spree_api 3.0.10 → 3.1.0.rc1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (190) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/spree/api/base_controller.rb +21 -22
  3. data/app/controllers/spree/api/v1/addresses_controller.rb +46 -0
  4. data/app/controllers/spree/api/v1/checkouts_controller.rb +103 -0
  5. data/app/controllers/spree/api/v1/classifications_controller.rb +20 -0
  6. data/app/controllers/spree/api/v1/countries_controller.rb +24 -0
  7. data/app/controllers/spree/api/v1/credit_cards_controller.rb +27 -0
  8. data/app/controllers/spree/api/v1/images_controller.rb +56 -0
  9. data/app/controllers/spree/api/v1/inventory_units_controller.rb +54 -0
  10. data/app/controllers/spree/api/v1/line_items_controller.rb +70 -0
  11. data/app/controllers/spree/api/v1/option_types_controller.rb +51 -0
  12. data/app/controllers/spree/api/v1/option_values_controller.rb +60 -0
  13. data/app/controllers/spree/api/v1/orders_controller.rb +137 -0
  14. data/app/controllers/spree/api/v1/payments_controller.rb +82 -0
  15. data/app/controllers/spree/api/v1/product_properties_controller.rb +73 -0
  16. data/app/controllers/spree/api/v1/products_controller.rb +126 -0
  17. data/app/controllers/spree/api/v1/promotions_controller.rb +28 -0
  18. data/app/controllers/spree/api/v1/properties_controller.rb +72 -0
  19. data/app/controllers/spree/api/v1/return_authorizations_controller.rb +71 -0
  20. data/app/controllers/spree/api/v1/shipments_controller.rb +163 -0
  21. data/app/controllers/spree/api/v1/states_controller.rb +37 -0
  22. data/app/controllers/spree/api/v1/stock_items_controller.rb +77 -0
  23. data/app/controllers/spree/api/v1/stock_locations_controller.rb +52 -0
  24. data/app/controllers/spree/api/v1/stock_movements_controller.rb +45 -0
  25. data/app/controllers/spree/api/v1/stores_controller.rb +57 -0
  26. data/app/controllers/spree/api/v1/taxonomies_controller.rb +66 -0
  27. data/app/controllers/spree/api/v1/taxons_controller.rb +95 -0
  28. data/app/controllers/spree/api/v1/users_controller.rb +60 -0
  29. data/app/controllers/spree/api/v1/variants_controller.rb +75 -0
  30. data/app/controllers/spree/api/v1/zones_controller.rb +51 -0
  31. data/app/helpers/spree/api/api_helpers.rb +3 -2
  32. data/app/views/spree/api/{addresses → v1/addresses}/show.v1.rabl +0 -0
  33. data/app/views/spree/api/{adjustments → v1/adjustments}/show.v1.rabl +0 -0
  34. data/app/views/spree/api/{config → v1/config}/money.v1.rabl +0 -0
  35. data/app/views/spree/api/{config → v1/config}/show.v1.rabl +0 -0
  36. data/app/views/spree/api/{countries → v1/countries}/index.v1.rabl +0 -0
  37. data/app/views/spree/api/{countries → v1/countries}/show.v1.rabl +0 -0
  38. data/app/views/spree/api/{credit_cards → v1/credit_cards}/index.v1.rabl +1 -1
  39. data/app/views/spree/api/{credit_cards → v1/credit_cards}/show.v1.rabl +0 -0
  40. data/app/views/spree/api/{images → v1/images}/index.v1.rabl +1 -1
  41. data/app/views/spree/api/v1/images/new.v1.rabl +3 -0
  42. data/app/views/spree/api/{images → v1/images}/show.v1.rabl +0 -0
  43. data/app/views/spree/api/{inventory_units → v1/inventory_units}/show.rabl +0 -0
  44. data/app/views/spree/api/{line_items → v1/line_items}/new.v1.rabl +0 -0
  45. data/app/views/spree/api/{line_items → v1/line_items}/show.v1.rabl +3 -3
  46. data/app/views/spree/api/v1/option_types/index.v1.rabl +3 -0
