load.ransack(params[:q]).result
9
9
  end
10
10
  respond_with(@option_types)
11
11
  end
@@ -1,12 +1,10 @@
1
1
  module Spree
2
2
  module Api
3
3
  class OrdersController < Spree::Api::BaseController
4
- wrap_parameters false
4
+ skip_before_action :check_for_user_or_api_key, only: :apply_coupon_code
5
+ skip_before_action :authenticate_user, only: :apply_coupon_code
5
6
 
6
- skip_before_filter :check_for_user_or_api_key, only: :apply_coupon_code
7
- skip_before_filter :authenticate_user, only: :apply_coupon_code
8
-
9
- before_filter :find_order, except: [:create, :mine, :index, :update]
7
+ before_action :find_order, except: [:create, :mine, :current, :index, :update]
10
8
 
11
9
  # Dynamically defines our stores checkout steps to ensure we check authorization on each step.
12
10
  Order.checkout_steps.keys.each do |step|
@@ -43,7 +41,7 @@ module Spree
43
41
  def empty
44
42
  authorize! :update, @order, order_token
45
43
  @order.empty!
46
- render text: nil, status: 200
44
+ render text: nil, status: 204
47
45
  end
48
46
 
49
47
  def index
@@ -72,6 +70,15 @@ module Spree
72
70
  end
73
71
  end
74
72
 
73
+ def current
74
+ @order = find_current_order
75
+ if @order
76
+ respond_with(@order, default_template: :show, locals: { root_object: @order })
77
+ else
78
+ head :no_content
79
+ end
80
+ end
81
+
75
82
  def mine
76
83
  if current_api_user.persisted?
77
84
  @orders = current_api_user.orders.reverse_chronological.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
@@ -111,6 +118,10 @@ module Spree
111
118
  @order = Spree::Order.lock(lock).find_by!(number: params[:id])
112
119
  end
113
120
 
121
+ def find_current_order
122
+ current_api_user ? current_api_user.orders.incomplete.order(:created_at).last : nil
123
+ end
124
+
114
125
  def order_id
115
126
  super || params[:id]
116
127
  end
@@ -2,8 +2,8 @@ module Spree
2
2
  module Api
3
3
  class PaymentsController < Spree::Api::BaseController
4
4
 
5
- before_filter :find_order
6
- before_filter :find_payment, only: [:update, :show, :authorize, :purchase, :capture, :void, :credit]
5
+ before_action :find_order
6
+ before_action :find_payment, only: [:update, :show, :authorize, :purchase, :capture, :void]
7
7
 
8
8
  def index
9
9
  @payments = @order.payments.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
@@ -26,7 +26,7 @@ module Spree
26
26
 
27
27
  def update
28
28
  authorize! params[:action], @payment
29
- if !@payment.editable?
29
+ if ! @payment.pending?
30
30
  render 'update_forbidden', status: 403
31
31
  elsif @payment.update_attributes(payment_params)
32
32
  respond_with(@payment, default_template: :show)
@@ -55,14 +55,6 @@ module Spree
55
55
  perform_payment_action(:void_transaction)
56
56
  end
57
57
 
58
- def credit
59
- if params[:amount].to_f > @payment.credit_allowed
60
- render 'credit_over_limit', status: 422
61
- else
62
- perform_payment_action(:credit, params[:amount])
63
- end
64
- end
65
-
66
58
  private
67
59
 
68
60
  def find_order
@@ -2,8 +2,8 @@ module Spree
2
2
  module Api
3
3
  class ProductPropertiesController < Spree::Api::BaseController
4
4
 
5
- before_filter :find_product
6
- before_filter :product_property, only: [:show, :update, :destroy]
5
+ before_action :find_product
6
+ before_action :product_property, only: [:show, :update, :destroy]
7
7
 
