RubyGems - spree_api - Versions diffs - 3.1.14 → 3.2.0.rc1 - Mend

spree_api 3.1.14 → 3.2.0.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (100) hide show

data/db/migrate/20100107141738_add_api_key_to_spree_users.rb CHANGED Viewed

@@ -1,7 +1,7 @@
-class AddApiKeyToSpreeUsers < ActiveRecord::Migration
+class AddApiKeyToSpreeUsers < ActiveRecord::Migration[4.2]
   def change
     unless defined?(User)
-      add_column :spree_users, :api_key, :string, :limit => 40
+      add_column :spree_users, :api_key, :string, limit: 40
     end
   end
 end

data/db/migrate/20120411123334_resize_api_key_field.rb CHANGED Viewed

@@ -1,7 +1,7 @@
-class ResizeApiKeyField < ActiveRecord::Migration
+class ResizeApiKeyField < ActiveRecord::Migration[4.2]
   def change
     unless defined?(User)
-      change_column :spree_users, :api_key, :string, :limit => 48
+      change_column :spree_users, :api_key, :string, limit: 48
     end
   end
 end

data/db/migrate/20120530054546_rename_api_key_to_spree_api_key.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-class RenameApiKeyToSpreeApiKey < ActiveRecord::Migration
+class RenameApiKeyToSpreeApiKey < ActiveRecord::Migration[4.2]
   def change
     unless defined?(User)
       rename_column :spree_users, :api_key, :spree_api_key

data/db/migrate/20131017162334_add_index_to_user_spree_api_key.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-class AddIndexToUserSpreeApiKey < ActiveRecord::Migration
+class AddIndexToUserSpreeApiKey < ActiveRecord::Migration[4.2]
   def change
     unless defined?(User)
       add_index :spree_users, :spree_api_key

data/lib/spree/api/engine.rb CHANGED Viewed

@@ -17,10 +17,18 @@ module Spree
         config.json_engine = ActiveSupport::JSON
       end
-      config.versioncake.supported_version_numbers = [1]
-      config.versioncake.extraction_strategy = :http_header
+      initializer "spree.api.versioncake" do |_app|
+        VersionCake.setup do |config|
+          config.resources do |r|
+            r.resource %r{.*}, [], [], [1]
+          end
-      initializer "spree.api.environment", :before => :load_config_initializers do |app|
+          config.missing_version = 1
+          config.extraction_strategy = :http_header
+        end
+      end
+      initializer "spree.api.environment", before: :load_config_initializers do |app|
         Spree::Api::Config = Spree::ApiConfiguration.new
       end

data/lib/spree/api/responders/rabl_template.rb CHANGED Viewed

@@ -4,7 +4,7 @@ module Spree
       module RablTemplate
         def to_format
           if template
-            render template, :status => options[:status] || 200
+            render template, status: options[:status] || 200
           else
             super
           end

data/lib/spree/api/testing_support/caching.rb CHANGED Viewed

@@ -1,9 +1,9 @@
 RSpec.configure do |config|
-  config.before(:each, :caching => true) do
+  config.before(:each, caching: true) do
     ActionController::Base.perform_caching = true
   end
-  config.after(:each, :caching => true) do
+  config.after(:each, caching: true) do
     ActionController::Base.perform_caching = false
     Rails.cache.clear
   end