  47. data/app/views/spree/api/v1/option_types/new.v1.rabl +3 -0
  48. data/app/views/spree/api/{option_types → v1/option_types}/show.v1.rabl +0 -0
  49. data/app/views/spree/api/v1/option_values/index.v1.rabl +3 -0
  50. data/app/views/spree/api/v1/option_values/new.v1.rabl +3 -0
  51. data/app/views/spree/api/{option_values → v1/option_values}/show.v1.rabl +0 -0
  52. data/app/views/spree/api/{orders → v1/orders}/address.v1.rabl +0 -0
  53. data/app/views/spree/api/{orders → v1/orders}/canceled.v1.rabl +0 -0
  54. data/app/views/spree/api/{orders → v1/orders}/cart.v1.rabl +0 -0
  55. data/app/views/spree/api/{orders → v1/orders}/complete.v1.rabl +0 -0
  56. data/app/views/spree/api/{orders → v1/orders}/could_not_apply_coupon.v1.rabl +0 -0
  57. data/app/views/spree/api/{orders → v1/orders}/could_not_transition.v1.rabl +0 -0
  58. data/app/views/spree/api/{orders → v1/orders}/index.v1.rabl +1 -1
  59. data/app/views/spree/api/{orders → v1/orders}/invalid_shipping_method.v1.rabl +0 -0
  60. data/app/views/spree/api/{orders → v1/orders}/mine.v1.rabl +1 -1
  61. data/app/views/spree/api/{orders → v1/orders}/order.v1.rabl +1 -0
  62. data/app/views/spree/api/{orders → v1/orders}/payment.v1.rabl +0 -0
  63. data/app/views/spree/api/{orders → v1/orders}/show.v1.rabl +9 -9
  64. data/app/views/spree/api/{payments → v1/payments}/credit_over_limit.v1.rabl +0 -0
  65. data/app/views/spree/api/{payments → v1/payments}/index.v1.rabl +0 -0
  66. data/app/views/spree/api/{payments → v1/payments}/new.v1.rabl +0 -0
  67. data/app/views/spree/api/{payments → v1/payments}/show.v1.rabl +0 -0
  68. data/app/views/spree/api/{payments → v1/payments}/update_forbidden.v1.rabl +0 -0
  69. data/app/views/spree/api/{product_properties → v1/product_properties}/index.v1.rabl +0 -0
  70. data/app/views/spree/api/{product_properties → v1/product_properties}/new.v1.rabl +0 -0
  71. data/app/views/spree/api/{product_properties → v1/product_properties}/show.v1.rabl +0 -0
  72. data/app/views/spree/api/{products → v1/products}/index.v1.rabl +1 -1
  73. data/app/views/spree/api/{products → v1/products}/new.v1.rabl +0 -0
  74. data/app/views/spree/api/{products → v1/products}/product.v1.rabl +0 -0
  75. data/app/views/spree/api/{products → v1/products}/show.v1.rabl +3 -3
  76. data/app/views/spree/api/{promotions → v1/promotions}/handler.v1.rabl +0 -0
  77. data/app/views/spree/api/{promotions → v1/promotions}/show.v1.rabl +0 -0
  78. data/app/views/spree/api/{properties → v1/properties}/index.v1.rabl +0 -0
  79. data/app/views/spree/api/{properties → v1/properties}/new.v1.rabl +0 -0
  80. data/app/views/spree/api/{properties → v1/properties}/show.v1.rabl +0 -0
  81. data/app/views/spree/api/{return_authorizations → v1/return_authorizations}/index.v1.rabl +0 -0
  82. data/app/views/spree/api/{return_authorizations → v1/return_authorizations}/new.v1.rabl +0 -0
  83. data/app/views/spree/api/{return_authorizations → v1/return_authorizations}/show.v1.rabl +0 -0
  84. data/app/views/spree/api/{shared → v1/shared}/stock_location_required.v1.rabl +0 -0
  85. data/app/views/spree/api/{shipments → v1/shipments}/big.v1.rabl +7 -7
  86. data/app/views/spree/api/{shipments → v1/shipments}/cannot_ready_shipment.v1.rabl +0 -0
  87. data/app/views/spree/api/{shipments → v1/shipments}/mine.v1.rabl +1 -1
  88. data/app/views/spree/api/{shipments → v1/shipments}/show.v1.rabl +3 -3
