spree_api 2.4.10 → 3.0.0.rc1

data/spec/controllers/spree/api/payments_controller_spec.rb

@@ -6,7 +6,7 @@ module Spree
     let!(:order) { create(:order) }
     let!(:payment) { create(:payment, :order => order) }
     let!(:attributes) { [:id, :source_type, :source_id, :amount, :display_amount,
-                         :payment_method_id, :state, :avs_response,
+                         :payment_method_id, :response_code, :state, :avs_response,
                          :created_at, :updated_at] }
 
     let(:resource_scoping) { { :order_id => order.to_param } }
@@ -82,7 +82,7 @@ module Spree
       end
 
       context "multiple payments" do
-        before { @payment = create(:payment, :order => order) }
+        before { @payment = create(:payment, :order => order, :response_code => '99999') }
 
         it "can view all payments on an order" do
           api_get :index
@@ -95,41 +95,36 @@ module Spree
           expect(json_response['current_page']).to eq(1)
           expect(json_response['pages']).to eq(2)
         end
+
+        it 'can query the results through a paramter' do
+          api_get :index, :q => { :response_code_cont => '999' }
+          expect(json_response['count']).to eq(1)
+          expect(json_response['payments'].first['response_code']).to eq @payment.response_code
+        end
       end
 
       context "for a given payment" do
         context "updating" do
-          context "when the state is checkout" do
-            it "can update" do
-              payment.update_attributes(state: 'checkout')
-              api_put(:update, id: payment.to_param, payment: { amount: 2.01 })
-              expect(response.status).to be(200)
-              expect(payment.reload.amount).to eq(2.01)
-            end
-          end
-
-          context "when the state is pending" do
-            it "can update" do
-              payment.update_attributes(state: 'pending')
-              api_put(:update, id: payment.to_param, payment: { amount: 2.01 })
-              expect(response.status).to be(200)
-              expect(payment.reload.amount).to eq(2.01)
-            end
+          it "can update" do
+            payment.update_attributes(:state => 'pending')
+            api_put :update, :id => payment.to_param, :payment => { :amount => 2.01 }
+            expect(response.status).to eq(200)
+            expect(payment.reload.amount).to eq(2.01)
           end
 
           context "update fails" do
             it "returns a 422 status when the amount is invalid" do
-              payment.update_attributes(state: 'pending')
-              api_put(:update, id: payment.to_param, payment: { amount: 'invalid' })
-              expect(response.status).to be(422)
-              expect(json_response['error']).to eql('Invalid resource. Please fix errors and try again.')
+              payment.update_attributes(:state => 'pending')
+              api_put :update, :id => payment.to_param, :payment => { :amount => 'invalid' }
+              expect(response.status).to eq(422)
+              expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
             end
 
             it "returns a 403 status when the payment is not pending" do
-              payment.update_attributes(state: 'completed')
-              api_put(:update, id: payment.to_param, payment: { amount: 2.01 })
-              expect(response.status).to be(403)
-              expect(json_response['error']).to eql('This payment cannot be updated because it is completed.')
+              payment.update_attributes(:state => 'completed')
+              api_put :update, :id => payment.to_param, :payment => { :amount => 2.01 }
+              expect(response.status).to eq(403)
+              expect(json_response["error"]).to eq("This payment cannot be updated because it is completed.")
             end
           end
         end

data/spec/controllers/spree/api/product_properties_controller_spec.rb

@@ -70,7 +70,7 @@ module Spree
     end
 
     it "cannot delete a product property" do
-      api_delete :destroy, :property_name => property_1.property_name
+      api_delete :destroy, id: property_1.to_param, :property_name => property_1.property_name
       assert_unauthorized!
       expect { property_1.reload }.not_to raise_error
     end

data/spec/controllers/spree/api/products_controller_spec.rb

@@ -67,6 +67,45 @@ module Spree
         expect(json_response["per_page"]).to eq(Kaminari.config.default_per_page)
       end
 