data/spec/controllers/spree/api/base_controller_spec.rb ADDED Viewed

@@ -0,0 +1,96 @@
+require 'spec_helper'
+class FakesController < Spree::Api::BaseController
+end
+describe Spree::Api::BaseController, type: :controller do
+  render_views
+  controller(Spree::Api::BaseController) do
+    def index
+      render plain: { "products" => [] }.to_json
+    end
+  end
+  before do
+    @routes = ActionDispatch::Routing::RouteSet.new.tap do |r|
+      r.draw { get 'index', to: 'spree/api/base#index' }
+    end
+  end
+  context "when validating based on an order token" do
+    let!(:order) { create :order }
+    context "with a correct order token" do
+      it "succeeds" do
+        api_get :index, order_token: order.guest_token, order_id: order.number
+        expect(response.status).to eq(200)
+      end
+      it "succeeds with an order_number parameter" do
+        api_get :index, order_token: order.guest_token, order_number: order.number
+        expect(response.status).to eq(200)
+      end
+    end
+    context "with an incorrect order token" do
+      it "returns unauthorized" do
+        api_get :index, order_token: "NOT_A_TOKEN", order_id: order.number
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+  context "cannot make a request to the API" do
+    it "without an API key" do
+      api_get :index
+      expect(json_response).to eq({ "error" => "You must specify an API key." })
+      expect(response.status).to eq(401)
+    end
+    it "with an invalid API key" do
+      request.headers["X-Spree-Token"] = "fake_key"
+      get :index
+      expect(json_response).to eq({ "error" => "Invalid API key (fake_key) specified." })
+      expect(response.status).to eq(401)
+    end
+    it "using an invalid token param" do
+      get :index, params: { token: "fake_key" }
+      expect(json_response).to eq({ "error" => "Invalid API key (fake_key) specified." })
+    end
+  end
+  it 'handles parameter missing exceptions' do
+    expect(subject).to receive(:authenticate_user).and_return(true)
+    expect(subject).to receive(:load_user_roles).and_return(true)
+    expect(subject).to receive(:index).and_raise(ActionController::ParameterMissing.new('foo'))
+    get :index, params: { token: 'exception-message' }
+    expect(json_response).to eql('exception' => 'param is missing or the value is empty: foo')
+  end
+  it 'handles record invalid exceptions' do
+    expect(subject).to receive(:authenticate_user).and_return(true)
+    expect(subject).to receive(:load_user_roles).and_return(true)
+    resource = Spree::Product.new
+    resource.valid? # get some errors
+    expect(subject).to receive(:index).and_raise(ActiveRecord::RecordInvalid.new(resource))
+    get :index, params: { token: 'exception-message' }
+    expect(json_response).to eql('exception' => "Validation failed: Name can't be blank, Shipping Category can't be blank, Price can't be blank")
+  end
+  it "maps semantic keys to nested_attributes keys" do
+    klass = double(nested_attributes_options: { line_items: {},
+                                                  bill_address: {} })
+    attributes = { 'line_items' => { id: 1 },
+                   'bill_address' => { id: 2 },
+                   'name' => 'test order' }
+    mapped = subject.map_nested_attributes_keys(klass, attributes)
+    expect(mapped.has_key?('line_items_attributes')).to be true
+    expect(mapped.has_key?('name')).to be true
+  end
+  it "lets a subclass override the product associations that are eager-loaded" do
+    expect(controller.respond_to?(:product_includes, true)).to be
+  end
+end

data/spec/controllers/spree/api/v1/addresses_controller_spec.rb ADDED Viewed

@@ -0,0 +1,56 @@
+require 'spec_helper'
+module Spree
+  describe Api::V1::AddressesController, type: :controller do
+    render_views
+    before do
+      stub_authentication!
+      @address = create(:address)
+      @order = create(:order, bill_address: @address)
+    end
+    context "with their own address" do
+      before do
+        allow_any_instance_of(Order).to receive_messages user: current_api_user
+      end
+      it "gets an address" do
+        api_get :show, id: @address.id, order_id: @order.number
+        expect(json_response['address1']).to eq @address.address1
+      end
+      it "updates an address" do
+        api_put :update, id: @address.id, order_id: @order.number,
+                         address: { address1: "123 Test Lane" }
+        expect(json_response['address1']).to eq '123 Test Lane'
+      end
+      it "receives the errors object if address is invalid" do
+        api_put :update, id: @address.id, order_id: @order.number,
+                         address: { address1: "" }
+        expect(json_response['error']).not_to be_nil
+        expect(json_response['errors']).not_to be_nil
+        expect(json_response['errors']['address1'].first).to eq "can't be blank"
+      end
+    end
+    context "on an address that does not belong to this order" do
+      before do
+        @order.bill_address_id = nil
+        @order.ship_address = nil
+      end
+      it "cannot retrieve address information" do
+        api_get :show, id: @address.id, order_id: @order.number
+        assert_unauthorized!
+      end
+      it "cannot update address information" do
+        api_get :update, id: @address.id, order_id: @order.number
+        assert_unauthorized!
+      end
+    end
+  end
+end