  89. data/app/views/spree/api/{shipments → v1/shipments}/small.v1.rabl +3 -3
  90. data/app/views/spree/api/{shipping_rates → v1/shipping_rates}/show.v1.rabl +0 -0
  91. data/app/views/spree/api/{states → v1/states}/index.v1.rabl +0 -0
  92. data/app/views/spree/api/{states → v1/states}/show.v1.rabl +0 -0
  93. data/app/views/spree/api/{stock_items → v1/stock_items}/index.v1.rabl +1 -1
  94. data/app/views/spree/api/{stock_items → v1/stock_items}/show.v1.rabl +1 -1
  95. data/app/views/spree/api/{stock_locations → v1/stock_locations}/index.v1.rabl +1 -1
  96. data/app/views/spree/api/{stock_locations → v1/stock_locations}/show.v1.rabl +0 -0
  97. data/app/views/spree/api/{stock_movements → v1/stock_movements}/index.v1.rabl +1 -1
  98. data/app/views/spree/api/{stock_movements → v1/stock_movements}/show.v1.rabl +1 -1
  99. data/app/views/spree/api/{stores → v1/stores}/index.v1.rabl +0 -0
  100. data/app/views/spree/api/{stores → v1/stores}/show.v1.rabl +0 -0
  101. data/app/views/spree/api/{taxonomies → v1/taxonomies}/index.v1.rabl +1 -1
  102. data/app/views/spree/api/{taxonomies → v1/taxonomies}/jstree.rabl +0 -0
  103. data/app/views/spree/api/{taxonomies → v1/taxonomies}/nested.v1.rabl +1 -1
  104. data/app/views/spree/api/{taxonomies → v1/taxonomies}/new.v1.rabl +0 -0
  105. data/app/views/spree/api/{taxonomies → v1/taxonomies}/show.v1.rabl +4 -4
  106. data/app/views/spree/api/{taxons → v1/taxons}/index.v1.rabl +1 -1
  107. data/app/views/spree/api/{taxons → v1/taxons}/jstree.rabl +0 -0
  108. data/app/views/spree/api/{taxons → v1/taxons}/new.v1.rabl +0 -0
  109. data/app/views/spree/api/{taxons → v1/taxons}/show.v1.rabl +0 -0
  110. data/app/views/spree/api/v1/taxons/taxons.v1.rabl +5 -0
  111. data/app/views/spree/api/{users → v1/users}/index.v1.rabl +1 -1
  112. data/app/views/spree/api/{users → v1/users}/new.v1.rabl +0 -0
  113. data/app/views/spree/api/{users → v1/users}/show.v1.rabl +2 -2
  114. data/app/views/spree/api/{variants → v1/variants}/big.v1.rabl +1 -1
  115. data/app/views/spree/api/{variants → v1/variants}/index.v1.rabl +1 -1
  116. data/app/views/spree/api/{variants → v1/variants}/new.v1.rabl +0 -0
  117. data/app/views/spree/api/{variants → v1/variants}/show.v1.rabl +1 -1
  118. data/app/views/spree/api/{variants → v1/variants}/small.v1.rabl +1 -1
  119. data/app/views/spree/api/{zones → v1/zones}/index.v1.rabl +1 -1
  120. data/app/views/spree/api/{zones → v1/zones}/show.v1.rabl +0 -0
  121. data/config/routes.rb +85 -88
  122. data/spec/controllers/spree/api/base_controller_spec.rb +14 -42
  123. data/spec/controllers/spree/api/{addresses_controller_spec.rb → v1/addresses_controller_spec.rb} +1 -1
  124. data/spec/controllers/spree/api/{checkouts_controller_spec.rb → v1/checkouts_controller_spec.rb} +51 -3
  125. data/spec/controllers/spree/api/{classifications_controller_spec.rb → v1/classifications_controller_spec.rb} +2 -2
  126. data/spec/controllers/spree/api/{countries_controller_spec.rb → v1/countries_controller_spec.rb} +1 -1
  127. data/spec/controllers/spree/api/{credit_cards_controller_spec.rb → v1/credit_cards_controller_spec.rb} +1 -1
  128. data/spec/controllers/spree/api/{images_controller_spec.rb → v1/images_controller_spec.rb} +23 -1
  129. data/spec/controllers/spree/api/{inventory_units_controller_spec.rb → v1/inventory_units_controller_spec.rb} +1 -1
