RubyGems - spree_api - Versions diffs - 3.1.14 → 3.2.0.rc1 - Mend

spree_api 3.1.14 → 3.2.0.rc1

Files changed (100) hide show

data/db/migrate/20100107141738_add_api_key_to_spree_users.rb CHANGED Viewed

@@ -1,7 +1,7 @@
-class AddApiKeyToSpreeUsers < ActiveRecord::Migration
+class AddApiKeyToSpreeUsers < ActiveRecord::Migration[4.2]
   def change
     unless defined?(User)
-      add_column :spree_users, :api_key, :string, :limit => 40
+      add_column :spree_users, :api_key, :string, limit: 40
     end
   end
 end

data/db/migrate/20120411123334_resize_api_key_field.rb CHANGED Viewed

@@ -1,7 +1,7 @@
-class ResizeApiKeyField < ActiveRecord::Migration
+class ResizeApiKeyField < ActiveRecord::Migration[4.2]
   def change
     unless defined?(User)
-      change_column :spree_users, :api_key, :string, :limit => 48
+      change_column :spree_users, :api_key, :string, limit: 48
     end
   end
 end

data/db/migrate/20120530054546_rename_api_key_to_spree_api_key.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-class RenameApiKeyToSpreeApiKey < ActiveRecord::Migration
+class RenameApiKeyToSpreeApiKey < ActiveRecord::Migration[4.2]
   def change
     unless defined?(User)
       rename_column :spree_users, :api_key, :spree_api_key

data/db/migrate/20131017162334_add_index_to_user_spree_api_key.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-class AddIndexToUserSpreeApiKey < ActiveRecord::Migration
+class AddIndexToUserSpreeApiKey < ActiveRecord::Migration[4.2]
   def change
     unless defined?(User)
       add_index :spree_users, :spree_api_key

data/lib/spree/api/engine.rb CHANGED Viewed

@@ -17,10 +17,18 @@ module Spree
         config.json_engine = ActiveSupport::JSON
       end
-      config.versioncake.supported_version_numbers = [1]
-      config.versioncake.extraction_strategy = :http_header
+      initializer "spree.api.versioncake" do |_app|
+        VersionCake.setup do |config|
+          config.resources do |r|
+            r.resource %r{.*}, [], [], [1]
+          end
-      initializer "spree.api.environment", :before => :load_config_initializers do |app|
+          config.missing_version = 1
+          config.extraction_strategy = :http_header
+        end
+      end
+      initializer "spree.api.environment", before: :load_config_initializers do |app|
         Spree::Api::Config = Spree::ApiConfiguration.new
       end

data/lib/spree/api/responders/rabl_template.rb CHANGED Viewed

@@ -4,7 +4,7 @@ module Spree
       module RablTemplate
         def to_format
           if template
-            render template, :status => options[:status] || 200
+            render template, status: options[:status] || 200
           else
             super
           end

data/lib/spree/api/testing_support/caching.rb CHANGED Viewed

@@ -1,9 +1,9 @@
 RSpec.configure do |config|
-  config.before(:each, :caching => true) do
+  config.before(:each, caching: true) do
     ActionController::Base.perform_caching = true
   end
-  config.after(:each, :caching => true) do
+  config.after(:each, caching: true) do
     ActionController::Base.perform_caching = false
     Rails.cache.clear
   end