+      context "specifying a rabl template for a custom action" do
+        before do
+          Spree::Api::ProductsController.class_eval do
+            def custom_show
+              @product = find_product(params[:id])
+              respond_with(@product)
+            end
+          end
+        end
+
+        def set_custom_route
+          @routes = ActionDispatch::Routing::RouteSet.new.tap do |r|
+            r.draw { get 'custom_show' => 'spree/api/products#custom_show' }
+          end
+        end
+
+        it "uses the specified custom template through the request header" do
+          set_custom_route
+
+          request.headers['X-Spree-Template'] = 'show'
+          api_get :custom_show, :id => product.id
+          expect(response).to render_template('spree/api/products/show')
+        end
+
+        it "uses the specified custom template through the template URL parameter" do
+          set_custom_route
+
+          api_get :custom_show, :id => product.id, :template => 'show'
+          expect(response).to render_template('spree/api/products/show')
+        end
+
+        it "falls back to the default template if the specified template does not exist" do
+          request.headers['X-Spree-Template'] = 'invoice'
+
+          api_get :show, :id => product.id
+          expect(response).to render_template('spree/api/products/show')
+        end
+      end
+
       context "product has more than one price" do
         before { product.master.prices.create currency: "EUR", amount: 22 }
 
@@ -117,6 +156,21 @@ module Spree
         end
       end
 
+      context "jsonp" do
+        it "retrieves a list of products of jsonp" do
+          api_get :index, {:callback => 'callback'}
+          expect(response.body).to match(/^callback\(.*\)$/)
+          expect(response.header['Content-Type']).to include('application/javascript')
+        end
+
+        # Regression test for #4332
+        it "does not escape quotes" do
+          api_get :index, {:callback => 'callback'}
+          expect(response.body).to match(/^callback\({"count":1,"total_count":1/)
+          expect(response.header['Content-Type']).to include('application/javascript')
+        end
+      end
+
       it "can search for products" do
         create(:product, :name => "The best product in the world")
         api_get :index, :q => { :name_cont => "best" }
@@ -287,13 +341,6 @@ module Spree
           expect(json_response['option_types'].count).to eq(2)
         end
 
-        it "creates product with option_types ids" do
-          option_type = create(:option_type)
-          product_data.merge!(option_type_ids: [option_type.id])
-          api_post :create, product: product_data
-          expect(json_response['option_types'].first['id']).to eq option_type.id
-        end
-
         it "creates with shipping categories" do
           hash = { :name => "The Other Product",
                    :price => 19.99,

data/spec/controllers/spree/api/return_authorizations_controller_spec.rb

@@ -40,12 +40,12 @@ module Spree
       end
 
       it "cannot update a return authorization" do
-        api_put :update
+        api_put :update, id: 1
         assert_not_found!
       end
 
       it "cannot delete a return authorization" do
-        api_delete :destroy
+        api_delete :destroy, id: 1
         assert_not_found!
       end
     end

data/spec/controllers/spree/api/stock_items_controller_spec.rb

@@ -39,12 +39,14 @@ module Spree
       end
 
       it "cannot update a stock item" do
-        api_put :update, stock_location_id: stock_location.to_param, stock_item_id: stock_item.to_param
+        api_put :update, stock_location_id: stock_location.to_param,
+          id: stock_item.to_param
         expect(response.status).to eq(404)
       end
 
       it "cannot destroy a stock item" do
-        api_delete :destroy, stock_location_id: stock_location.to_param, stock_item_id: stock_item.to_param
+        api_delete :destroy, stock_location_id: stock_location.to_param,
+          id: stock_item.to_param
         expect(response.status).to eq(404)
       end
     end

data/spec/controllers/spree/api/stock_movements_controller_spec.rb

@@ -46,12 +46,6 @@ module Spree
         expect(json_response['stock_movements'].first['stock_item']['count_on_hand']).to eq 11
       end
 
-      it 'requires a stock_location_id to be passed as a parameter' do
-        api_get :index
-        expect(json_response['error']).to match(/stock_location_id parameter must be provided/)
-        expect(response.status).to eq(422)
-      end
-
       it 'can control the page size through a parameter' do
         create(:stock_movement, stock_item: stock_item)
         api_get :index, stock_location_id: stock_location.to_param, per_page: 1

data/spec/controllers/spree/api/users_controller_spec.rb

@@ -4,40 +4,42 @@ module Spree
   describe Api::UsersController, :type => :controller do
     render_views
 
-    let(:user) { create(:user, spree_api_key: rand.to_s) }
+    let(:user) { create(:user) }
     let(:stranger) { create(:user, :email => 'stranger@example.com') }
     let(:attributes) { [:id, :email, :created_at, :updated_at] }
 