data/spec/controllers/spree/api/v1/checkouts_controller_spec.rb ADDED Viewed

@@ -0,0 +1,363 @@
+require 'spec_helper'
+module Spree
+  describe Api::V1::CheckoutsController, type: :controller do
+    render_views
+    shared_examples_for 'action which loads order using load_order_with_lock' do
+      before do
+        allow(controller).to receive(:load_order).with(true).and_return(true)
+      end
+      it 'should invoke load_order_with_lock' do
+        expect(controller).to receive(:load_order_with_lock).exactly(1).times
+      end
+      it 'should invoke load_order' do
+        expect(controller).to receive(:load_order).with(true).exactly(1).times.and_return(true)
+      end
+      context 'ensure no double_render_error' do
+        before do
+          def controller.load_order(*)
+            respond_with(@order, default_template: 'spree/api/v1/orders/show', status: 200)
+          end
+        end
+        it 'should not generate double_render_error' do
+          expect(response).to be_success
+        end
+      end
+      after do
+        send_request
+      end
+    end
+    before(:each) do
+      stub_authentication!
+      Spree::Config[:track_inventory_levels] = false
+      country_zone = create(:zone, name: 'CountryZone')
+      @state = create(:state)
+      @country = @state.country
+      country_zone.members.create(zoneable: @country)
+      create(:stock_location)
+      @shipping_method = create(:shipping_method, zones: [country_zone])
+      @payment_method = create(:credit_card_payment_method)
+    end
+    after do
+      Spree::Config[:track_inventory_levels] = true
+    end
+    context "PUT 'update'" do
+      let(:order) do
+        order = create(:order_with_line_items)
+        # Order should be in a pristine state
+        # Without doing this, the order may transition from 'cart' straight to 'delivery'
+        order.shipments.delete_all
+        order
+      end
+      before(:each) do
+        allow_any_instance_of(Order).to receive_messages(confirmation_required?: true)
+        allow_any_instance_of(Order).to receive_messages(payment_required?: true)
+      end
+      it "should transition a recently created order from cart to address" do
+        expect(order.state).to eq "cart"
+        expect(order.email).not_to be_nil
+        api_put :update, id: order.to_param, order_token: order.guest_token
+        expect(order.reload.state).to eq "address"
+      end
+      it "should transition a recently created order from cart to address with order token in header" do
+        expect(order.state).to eq "cart"
+        expect(order.email).not_to be_nil
+        request.headers["X-Spree-Order-Token"] = order.guest_token
+        api_put :update, id: order.to_param
+        expect(order.reload.state).to eq "address"
+      end
+      it "can take line_items_attributes as a parameter" do
+        line_item = order.line_items.first
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+                         order: { line_items_attributes: { 0 => { id: line_item.id, quantity: 1 } } }
+        expect(response.status).to eq(200)
+        expect(order.reload.state).to eq "address"
+      end
+      it "can take line_items as a parameter" do
+        line_item = order.line_items.first
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+                         order: { line_items: { 0 => { id: line_item.id, quantity: 1 } } }
+        expect(response.status).to eq(200)
+        expect(order.reload.state).to eq "address"
+      end
+      it "will return an error if the order cannot transition" do
+        skip "not sure if this test is valid"
+        order.bill_address = nil
+        order.save
+        order.update_column(:state, "address")
+        api_put :update, id: order.to_param, order_token: order.guest_token
+        # Order has not transitioned
+        expect(response.status).to eq(422)
+      end
+      context "transitioning to delivery" do
+        before do
+          order.update_column(:state, "address")
+        end
+        let(:address) do
+          {
+            firstname:  'John',
+            lastname:   'Doe',
+            address1:   '7735 Old Georgetown Road',
+            city:       'Bethesda',
+            phone:      '3014445002',
+            zipcode:    '20814',
+            state_id:   @state.id,
+            country_id: @country.id
+          }
+        end
+        it "can update addresses and transition from address to delivery" do
+          api_put :update,
+            id: order.to_param, order_token: order.guest_token,
+            order: {
+              bill_address_attributes: address,
+              ship_address_attributes: address
+            }
+          expect(json_response['state']).to eq('delivery')
+          expect(json_response['bill_address']['firstname']).to eq('John')
+          expect(json_response['ship_address']['firstname']).to eq('John')