  130. data/spec/controllers/spree/api/{line_items_controller_spec.rb → v1/line_items_controller_spec.rb} +2 -2
  131. data/spec/controllers/spree/api/{option_types_controller_spec.rb → v1/option_types_controller_spec.rb} +9 -3
  132. data/spec/controllers/spree/api/{option_values_controller_spec.rb → v1/option_values_controller_spec.rb} +8 -2
  133. data/spec/controllers/spree/api/{orders_controller_spec.rb → v1/orders_controller_spec.rb} +29 -8
  134. data/spec/controllers/spree/api/{payments_controller_spec.rb → v1/payments_controller_spec.rb} +2 -2
  135. data/spec/controllers/spree/api/{product_properties_controller_spec.rb → v1/product_properties_controller_spec.rb} +1 -1
  136. data/spec/controllers/spree/api/{products_controller_spec.rb → v1/products_controller_spec.rb} +5 -5
  137. data/spec/controllers/spree/api/{promotion_application_spec.rb → v1/promotion_application_spec.rb} +2 -2
  138. data/spec/controllers/spree/api/{promotions_controller_spec.rb → v1/promotions_controller_spec.rb} +1 -1
  139. data/spec/controllers/spree/api/{properties_controller_spec.rb → v1/properties_controller_spec.rb} +1 -1
  140. data/spec/controllers/spree/api/{return_authorizations_controller_spec.rb → v1/return_authorizations_controller_spec.rb} +1 -1
  141. data/spec/controllers/spree/api/{shipments_controller_spec.rb → v1/shipments_controller_spec.rb} +4 -4
  142. data/spec/controllers/spree/api/{states_controller_spec.rb → v1/states_controller_spec.rb} +14 -10
  143. data/spec/controllers/spree/api/{stock_items_controller_spec.rb → v1/stock_items_controller_spec.rb} +1 -1
  144. data/spec/controllers/spree/api/{stock_locations_controller_spec.rb → v1/stock_locations_controller_spec.rb} +1 -1
  145. data/spec/controllers/spree/api/{stock_movements_controller_spec.rb → v1/stock_movements_controller_spec.rb} +1 -1
  146. data/spec/controllers/spree/api/{stores_controller_spec.rb → v1/stores_controller_spec.rb} +1 -1
  147. data/spec/controllers/spree/api/{taxonomies_controller_spec.rb → v1/taxonomies_controller_spec.rb} +1 -1
  148. data/spec/controllers/spree/api/{taxons_controller_spec.rb → v1/taxons_controller_spec.rb} +1 -1
  149. data/spec/controllers/spree/api/{unauthenticated_products_controller_spec.rb → v1/unauthenticated_products_controller_spec.rb} +1 -1
  150. data/spec/controllers/spree/api/{users_controller_spec.rb → v1/users_controller_spec.rb} +1 -1
  151. data/spec/controllers/spree/api/{variants_controller_spec.rb → v1/variants_controller_spec.rb} +3 -3
  152. data/spec/controllers/spree/api/{zones_controller_spec.rb → v1/zones_controller_spec.rb} +7 -5
  153. data/spec/requests/rabl_cache_spec.rb +2 -2
  154. data/spec/requests/ransackable_attributes_spec.rb +6 -6
  155. data/spec/requests/version_spec.rb +19 -0
  156. data/spree_api.gemspec +1 -1
  157. metadata +188 -185
  158. data/CHANGELOG.md +0 -3
  159. data/app/controllers/spree/api/addresses_controller.rb +0 -43
  160. data/app/controllers/spree/api/checkouts_controller.rb +0 -98
  161. data/app/controllers/spree/api/classifications_controller.rb +0 -18
  162. data/app/controllers/spree/api/countries_controller.rb +0 -23
  163. data/app/controllers/spree/api/credit_cards_controller.rb +0 -25
  164. data/app/controllers/spree/api/images_controller.rb +0 -47
  165. data/app/controllers/spree/api/inventory_units_controller.rb +0 -52