8
8
  def index
9
9
  @product_properties = @product.product_properties.accessible_by(current_ability, :read).
@@ -0,0 +1,26 @@
1
+ module Spree
2
+ module Api
3
+ class PromotionsController < Spree::Api::BaseController
4
+ before_filter :requires_admin
5
+ before_filter :load_promotion
6
+
7
+ def show
8
+ if @promotion
9
+ respond_with(@promotion, default_template: :show)
10
+ else
11
+ raise ActiveRecord::RecordNotFound
12
+ end
13
+ end
14
+
15
+ private
16
+ def requires_admin
17
+ return if @current_user_roles.include?("admin")
18
+ unauthorized and return
19
+ end
20
+
21
+ def load_promotion
22
+ @promotion = Spree::Promotion.find_by_id(params[:id]) || Spree::Promotion.with_coupon_code(params[:id])
23
+ end
24
+ end
25
+ end
26
+ end
@@ -2,7 +2,7 @@ module Spree
2
2
  module Api
3
3
  class PropertiesController < Spree::Api::BaseController
4
4
 
5
- before_filter :find_property, only: [:show, :update, :destroy]
5
+ before_action :find_property, only: [:show, :update, :destroy]
6
6
 
7
7
  def index
8
8
  @properties = Spree::Property.accessible_by(current_ability, :read)
@@ -45,16 +45,6 @@ module Spree
45
45
  end
46
46
  end
47
47
 
48
- def add
49
- @return_authorization = order.return_authorizations.accessible_by(current_ability, :update).find(params[:id])
50
- @return_authorization.add_variant params[:variant_id].to_i, params[:quantity].to_i
51
- if @return_authorization.valid?
52
- respond_with @return_authorization, default_template: :show
53
- else
54
- invalid_resource!(@return_authorization)
55
- end
56
- end
57
-
58
48
  def receive
59
49
  @return_authorization = order.return_authorizations.accessible_by(current_ability, :update).find(params[:id])
60
50
  if @return_authorization.receive
@@ -2,7 +2,21 @@ module Spree
2
2
  module Api
3
3
  class ShipmentsController < Spree::Api::BaseController
4
4
 
5
- before_filter :find_and_update_shipment, only: [:ship, :ready, :add, :remove]
5
+ before_action :find_and_update_shipment, only: [:ship, :ready, :add, :remove]
6
+ before_action :load_transfer_params, only: [:transfer_to_location, :transfer_to_shipment]
7
+
8
+ def mine
9
+ if current_api_user.persisted?
10
+ @shipments = Spree::Shipment
11
+ .reverse_chronological
12
+ .joins(:order)
13
+ .where(spree_orders: {user_id: current_api_user.id})
14
+ .includes(mine_includes)
15
+ .ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
16
+ else
17
+ render "spree/api/errors/unauthorized", status: :unauthorized
18
+ end
19
+ end
6
20
 
7
21
  def create
8
22
  @order = Spree::Order.find_by!(number: params.fetch(:shipment).fetch(:order_id))
@@ -10,7 +24,7 @@ module Spree
10
24
  authorize! :create, Shipment
11
25
  quantity = params[:quantity].to_i
12
26
  @shipment = @order.shipments.create(stock_location_id: params.fetch(:stock_location_id))
13
- @order.contents.add(variant, quantity, nil, @shipment)
27
+ @order.contents.add(variant, quantity, {shipment: @shipment})
14
28
 
15
29
  @shipment.save!
16
30
 
@@ -45,7 +59,7 @@ module Spree
45
59
  def add
46
60
  quantity = params[:quantity].to_i
47
61
 
48
- @shipment.order.contents.add(variant, quantity, nil, @shipment)
62
+ @shipment.order.contents.add(variant, quantity, {shipment: @shipment})
49
63
 
50
64
  respond_with(@shipment, default_template: :show)
51
65
  end
@@ -53,13 +67,33 @@ module Spree
53
67
  def remove
54
68
  quantity = params[:quantity].to_i
55
69
 
56
- @shipment.order.contents.remove(variant, quantity, @shipment)
70
+ @shipment.order.contents.remove(variant, quantity, {shipment: @shipment})
57
71
  @shipment.reload if @shipment.persisted?
58
72
  respond_with(@shipment, default_template: :show)
59
73
  end
60
74
 