+          expect(response.status).to eq(200)
+        end
+        # Regression Spec for #5389 & #5880
+        it "can update addresses but not transition to delivery w/o shipping setup" do
+          Spree::ShippingMethod.destroy_all
+          api_put :update,
+            id: order.to_param, order_token: order.guest_token,
+            order: {
+              bill_address_attributes: address,
+              ship_address_attributes: address
+            }
+          expect(json_response['error']).to eq(I18n.t(:could_not_transition, scope: "spree.api.order"))
+          expect(response.status).to eq(422)
+        end
+        # Regression test for #4498
+        it "does not contain duplicate variant data in delivery return" do
+          api_put :update,
+            id: order.to_param, order_token: order.guest_token,
+            order: {
+              bill_address_attributes: address,
+              ship_address_attributes: address
+            }
+          # Shipments manifests should not return the ENTIRE variant
+          # This information is already present within the order's line items
+          expect(json_response['shipments'].first['manifest'].first['variant']).to be_nil
+          expect(json_response['shipments'].first['manifest'].first['variant_id']).to_not be_nil
+        end
+      end
+      it "can update shipping method and transition from delivery to payment" do
+        order.update_column(:state, "delivery")
+        shipment = create(:shipment, order: order)
+        shipment.refresh_rates
+        shipping_rate = shipment.shipping_rates.where(selected: false).first
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { shipments_attributes: { "0" => { selected_shipping_rate_id: shipping_rate.id, id: shipment.id } } }
+        expect(response.status).to eq(200)
+        # Find the correct shipment...
+        json_shipment = json_response['shipments'].detect { |s| s["id"] == shipment.id }
+        # Find the correct shipping rate for that shipment...
+        json_shipping_rate = json_shipment['shipping_rates'].detect { |sr| sr["id"] == shipping_rate.id }
+        # ... And finally ensure that it's selected
+        expect(json_shipping_rate['selected']).to be true
+        # Order should automatically transfer to payment because all criteria are met
+        expect(json_response['state']).to eq('payment')
+      end
+      it "can update payment method and transition from payment to confirm" do
+        order.update_column(:state, "payment")
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { payments_attributes: [{ payment_method_id: @payment_method.id }] }
+        expect(json_response['state']).to eq('confirm')
+        expect(json_response['payments'][0]['payment_method']['name']).to eq(@payment_method.name)
+        expect(json_response['payments'][0]['amount']).to eq(order.total.to_s)
+        expect(response.status).to eq(200)
+      end
+      it "can update payment method with source and transition from payment to confirm" do
+        order.update_column(:state, "payment")
+        source_attributes = {
+          number: "4111111111111111",
+          month: 1.month.from_now.month,
+          year: 1.month.from_now.year,
+          verification_value: "123",
+          name: "Spree Commerce"
+        }
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { payments_attributes: [{ payment_method_id: @payment_method.id.to_s }],
+                      payment_source: { @payment_method.id.to_s => source_attributes } }
+        expect(json_response['payments'][0]['payment_method']['name']).to eq(@payment_method.name)
+        expect(json_response['payments'][0]['amount']).to eq(order.total.to_s)
+        expect(response.status).to eq(200)
+      end
+      it "returns errors when source is missing attributes" do
+        order.update_column(:state, "payment")
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: {
+            payments_attributes: [{ payment_method_id: @payment_method.id }]
+          },
+          payment_source: {
+            @payment_method.id.to_s => { name: "Spree" }
+          }
+        expect(response.status).to eq(422)
+        cc_errors = json_response['errors']['payments.Credit Card']
+        expect(cc_errors).to include("Number can't be blank")
+        expect(cc_errors).to include("Month is not a number")
+        expect(cc_errors).to include("Year is not a number")
+        expect(cc_errors).to include("Verification Value can't be blank")
+      end
+      it "allow users to reuse a credit card" do
+        order.update_column(:state, "payment")
+        credit_card = create(:credit_card, user_id: order.user_id, payment_method_id: @payment_method.id)
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { existing_card: credit_card.id }
+        expect(response.status).to eq 200
+        expect(order.credit_cards).to match_array [credit_card]
+      end
+      it "can transition from confirm to complete" do