  166. data/app/controllers/spree/api/line_items_controller.rb +0 -69
  167. data/app/controllers/spree/api/option_types_controller.rb +0 -49
  168. data/app/controllers/spree/api/option_values_controller.rb +0 -58
  169. data/app/controllers/spree/api/orders_controller.rb +0 -130
  170. data/app/controllers/spree/api/payments_controller.rb +0 -80
  171. data/app/controllers/spree/api/product_properties_controller.rb +0 -72
  172. data/app/controllers/spree/api/products_controller.rb +0 -124
  173. data/app/controllers/spree/api/promotions_controller.rb +0 -26
  174. data/app/controllers/spree/api/properties_controller.rb +0 -70
  175. data/app/controllers/spree/api/return_authorizations_controller.rb +0 -69
  176. data/app/controllers/spree/api/shipments_controller.rb +0 -149
  177. data/app/controllers/spree/api/states_controller.rb +0 -38
  178. data/app/controllers/spree/api/stock_items_controller.rb +0 -75
  179. data/app/controllers/spree/api/stock_locations_controller.rb +0 -50
  180. data/app/controllers/spree/api/stock_movements_controller.rb +0 -43
  181. data/app/controllers/spree/api/stores_controller.rb +0 -55
  182. data/app/controllers/spree/api/taxonomies_controller.rb +0 -64
  183. data/app/controllers/spree/api/taxons_controller.rb +0 -93
  184. data/app/controllers/spree/api/users_controller.rb +0 -56
  185. data/app/controllers/spree/api/variants_controller.rb +0 -73
  186. data/app/controllers/spree/api/zones_controller.rb +0 -49
  187. data/app/models/spree/option_value_decorator.rb +0 -9
  188. data/app/views/spree/api/option_types/index.v1.rabl +0 -3
  189. data/app/views/spree/api/option_values/index.v1.rabl +0 -3
  190. data/app/views/spree/api/taxons/taxons.v1.rabl +0 -5
@@ -0,0 +1,70 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class LineItemsController < Spree::Api::BaseController
5
+ class_attribute :line_item_options
6
+
7
+ self.line_item_options = []
8
+
9
+ def create
10
+ variant = Spree::Variant.find(params[:line_item][:variant_id])
11
+ @line_item = order.contents.add(
12
+ variant,
13
+ params[:line_item][:quantity] || 1,
14
+ line_item_params[:options] || {}
15
+ )
16
+
17
+ if @line_item.errors.empty?
18
+ respond_with(@line_item, status: 201, default_template: :show)
19
+ else
20
+ invalid_resource!(@line_item)
21
+ end
22
+ end
23
+
24
+ def update
25
+ @line_item = find_line_item
26
+ if @order.contents.update_cart(line_items_attributes)
27
+ @line_item.reload
28
+ respond_with(@line_item, default_template: :show)
29
+ else
30
+ invalid_resource!(@line_item)
31
+ end
32
+ end
33
+
34
+ def destroy
35
+ @line_item = find_line_item
36
+ @order.contents.remove_line_item(@line_item)
37
+ respond_with(@line_item, status: 204)
38
+ end
39
+
40
+ private
41
+ def order
42
+ @order ||= Spree::Order.includes(:line_items).find_by!(number: order_id)
43
+ authorize! :update, @order, order_token
44
+ end
45
+
46
+ def find_line_item
47
+ id = params[:id].to_i
48
+ order.line_items.detect { |line_item| line_item.id == id } or
49
+ raise ActiveRecord::RecordNotFound
50
+ end
51
+
52
+ def line_items_attributes
53
+ {line_items_attributes: {
54
+ id: params[:id],
55
+ quantity: params[:line_item][:quantity],
56
+ options: line_item_params[:options] || {}
57
+ }}
58
+ end
59
+
60
+ def line_item_params
61
+ params.require(:line_item).permit(
62
+ :quantity,
63
+ :variant_id,
64
+ options: line_item_options
65
+ )
66
+ end