75
+ def transfer_to_location
76
+ @stock_location = Spree::StockLocation.find(params[:stock_location_id])
77
+ @original_shipment.transfer_to_location(@variant, @quantity, @stock_location)
78
+ render json: {success: true, message: Spree.t(:shipment_transfer_success)}, status: 201
79
+ end
80
+
81
+ def transfer_to_shipment
82
+ @target_shipment = Spree::Shipment.find_by!(number: params[:target_shipment_number])
83
+ @original_shipment.transfer_to_shipment(@variant, @quantity, @target_shipment)
84
+ render json: {success: true, message: Spree.t(:shipment_transfer_success)}, status: 201
85
+ end
86
+
61
87
  private
62
88
 
89
+ def load_transfer_params
90
+ @original_shipment = Spree::Shipment.where(number: params[:original_shipment_number]).first
91
+ @variant = Spree::Variant.find(params[:variant_id])
92
+ @quantity = params[:quantity].to_i
93
+ authorize! :read, @original_shipment
94
+ authorize! :create, Shipment
95
+ end
96
+
63
97
  def find_and_update_shipment
64
98
  @shipment = Spree::Shipment.accessible_by(current_ability, :update).readonly(false).find_by!(number: params[:id])
65
99
  @shipment.update_attributes(shipment_params)
@@ -77,6 +111,39 @@ module Spree
77
111
  def variant
78
112
  @variant ||= Spree::Variant.unscoped.find(params.fetch(:variant_id))
79
113
  end
114
+
115
+ def mine_includes
116
+ {
117
+ order: {
118
+ bill_address: {
119
+ state: {},
120
+ country: {},
121
+ },
122
+ ship_address: {
123
+ state: {},
124
+ country: {},
125
+ },
126
+ adjustments: {},
127
+ payments: {
128
+ order: {},
129
+ payment_method: {},
130
+ },
131
+ },
132
+ inventory_units: {
133
+ line_item: {
134
+ product: {},
135
+ variant: {},
136
+ },
137
+ variant: {
138
+ product: {},
139
+ default_price: {},
140
+ option_values: {
141
+ option_type: {},
142
+ },
143
+ },
144
+ },
145
+ }
146
+ end
80
147
  end
81
148
  end
82
149
  end
@@ -1,9 +1,9 @@
1
1
  module Spree
2
2
  module Api
3
3
  class StatesController < Spree::Api::BaseController
4
- skip_before_filter :set_expiry
5
- skip_before_filter :check_for_user_or_api_key
6
- skip_before_filter :authenticate_user
4
+ skip_before_action :set_expiry
5
+ skip_before_action :check_for_user_or_api_key
6
+ skip_before_action :authenticate_user
7
7
 
8
8
  def index
9
9
  @states = scope.ransack(params[:q]).result.
@@ -1,7 +1,7 @@
1
1
  module Spree
2
2
  module Api
3
3
  class StockItemsController < Spree::Api::BaseController
4
- before_filter :stock_location, except: [:update, :destroy]
4
+ before_action :stock_location, except: [:update, :destroy]
5
5
 
6
6
  def index
7
7
  @stock_items = scope.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
@@ -1,7 +1,7 @@
1
1
  module Spree
2
2
  module Api
3
3
  class StockMovementsController < Spree::Api::BaseController
4
- before_filter :stock_location, except: [:update, :destroy]
4
+ before_action :stock_location, except: [:update, :destroy]
5
5
 
6
6
  def index
7
7
  authorize! :read, StockMovement
@@ -65,7 +65,7 @@ module Spree
65
65
  # Products#index does not do the sorting.
66
66
  taxon = Spree::Taxon.find(params[:id])
67
67
  @products = taxon.products.ransack(params[:q]).result
68
- @products = @products.page(params[:page]).per(params[:per_page] || 500)
68
+ @products = @products.page(params[:page]).per(500 || params[:per_page])
69
69
  render "spree/api/products/index"
70
70
  end
71
71
 