data/spec/controllers/spree/api/base_controller_spec.rb ADDED Viewed

@@ -0,0 +1,96 @@
+require 'spec_helper'
+class FakesController < Spree::Api::BaseController
+end
+describe Spree::Api::BaseController, type: :controller do
+  render_views
+  controller(Spree::Api::BaseController) do
+    def index
+      render plain: { "products" => [] }.to_json
+    end
+  end
+  before do
+    @routes = ActionDispatch::Routing::RouteSet.new.tap do |r|
+      r.draw { get 'index', to: 'spree/api/base#index' }
+    end
+  end
+  context "when validating based on an order token" do
+    let!(:order) { create :order }
+    context "with a correct order token" do
+      it "succeeds" do
+        api_get :index, order_token: order.guest_token, order_id: order.number
+        expect(response.status).to eq(200)
+      end
+      it "succeeds with an order_number parameter" do
+        api_get :index, order_token: order.guest_token, order_number: order.number
+        expect(response.status).to eq(200)
+      end
+    end
+    context "with an incorrect order token" do
+      it "returns unauthorized" do
+        api_get :index, order_token: "NOT_A_TOKEN", order_id: order.number
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+  context "cannot make a request to the API" do
+    it "without an API key" do
+      api_get :index
+      expect(json_response).to eq({ "error" => "You must specify an API key." })
+      expect(response.status).to eq(401)
+    end
+    it "with an invalid API key" do
+      request.headers["X-Spree-Token"] = "fake_key"
+      get :index
+      expect(json_response).to eq({ "error" => "Invalid API key (fake_key) specified." })
+      expect(response.status).to eq(401)
+    end
+    it "using an invalid token param" do
+      get :index, params: { token: "fake_key" }
+      expect(json_response).to eq({ "error" => "Invalid API key (fake_key) specified." })
+    end
+  end
+  it 'handles parameter missing exceptions' do
+    expect(subject).to receive(:authenticate_user).and_return(true)
+    expect(subject).to receive(:load_user_roles).and_return(true)
+    expect(subject).to receive(:index).and_raise(ActionController::ParameterMissing.new('foo'))
+    get :index, params: { token: 'exception-message' }
+    expect(json_response).to eql('exception' => 'param is missing or the value is empty: foo')
+  end
+  it 'handles record invalid exceptions' do
+    expect(subject).to receive(:authenticate_user).and_return(true)
+    expect(subject).to receive(:load_user_roles).and_return(true)
+    resource = Spree::Product.new
+    resource.valid? # get some errors
+    expect(subject).to receive(:index).and_raise(ActiveRecord::RecordInvalid.new(resource))
+    get :index, params: { token: 'exception-message' }
+    expect(json_response).to eql('exception' => "Validation failed: Name can't be blank, Shipping Category can't be blank, Price can't be blank")
+  end
+  it "maps semantic keys to nested_attributes keys" do
+    klass = double(nested_attributes_options: { line_items: {},
+                                                  bill_address: {} })
+    attributes = { 'line_items' => { id: 1 },
+                   'bill_address' => { id: 2 },
+                   'name' => 'test order' }
+    mapped = subject.map_nested_attributes_keys(klass, attributes)
+    expect(mapped.has_key?('line_items_attributes')).to be true
+    expect(mapped.has_key?('name')).to be true
+  end
+  it "lets a subclass override the product associations that are eager-loaded" do
+    expect(controller.respond_to?(:product_includes, true)).to be
+  end
+end

data/spec/controllers/spree/api/v1/addresses_controller_spec.rb ADDED Viewed

@@ -0,0 +1,56 @@
+require 'spec_helper'
+module Spree
+  describe Api::V1::AddressesController, type: :controller do
+    render_views
+    before do
+      stub_authentication!
+      @address = create(:address)
+      @order = create(:order, bill_address: @address)
+    end
+    context "with their own address" do
+      before do
+        allow_any_instance_of(Order).to receive_messages user: current_api_user
+      end
+      it "gets an address" do
+        api_get :show, id: @address.id, order_id: @order.number
+        expect(json_response['address1']).to eq @address.address1
+      end
+      it "updates an address" do
+        api_put :update, id: @address.id, order_id: @order.number,
+                         address: { address1: "123 Test Lane" }
+        expect(json_response['address1']).to eq '123 Test Lane'
+      end
+      it "receives the errors object if address is invalid" do
+        api_put :update, id: @address.id, order_id: @order.number,
+                         address: { address1: "" }
+        expect(json_response['error']).not_to be_nil
+        expect(json_response['errors']).not_to be_nil
+        expect(json_response['errors']['address1'].first).to eq "can't be blank"
+      end
+    end
+    context "on an address that does not belong to this order" do
+      before do
+        @order.bill_address_id = nil
+        @order.ship_address = nil
+      end
+      it "cannot retrieve address information" do
+        api_get :show, id: @address.id, order_id: @order.number
+        assert_unauthorized!
+      end
+      it "cannot update address information" do
+        api_get :update, id: @address.id, order_id: @order.number
+        assert_unauthorized!
+      end
+    end
+  end
+end