+        order.update_columns(state: 'confirm')
+        allow_any_instance_of(Spree::Order).to receive_messages(payment_required?: false)
+        api_put :update, id: order.to_param, order_token: order.guest_token
+        expect(json_response['state']).to eq('complete')
+        expect(response.status).to eq(200)
+      end
+      it "returns the order if the order is already complete" do
+        order.update_columns(completed_at: Time.current, state: 'complete')
+        api_put :update, id: order.to_param, order_token: order.guest_token
+        expect(json_response['number']).to eq(order.number)
+        expect(response.status).to eq(200)
+      end
+      # Regression test for #3784
+      it "can update the special instructions for an order" do
+        instructions = "Don't drop it. (Please)"
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { special_instructions: instructions }
+        expect(json_response['special_instructions']).to eql(instructions)
+      end
+      context "as an admin" do
+        sign_in_as_admin!
+        it "can assign a user to the order" do
+          user = create(:user)
+          # Need to pass email as well so that validations succeed
+          api_put :update, id: order.to_param, order_token: order.guest_token,
+            order: { user_id: user.id, email: "guest@spreecommerce.org" }
+          expect(response.status).to eq(200)
+          expect(json_response['user_id']).to eq(user.id)
+        end
+      end
+      it "can assign an email to the order" do
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { email: "guest@spreecommerce.org" }
+        expect(json_response['email']).to eq("guest@spreecommerce.org")
+        expect(response.status).to eq(200)
+      end
+      it "can apply a coupon code to an order" do
+        skip "ensure that the order totals are properly updated, see frontend orders_controller or checkout_controller as example"
+        order.update_column(:state, "payment")
+        expect(PromotionHandler::Coupon).to receive(:new).with(order).and_call_original
+        expect_any_instance_of(PromotionHandler::Coupon).to receive(:apply).and_return({ coupon_applied?: true })
+        api_put :update, id: order.to_param, order_token: order.guest_token, order: { coupon_code: "foobar" }
+      end
+      def send_request
+        api_put :update, id: order.to_param, order_token: order.guest_token
+      end
+      it_should_behave_like 'action which loads order using load_order_with_lock'
+    end
+    context "PUT 'next'" do
+      let!(:order) { create(:order_with_line_items) }
+      it "cannot transition to address without a line item" do
+        order.line_items.delete_all
+        order.update_column(:email, "spree@example.com")
+        api_put :next, id: order.to_param, order_token: order.guest_token
+        expect(response.status).to eq(422)
+        expect(json_response["errors"]["base"]).to include(Spree.t(:there_are_no_items_for_this_order))
+      end
+      it "can transition an order to the next state" do
+        order.update_column(:email, "spree@example.com")
+        api_put :next, id: order.to_param, order_token: order.guest_token
+        expect(response.status).to eq(200)
+        expect(json_response['state']).to eq('address')
+      end
+      it "cannot transition if order email is blank" do
+        order.update_columns(
+          state: 'address',
+          email: nil
+        )
+        api_put :next, id: order.to_param, order_token: order.guest_token
+        expect(response.status).to eq(422)
+        expect(json_response['error']).to match(/could not be transitioned/)
+      end
+      it "doesnt advance payment state if order has no payment" do
+        order.update_column(:state, "payment")
+        api_put :next, id: order.to_param, order_token: order.guest_token, order: {}
+        expect(json_response["errors"]["base"]).to include(Spree.t(:no_payment_found))
+      end
+      def send_request
+        api_put :next, id: order.to_param, order_token: order.guest_token
+      end
+      it_should_behave_like 'action which loads order using load_order_with_lock'
+    end
+    context "PUT 'advance'" do
+      let!(:order) { create(:order_with_line_items) }
+      it 'continues to advance advances an order while it can move forward' do
+        expect_any_instance_of(Spree::Order).to receive(:next).exactly(3).times.and_return(true, true, false)
+        api_put :advance, id: order.to_param, order_token: order.guest_token
+      end
+      it 'returns the order' do
+        api_put :advance, id: order.to_param, order_token: order.guest_token
+        expect(json_response['id']).to eq(order.id)
+      end
+      def send_request
+        api_put :advance, id: order.to_param, order_token: order.guest_token
+      end
+      it_should_behave_like 'action which loads order using load_order_with_lock'
+    end
+  end
+end