@@ -1,7 +1,7 @@
1
1
  module Spree
2
2
  module Api
3
3
  class VariantsController < Spree::Api::BaseController
4
- before_filter :product
4
+ before_action :product
5
5
 
6
6
  def create
7
7
  authorize! :create, Variant
@@ -25,7 +25,6 @@ module Spree
25
25
  def index
26
26
  @variants = scope.includes({ option_values: :option_type }, :product, :default_price, :images, { stock_items: :stock_location })
27
27
  .ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
28
-
29
28
  respond_with(@variants)
30
29
  end
31
30
 
@@ -21,13 +21,16 @@ module Spree
21
21
  :country_attributes,
22
22
  :state_attributes,
23
23
  :adjustment_attributes,
24
+ :inventory_unit_attributes,
25
+ :return_authorization_attributes,
24
26
  :creditcard_attributes,
25
27
  :payment_source_attributes,
26
28
  :user_attributes,
27
29
  :property_attributes,
28
30
  :stock_location_attributes,
29
31
  :stock_movement_attributes,
30
- :stock_item_attributes
32
+ :stock_item_attributes,
33
+ :promotion_attributes
31
34
  ]
32
35
 
33
36
  mattr_reader *ATTRIBUTES
@@ -56,7 +59,7 @@ module Spree
56
59
 
57
60
  @@variant_attributes = [
58
61
  :id, :name, :sku, :price, :weight, :height, :width, :depth, :is_master,
59
- :cost_price, :slug, :description, :track_inventory
62
+ :slug, :description, :track_inventory
60
63
  ]
61
64
 
62
65
  @@image_attributes = [
@@ -83,7 +86,7 @@ module Spree
83
86
 
84
87
  @@payment_attributes = [
85
88
  :id, :source_type, :source_id, :amount, :display_amount,
86
- :payment_method_id, :state, :avs_response, :created_at,
89
+ :payment_method_id, :response_code, :state, :avs_response, :created_at,
87
90
  :updated_at
88
91
  ]
89
92
 
@@ -104,8 +107,7 @@ module Spree
104
107
  ]
105
108
 
106
109
  @@return_authorization_attributes = [
107
- :id, :number, :state, :amount, :order_id, :reason, :created_at,
108
- :updated_at
110
+ :id, :number, :state, :order_id, :memo, :created_at, :updated_at
109
111
  ]
110
112
 
111
113
  @@address_attributes = [
@@ -148,6 +150,18 @@ module Spree
148
150
  :id, :count_on_hand, :backorderable, :lock_version, :stock_location_id,
149
151
  :variant_id
150
152
  ]
153
+
154
+ @@promotion_attributes = [
155
+ :id, :name, :description, :expires_at, :starts_at, :type, :usage_limit, :match_policy, :code, :advertise, :path
156
+ ]
157
+
158
+ def variant_attributes
159
+ if @current_user_roles && @current_user_roles.include?("admin")
160
+ @@variant_attributes + [:cost_price]
161
+ else
162
+ @@variant_attributes
163
+ end
164
+ end
151
165
  end
152
166
  end
153
167
  end
@@ -0,0 +1,4 @@
1
+ object false
2
+ child(@images => :images) do
3
+ extends "spree/api/images/show"
4
+ end
@@ -1,8 +1,11 @@
1
1
  object @product
2
- cache [I18n.locale, current_currency, root_object]
2
+ cache [I18n.locale, @current_user_roles.include?('admin'), current_currency, root_object]
3
+
3
4
  attributes *product_attributes
5
+
4
6
  node(:display_price) { |p| p.display_price.to_s }
5
7
  node(:has_variants) { |p| p.has_variants? }
8
+
6
9
  child :master => :master do
7
10
  extends "spree/api/variants/small"
8
11
  end
@@ -1,4 +1,5 @@
1
1
  object false
2
2
  node(:success) { @handler.success }
3
3
  node(:error) { @handler.error }
4
- node(:successful) { @handler.successful? }
4
+ node(:successful) { @handler.successful? }
5
+ node(:status_code) { @handler.status_code }