data/spec/controllers/spree/api/v1/checkouts_controller_spec.rb ADDED Viewed

@@ -0,0 +1,363 @@
+require 'spec_helper'
+module Spree
+  describe Api::V1::CheckoutsController, type: :controller do
+    render_views
+    shared_examples_for 'action which loads order using load_order_with_lock' do
+      before do
+        allow(controller).to receive(:load_order).with(true).and_return(true)
+      end
+      it 'should invoke load_order_with_lock' do
+        expect(controller).to receive(:load_order_with_lock).exactly(1).times
+      end
+      it 'should invoke load_order' do
+        expect(controller).to receive(:load_order).with(true).exactly(1).times.and_return(true)
+      end
+      context 'ensure no double_render_error' do
+        before do
+          def controller.load_order(*)
+            respond_with(@order, default_template: 'spree/api/v1/orders/show', status: 200)
+          end
+        end
+        it 'should not generate double_render_error' do
+          expect(response).to be_success
+        end
+      end
+      after do
+        send_request
+      end
+    end
+    before(:each) do
+      stub_authentication!
+      Spree::Config[:track_inventory_levels] = false
+      country_zone = create(:zone, name: 'CountryZone')
+      @state = create(:state)
+      @country = @state.country
+      country_zone.members.create(zoneable: @country)
+      create(:stock_location)
+      @shipping_method = create(:shipping_method, zones: [country_zone])
+      @payment_method = create(:credit_card_payment_method)
+    end
+    after do
+      Spree::Config[:track_inventory_levels] = true
+    end
+    context "PUT 'update'" do
+      let(:order) do
+        order = create(:order_with_line_items)
+        # Order should be in a pristine state
+        # Without doing this, the order may transition from 'cart' straight to 'delivery'
+        order.shipments.delete_all
+        order
+      end
+      before(:each) do
+        allow_any_instance_of(Order).to receive_messages(confirmation_required?: true)
+        allow_any_instance_of(Order).to receive_messages(payment_required?: true)
+      end
+      it "should transition a recently created order from cart to address" do
+        expect(order.state).to eq "cart"
+        expect(order.email).not_to be_nil
+        api_put :update, id: order.to_param, order_token: order.guest_token
+        expect(order.reload.state).to eq "address"
+      end
+      it "should transition a recently created order from cart to address with order token in header" do
+        expect(order.state).to eq "cart"
+        expect(order.email).not_to be_nil
+        request.headers["X-Spree-Order-Token"] = order.guest_token
+        api_put :update, id: order.to_param
+        expect(order.reload.state).to eq "address"
+      end
+      it "can take line_items_attributes as a parameter" do
+        line_item = order.line_items.first
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+                         order: { line_items_attributes: { 0 => { id: line_item.id, quantity: 1 } } }
+        expect(response.status).to eq(200)
+        expect(order.reload.state).to eq "address"
+      end
+      it "can take line_items as a parameter" do
+        line_item = order.line_items.first
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+                         order: { line_items: { 0 => { id: line_item.id, quantity: 1 } } }
+        expect(response.status).to eq(200)
+        expect(order.reload.state).to eq "address"
+      end
+      it "will return an error if the order cannot transition" do
+        skip "not sure if this test is valid"
+        order.bill_address = nil
+        order.save
+        order.update_column(:state, "address")
+        api_put :update, id: order.to_param, order_token: order.guest_token
+        # Order has not transitioned
+        expect(response.status).to eq(422)
+      end
+      context "transitioning to delivery" do
+        before do
+          order.update_column(:state, "address")
+        end
+        let(:address) do
+          {
+            firstname:  'John',
+            lastname:   'Doe',
+            address1:   '7735 Old Georgetown Road',
+            city:       'Bethesda',
+            phone:      '3014445002',
+            zipcode:    '20814',
+            state_id:   @state.id,
+            country_id: @country.id
+          }
+        end
+        it "can update addresses and transition from address to delivery" do
+          api_put :update,
+            id: order.to_param, order_token: order.guest_token,
+            order: {
+              bill_address_attributes: address,
+              ship_address_attributes: address
+            }
+          expect(json_response['state']).to eq('delivery')
+          expect(json_response['bill_address']['firstname']).to eq('John')
+          expect(json_response['ship_address']['firstname']).to eq('John')