67
+ end
68
+ end
69
+ end
70
+ end
@@ -0,0 +1,51 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class OptionTypesController < Spree::Api::BaseController
5
+ def index
6
+ if params[:ids]
7
+ @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).where(id: params[:ids].split(','))
8
+ else
9
+ @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).load.ransack(params[:q]).result
10
+ end
11
+ respond_with(@option_types)
12
+ end
13
+
14
+ def show
15
+ @option_type = Spree::OptionType.accessible_by(current_ability, :read).find(params[:id])
16
+ respond_with(@option_type)
17
+ end
18
+
19
+ def create
20
+ authorize! :create, Spree::OptionType
21
+ @option_type = Spree::OptionType.new(option_type_params)
22
+ if @option_type.save
23
+ render :show, :status => 201
24
+ else
25
+ invalid_resource!(@option_type)
26
+ end
27
+ end
28
+
29
+ def update
30
+ @option_type = Spree::OptionType.accessible_by(current_ability, :update).find(params[:id])
31
+ if @option_type.update_attributes(option_type_params)
32
+ render :show
33
+ else
34
+ invalid_resource!(@option_type)
35
+ end
36
+ end
37
+
38
+ def destroy
39
+ @option_type = Spree::OptionType.accessible_by(current_ability, :destroy).find(params[:id])
40
+ @option_type.destroy
41
+ render :text => nil, :status => 204
42
+ end
43
+
44
+ private
45
+ def option_type_params
46
+ params.require(:option_type).permit(permitted_option_type_attributes)
47
+ end
48
+ end
49
+ end
50
+ end
51
+ end
@@ -0,0 +1,60 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class OptionValuesController < Spree::Api::BaseController
5
+ def index
6
+ if params[:ids]
7
+ @option_values = scope.where(:id => params[:ids])
8
+ else
9
+ @option_values = scope.ransack(params[:q]).result.distinct
10
+ end
11
+ respond_with(@option_values)
12
+ end
13
+
14
+ def show
15
+ @option_value = scope.find(params[:id])
16
+ respond_with(@option_value)
17
+ end
18
+
19
+ def create
20
+ authorize! :create, Spree::OptionValue
21
+ @option_value = scope.new(option_value_params)
22
+ if @option_value.save
23
+ render :show, :status => 201
24
+ else
25
+ invalid_resource!(@option_value)
26
+ end
27
+ end
28
+
29
+ def update
30
+ @option_value = scope.accessible_by(current_ability, :update).find(params[:id])
31
+ if @option_value.update_attributes(option_value_params)
32
+ render :show
33
+ else
34
+ invalid_resource!(@option_value)
35
+ end
36
+ end
37
+
38
+ def destroy
39
+ @option_value = scope.accessible_by(current_ability, :destroy).find(params[:id])
40
+ @option_value.destroy
41
+ render :text => nil, :status => 204
42
+ end
43
+
44
+ private
45
+
46
+ def scope
47
+ if params[:option_type_id]
48
+ @scope ||= Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability, :read)
49
+ else
50
+ @scope ||= Spree::OptionValue.accessible_by(current_ability, :read).load
51
+ end
52
+ end
53
+
54
+ def option_value_params
55
+ params.require(:option_value).permit(permitted_option_value_attributes)
56
+ end
57
+ end
58
+ end
59
+ end
60
+ end
@@ -0,0 +1,137 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class OrdersController < Spree::Api::BaseController
5
+ skip_before_action :authenticate_user, only: :apply_coupon_code
6
+
7
+ before_action :find_order, except: [:create, :mine, :current, :index, :update]
8
+
9
+ # Dynamically defines our stores checkout steps to ensure we check authorization on each step.