+    before { stub_authentication! }
+
     context "as a normal user" do
+      before do
+        allow(controller).to receive_messages :try_spree_current_user => user
+      end
+
       it "can get own details" do
-        api_get :show, id: user.id, token: user.spree_api_key
+        api_get :show, :id => user.id
 
         expect(json_response['email']).to eq user.email
       end
 
       it "cannot get other users details" do
-        api_get :show, id: stranger.id, token: user.spree_api_key
+        api_get :show, :id => stranger.id
 
         assert_not_found!
       end
 
       it "can learn how to create a new user" do
-        api_get :new, token: user.spree_api_key
+        api_get :new
         expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
       end
 
       it "can create a new user" do
-        user_params = {
-          :email => 'new@example.com', :password => 'spree123', :password_confirmation => 'spree123'
-        }
-
-        api_post :create, :user => user_params, token: user.spree_api_key
+        api_post :create, :user => { :email => 'new@example.com', :password => 'spree123', :password_confirmation => 'spree123' }
         expect(json_response['email']).to eq 'new@example.com'
       end
 
       # there's no validations on LegacyUser?
       xit "cannot create a new user with invalid attributes" do
-        api_post :create, :user => {}, token: user.spree_api_key
+        api_post :create, :user => {}
         expect(response.status).to eq(422)
         expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
         errors = json_response["errors"]
@@ -45,7 +47,7 @@ module Spree
 
       it "can update own details" do
         country = create(:country)
-        api_put :update, id: user.id, token: user.spree_api_key, user: {
+        api_put :update, id: user.id, user: {
           email: "mine@example.com",
           bill_address_attributes: {
             first_name: 'First',
@@ -74,23 +76,23 @@ module Spree
       end
 
       it "cannot update other users details" do
-        api_put :update, id: stranger.id, token: user.spree_api_key, user: { :email => "mine@example.com" }
+        api_put :update, :id => stranger.id, :user => { :email => "mine@example.com" }
         assert_not_found!
       end
 
       it "can delete itself" do
-        api_delete :destroy, id: user.id, token: user.spree_api_key
+        api_delete :destroy, :id => user.id
         expect(response.status).to eq(204)
       end
 
       it "cannot delete other user" do
-        api_delete :destroy, id: stranger.id, token: user.spree_api_key
+        api_delete :destroy, :id => stranger.id
         assert_not_found!
       end
 
       it "should only get own details on index" do
         2.times { create(:user) }
-        api_get :index, token: user.spree_api_key
+        api_get :index
 
         expect(Spree.user_class.count).to eq 3
         expect(json_response['count']).to eq 1
@@ -99,8 +101,6 @@ module Spree
     end
 
     context "as an admin" do
-      before { stub_authentication! }
-
       sign_in_as_admin!
 
       it "gets all users" do

data/spec/controllers/spree/api/variants_controller_spec.rb

@@ -4,11 +4,10 @@ module Spree
   describe Api::VariantsController, :type => :controller do
     render_views
 
-    let(:option_value) { create(:option_value) }
     let!(:product) { create(:product) }
     let!(:variant) do
       variant = product.master
-      variant.option_values << option_value
+      variant.option_values << create(:option_value)
       variant
     end
 
@@ -167,12 +166,10 @@ module Spree
       end
 
       it "can create a new variant" do
-        api_post :create, variant: { sku: "12345", option_value_ids: [option_value.id] }
-
+        api_post :create, :variant => { :sku => "12345" }
         expect(json_response).to have_attributes(new_attributes)
         expect(response.status).to eq(201)
         expect(json_response["sku"]).to eq("12345")
-        expect(json_response["option_values"].first["id"]).to eq option_value.id
 
         expect(variant.product.variants.count).to eq(1)
       end

data/spec/controllers/spree/api/zones_controller_spec.rb

@@ -38,6 +38,32 @@ module Spree
       expect(json_response['zone_members'].size).to eq @zone.zone_members.count
     end
 
+    context "specifying a rabl template to use" do
+      before do
+        Spree::Api::ZonesController.class_eval do
+          def custom_show
+            respond_with(zone)
+          end
+        end
+      end
+
+      it "uses the specified template" do
+        @routes = ActionDispatch::Routing::RouteSet.new.tap do |r|
+          r.draw { get 'custom_show' => 'spree/api/zones#custom_show' }
+        end
+
+        request.headers['X-Spree-Template'] = 'show'
+        api_get :custom_show, :id => @zone.id
+        expect(response).to render_template('spree/api/zones/show')
+      end
+
+      it "falls back to the default template if the specified template does not exist" do
+        request.headers['X-Spree-Template'] = 'invoice'
+        api_get :show, :id => @zone.id
+        expect(response).to render_template('spree/api/zones/show')
+      end
+    end
+
     context "as an admin" do
       sign_in_as_admin!
 