+          expect(response.status).to eq(200)
+        end
+        # Regression Spec for #5389 & #5880
+        it "can update addresses but not transition to delivery w/o shipping setup" do
+          Spree::ShippingMethod.destroy_all
+          api_put :update,
+            id: order.to_param, order_token: order.guest_token,
+            order: {
+              bill_address_attributes: address,
+              ship_address_attributes: address
+            }
+          expect(json_response['error']).to eq(I18n.t(:could_not_transition, scope: "spree.api.order"))
+          expect(response.status).to eq(422)
+        end
+        # Regression test for #4498
+        it "does not contain duplicate variant data in delivery return" do
+          api_put :update,
+            id: order.to_param, order_token: order.guest_token,
+            order: {
+              bill_address_attributes: address,
+              ship_address_attributes: address
+            }
+          # Shipments manifests should not return the ENTIRE variant
+          # This information is already present within the order's line items
+          expect(json_response['shipments'].first['manifest'].first['variant']).to be_nil
+          expect(json_response['shipments'].first['manifest'].first['variant_id']).to_not be_nil
+        end
+      end
+      it "can update shipping method and transition from delivery to payment" do
+        order.update_column(:state, "delivery")
+        shipment = create(:shipment, order: order)
+        shipment.refresh_rates
+        shipping_rate = shipment.shipping_rates.where(selected: false).first
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { shipments_attributes: { "0" => { selected_shipping_rate_id: shipping_rate.id, id: shipment.id } } }
+        expect(response.status).to eq(200)
+        # Find the correct shipment...
+        json_shipment = json_response['shipments'].detect { |s| s["id"] == shipment.id }
+        # Find the correct shipping rate for that shipment...
+        json_shipping_rate = json_shipment['shipping_rates'].detect { |sr| sr["id"] == shipping_rate.id }
+        # ... And finally ensure that it's selected
+        expect(json_shipping_rate['selected']).to be true
+        # Order should automatically transfer to payment because all criteria are met
+        expect(json_response['state']).to eq('payment')
+      end
+      it "can update payment method and transition from payment to confirm" do
+        order.update_column(:state, "payment")
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { payments_attributes: [{ payment_method_id: @payment_method.id }] }
+        expect(json_response['state']).to eq('confirm')
+        expect(json_response['payments'][0]['payment_method']['name']).to eq(@payment_method.name)
+        expect(json_response['payments'][0]['amount']).to eq(order.total.to_s)
+        expect(response.status).to eq(200)
+      end
+      it "can update payment method with source and transition from payment to confirm" do
+        order.update_column(:state, "payment")
+        source_attributes = {
+          number: "4111111111111111",
+          month: 1.month.from_now.month,
+          year: 1.month.from_now.year,
+          verification_value: "123",
+          name: "Spree Commerce"
+        }
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { payments_attributes: [{ payment_method_id: @payment_method.id.to_s }],
+                      payment_source: { @payment_method.id.to_s => source_attributes } }
+        expect(json_response['payments'][0]['payment_method']['name']).to eq(@payment_method.name)
+        expect(json_response['payments'][0]['amount']).to eq(order.total.to_s)
+        expect(response.status).to eq(200)
+      end
+      it "returns errors when source is missing attributes" do
+        order.update_column(:state, "payment")
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: {
+            payments_attributes: [{ payment_method_id: @payment_method.id }]
+          },
+          payment_source: {
+            @payment_method.id.to_s => { name: "Spree" }
+          }
+        expect(response.status).to eq(422)
+        cc_errors = json_response['errors']['payments.Credit Card']
+        expect(cc_errors).to include("Number can't be blank")
+        expect(cc_errors).to include("Month is not a number")
+        expect(cc_errors).to include("Year is not a number")
+        expect(cc_errors).to include("Verification Value can't be blank")
+      end
+      it "allow users to reuse a credit card" do
+        order.update_column(:state, "payment")
+        credit_card = create(:credit_card, user_id: order.user_id, payment_method_id: @payment_method.id)
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { existing_card: credit_card.id }
+        expect(response.status).to eq 200
+        expect(order.credit_cards).to match_array [credit_card]