10
+ Order.checkout_steps.keys.each do |step|
11
+ define_method step do
12
+ find_order
13
+ authorize! :update, @order, params[:token]
14
+ end
15
+ end
16
+
17
+ def cancel
18
+ authorize! :update, @order, params[:token]
19
+ @order.canceled_by(current_api_user)
20
+ respond_with(@order, default_template: :show)
21
+ end
22
+
23
+ def approve
24
+ authorize! :approve, @order, params[:token]
25
+ @order.approved_by(current_api_user)
26
+ respond_with(@order, default_template: :show)
27
+ end
28
+
29
+ def create
30
+ authorize! :create, Order
31
+ order_user = if @current_user_roles.include?('admin') && order_params[:user_id]
32
+ Spree.user_class.find(order_params[:user_id])
33
+ else
34
+ current_api_user
35
+ end
36
+
37
+ import_params = if @current_user_roles.include?("admin")
38
+ params[:order].present? ? params[:order].permit! : {}
39
+ else
40
+ order_params
41
+ end
42
+
43
+ @order = Spree::Core::Importer::Order.import(order_user, import_params)
44
+ respond_with(@order, default_template: :show, status: 201)
45
+ end
46
+
47
+ def empty
48
+ authorize! :update, @order, order_token
49
+ @order.empty!
50
+ render text: nil, status: 204
51
+ end
52
+
53
+ def index
54
+ authorize! :index, Order
55
+ @orders = Order.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
56
+ respond_with(@orders)
57
+ end
58
+
59
+ def show
60
+ authorize! :show, @order, order_token
61
+ respond_with(@order)
62
+ end
63
+
64
+ def update
65
+ find_order(true)
66
+ authorize! :update, @order, order_token
67
+
68
+ if @order.contents.update_cart(order_params)
69
+ user_id = params[:order][:user_id]
70
+ if current_api_user.has_spree_role?('admin') && user_id
71
+ @order.associate_user!(Spree.user_class.find(user_id))
72
+ end
73
+ respond_with(@order, default_template: :show)
74
+ else
75
+ invalid_resource!(@order)
76
+ end
77
+ end
78
+
79
+ def current
80
+ @order = find_current_order
81
+ if @order
82
+ respond_with(@order, default_template: :show, locals: { root_object: @order })
83
+ else
84
+ head :no_content
85
+ end
86
+ end
87
+
88
+ def mine
89
+ if current_api_user.persisted?
90
+ @orders = current_api_user.orders.reverse_chronological.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
91
+ else
92
+ render "spree/api/errors/unauthorized", status: :unauthorized
93
+ end
94
+ end
95
+
96
+ def apply_coupon_code
97
+ find_order
98
+ authorize! :update, @order, order_token
99
+ @order.coupon_code = params[:coupon_code]
100
+ @handler = PromotionHandler::Coupon.new(@order).apply
101
+ status = @handler.successful? ? 200 : 422
102
+ render "spree/api/v1/promotions/handler", status: status
103
+ end
104
+
105
+ private
106
+ def order_params
107
+ if params[:order]
108
+ normalize_params
109
+ params.require(:order).permit(permitted_order_attributes)
110
+ else
111
+ {}
112
+ end
113
+ end
114
+
115
+ def normalize_params
116
+ params[:order][:payments_attributes] = params[:order].delete(:payments) if params[:order][:payments]
117
+ params[:order][:shipments_attributes] = params[:order].delete(:shipments) if params[:order][:shipments]
118
+ params[:order][:line_items_attributes] = params[:order].delete(:line_items) if params[:order][:line_items]
119
+ params[:order][:ship_address_attributes] = params[:order].delete(:ship_address) if params[:order][:ship_address]
120
+ params[:order][:bill_address_attributes] = params[:order].delete(:bill_address) if params[:order][:bill_address]
121
+ end
122
+
123
+ def find_order(lock = false)
124
+ @order = Spree::Order.lock(lock).friendly.find(params[:id])
125
+ end
126
+
127
+ def find_current_order
128
+ current_api_user ? current_api_user.orders.incomplete.order(:created_at).last : nil
129
+ end
130
+
131
+ def order_id
132
+ super || params[:id]
133
+ end
134
+ end
135
+ end
136
+ end
137
+ end
@@ -0,0 +1,82 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class PaymentsController < Spree::Api::BaseController
5
+
6
+ before_action :find_order
7
+ before_action :find_payment, only: [:update, :show, :authorize, :purchase, :capture, :void]
8
+
9
+ def index
10
+ @payments = @order.payments.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
11
+ respond_with(@payments)
12
+ end
13
+
14
+ def new
15
+ @payment_methods = Spree::PaymentMethod.available
16
+ respond_with(@payment_methods)
17
+ end
18
+
19
+ def create
20
+ @payment = @order.payments.build(payment_params)
21
+ if @payment.save
22
+ respond_with(@payment, status: 201, default_template: :show)
23
+ else
24
+ invalid_resource!(@payment)
25
+ end
26
+ end
27
+
28
+ def update
29
+ authorize! params[:action], @payment
30
+ if !@payment.editable?