data/spec/spec_helper.rb

@@ -38,18 +38,17 @@ require 'spree/api/testing_support/setup'
 RSpec.configure do |config|
   config.backtrace_exclusion_patterns = [/gems\/activesupport/, /gems\/actionpack/, /gems\/rspec/]
   config.color = true
+  config.fail_fast = ENV['FAIL_FAST'] || false
   config.infer_spec_type_from_file_location!
+  config.raise_errors_for_deprecations!
+  config.use_transactional_fixtures = true
 
   config.include FactoryGirl::Syntax::Methods
   config.include Spree::Api::TestingSupport::Helpers, :type => :controller
   config.extend Spree::Api::TestingSupport::Setup, :type => :controller
   config.include Spree::TestingSupport::Preferences, :type => :controller
 
-  config.fail_fast = ENV['FAIL_FAST'] || false
-
   config.before do
     Spree::Api::Config[:requires_authentication] = true
   end
-
-  config.use_transactional_fixtures = true
 end

data/spec/support/controller_hacks.rb

@@ -1,5 +1,11 @@
 require 'active_support/all'
 module ControllerHacks
+  extend ActiveSupport::Concern
+
+  included do
+    routes { Spree::Core::Engine.routes }
+  end
+
   def api_get(action, params={}, session=nil, flash=nil)
     api_process(action, params, session, flash, "GET")
   end
@@ -12,17 +18,13 @@ module ControllerHacks
     api_process(action, params, session, flash, "PUT")
   end
 
-  def api_patch(action, params={}, session=nil, flash=nil)
-    api_process(action, params, session, flash, "PATCH")
-  end
-
   def api_delete(action, params={}, session=nil, flash=nil)
     api_process(action, params, session, flash, "DELETE")
   end
 
   def api_process(action, params={}, session=nil, flash=nil, method="get")
     scoping = respond_to?(:resource_scoping) ? resource_scoping : {}
-    process(action, method, params.merge(scoping).reverse_merge!(:use_route => :spree, :format => :json), session, flash)
+    process(action, method, params.merge(scoping).reverse_merge!(:format => :json), session, flash)
   end
 end
 

data/spree_api.gemspec

@@ -6,7 +6,8 @@ Gem::Specification.new do |gem|
   gem.email         = ["ryan@spreecommerce.com"]
   gem.description   = %q{Spree's API}
   gem.summary       = %q{Spree's API}
-  gem.homepage      = ""
+  gem.homepage      = 'https://spreecommerce.com'
+  gem.license       = %q{BSD-3}
 
   gem.files         = `git ls-files`.split($\)
   gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spree_api
 version: !ruby/object:Gem::Version
-  version: 2.4.10
+  version: 3.0.0.rc1
 platform: ruby
 authors:
 - Ryan Bigg
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-08-19 00:00:00.000000000 Z
+date: 2015-02-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: spree_core
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.4.10
+        version: 3.0.0.rc1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.4.10
+        version: 3.0.0.rc1
 - !ruby/object:Gem::Dependency
   name: rabl
   requirement: !ruby/object:Gem::Requirement
@@ -241,15 +241,15 @@ files:
 - spec/fixtures/thinking-cat.jpg
 - spec/models/spree/legacy_user_spec.rb
 - spec/requests/rabl_cache_spec.rb
-- spec/requests/ransackable_attributes_spec.rb
 - spec/shared_examples/protect_product_actions.rb
 - spec/spec_helper.rb
 - spec/support/controller_hacks.rb
 - spec/support/database_cleaner.rb
 - spec/support/have_attributes_matcher.rb
 - spree_api.gemspec
-homepage: ''
-licenses: []
+homepage: https://spreecommerce.com
+licenses:
+- BSD-3
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -262,9 +262,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.4.5
@@ -307,7 +307,6 @@ test_files:
 - spec/fixtures/thinking-cat.jpg
 - spec/models/spree/legacy_user_spec.rb
 - spec/requests/rabl_cache_spec.rb
-- spec/requests/ransackable_attributes_spec.rb
 - spec/shared_examples/protect_product_actions.rb
 - spec/spec_helper.rb
 - spec/support/controller_hacks.rb