31
+ render 'update_forbidden', status: 403
32
+ elsif @payment.update_attributes(payment_params)
33
+ respond_with(@payment, default_template: :show)
34
+ else
35
+ invalid_resource!(@payment)
36
+ end
37
+ end
38
+
39
+ def show
40
+ respond_with(@payment)
41
+ end
42
+
43
+ def authorize
44
+ perform_payment_action(:authorize)
45
+ end
46
+
47
+ def capture
48
+ perform_payment_action(:capture)
49
+ end
50
+
51
+ def purchase
52
+ perform_payment_action(:purchase)
53
+ end
54
+
55
+ def void
56
+ perform_payment_action(:void_transaction)
57
+ end
58
+
59
+ private
60
+
61
+ def find_order
62
+ @order = Spree::Order.friendly.find(order_id)
63
+ authorize! :read, @order, order_token
64
+ end
65
+
66
+ def find_payment
67
+ @payment = @order.payments.friendly.find(params[:id])
68
+ end
69
+
70
+ def perform_payment_action(action, *args)
71
+ authorize! action, Payment
72
+ @payment.send("#{action}!", *args)
73
+ respond_with(@payment, default_template: :show)
74
+ end
75
+
76
+ def payment_params
77
+ params.require(:payment).permit(permitted_payment_attributes)
78
+ end
79
+ end
80
+ end
81
+ end
82
+ end
@@ -0,0 +1,73 @@
1
+ module Spree
2
+ module Api
3
+ module V1
4
+ class ProductPropertiesController < Spree::Api::BaseController
5
+ before_action :find_product
6
+ before_action :product_property, only: [:show, :update, :destroy]
7
+
8
+ def index
9
+ @product_properties = @product.product_properties.accessible_by(current_ability, :read).
10
+ ransack(params[:q]).result.
11
+ page(params[:page]).per(params[:per_page])
12
+ respond_with(@product_properties)
13
+ end
14
+
15
+ def show
16
+ respond_with(@product_property)
17
+ end
18
+
19
+ def new
20
+ end
21
+
22
+ def create
23
+ authorize! :create, ProductProperty
24
+ @product_property = @product.product_properties.new(product_property_params)
25
+ if @product_property.save
26
+ respond_with(@product_property, status: 201, default_template: :show)
27
+ else
28
+ invalid_resource!(@product_property)
29
+ end
30
+ end
31
+
32
+ def update
33
+ if @product_property
34
+ authorize! :update, @product_property
35
+ @product_property.update_attributes(product_property_params)
36
+ respond_with(@product_property, status: 200, default_template: :show)
37
+ else
38
+ invalid_resource!(@product_property)
39
+ end
40
+ end
41
+
42
+ def destroy
43
+ if @product_property
44
+ authorize! :destroy, @product_property
45
+ @product_property.destroy
46
+ respond_with(@product_property, status: 204)
47
+ else
48
+ invalid_resource!(@product_property)
49
+ end
50
+ end
51
+
52
+ private
53
+
54
+ def find_product
55
+ @product = super(params[:product_id])
56
+ authorize! :read, @product
57
+ end
58
+
59
+ def product_property
60
+ if @product
61
+ @product_property ||= @product.product_properties.find_by(id: params[:id])
62
+ @product_property ||= @product.product_properties.includes(:property).where(spree_properties: { name: params[:id] }).first
63
+ authorize! :read, @product_property
64
+ end
65
+ end
66
+
67
+ def product_property_params
68
+ params.require(:product_property).permit(permitted_product_properties_attributes)
69
+ end
70
+ end
71
+ end
72
+ end
73
+ end