+      end
+      it "can transition from confirm to complete" do
+        order.update_columns(state: 'confirm')
+        allow_any_instance_of(Spree::Order).to receive_messages(payment_required?: false)
+        api_put :update, id: order.to_param, order_token: order.guest_token
+        expect(json_response['state']).to eq('complete')
+        expect(response.status).to eq(200)
+      end
+      it "returns the order if the order is already complete" do
+        order.update_columns(completed_at: Time.current, state: 'complete')
+        api_put :update, id: order.to_param, order_token: order.guest_token
+        expect(json_response['number']).to eq(order.number)
+        expect(response.status).to eq(200)
+      end
+      # Regression test for #3784
+      it "can update the special instructions for an order" do
+        instructions = "Don't drop it. (Please)"
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { special_instructions: instructions }
+        expect(json_response['special_instructions']).to eql(instructions)
+      end
+      context "as an admin" do
+        sign_in_as_admin!
+        it "can assign a user to the order" do
+          user = create(:user)
+          # Need to pass email as well so that validations succeed
+          api_put :update, id: order.to_param, order_token: order.guest_token,
+            order: { user_id: user.id, email: "guest@spreecommerce.org" }
+          expect(response.status).to eq(200)
+          expect(json_response['user_id']).to eq(user.id)
+        end
+      end
+      it "can assign an email to the order" do
+        api_put :update, id: order.to_param, order_token: order.guest_token,
+          order: { email: "guest@spreecommerce.org" }
+        expect(json_response['email']).to eq("guest@spreecommerce.org")
+        expect(response.status).to eq(200)
+      end
+      it "can apply a coupon code to an order" do
+        skip "ensure that the order totals are properly updated, see frontend orders_controller or checkout_controller as example"
+        order.update_column(:state, "payment")
+        expect(PromotionHandler::Coupon).to receive(:new).with(order).and_call_original
+        expect_any_instance_of(PromotionHandler::Coupon).to receive(:apply).and_return({ coupon_applied?: true })
+        api_put :update, id: order.to_param, order_token: order.guest_token, order: { coupon_code: "foobar" }
+      end
+      def send_request
+        api_put :update, id: order.to_param, order_token: order.guest_token
+      end
+      it_should_behave_like 'action which loads order using load_order_with_lock'
+    end
+    context "PUT 'next'" do
+      let!(:order) { create(:order_with_line_items) }
+      it "cannot transition to address without a line item" do
+        order.line_items.delete_all
+        order.update_column(:email, "spree@example.com")
+        api_put :next, id: order.to_param, order_token: order.guest_token
+        expect(response.status).to eq(422)
+        expect(json_response["errors"]["base"]).to include(Spree.t(:there_are_no_items_for_this_order))
+      end
+      it "can transition an order to the next state" do
+        order.update_column(:email, "spree@example.com")
+        api_put :next, id: order.to_param, order_token: order.guest_token
+        expect(response.status).to eq(200)
+        expect(json_response['state']).to eq('address')
+      end
+      it "cannot transition if order email is blank" do
+        order.update_columns(
+          state: 'address',
+          email: nil
+        )
+        api_put :next, id: order.to_param, order_token: order.guest_token
+        expect(response.status).to eq(422)
+        expect(json_response['error']).to match(/could not be transitioned/)
+      end
+      it "doesnt advance payment state if order has no payment" do
+        order.update_column(:state, "payment")
+        api_put :next, id: order.to_param, order_token: order.guest_token, order: {}
+        expect(json_response["errors"]["base"]).to include(Spree.t(:no_payment_found))
+      end
+      def send_request
+        api_put :next, id: order.to_param, order_token: order.guest_token
+      end
+      it_should_behave_like 'action which loads order using load_order_with_lock'
+    end
+    context "PUT 'advance'" do
+      let!(:order) { create(:order_with_line_items) }
+      it 'continues to advance advances an order while it can move forward' do
+        expect_any_instance_of(Spree::Order).to receive(:next).exactly(3).times.and_return(true, true, false)
+        api_put :advance, id: order.to_param, order_token: order.guest_token
+      end
+      it 'returns the order' do
+        api_put :advance, id: order.to_param, order_token: order.guest_token
+        expect(json_response['id']).to eq(order.id)
+      end
+      def send_request
+        api_put :advance, id: order.to_param, order_token: order.guest_token
+      end
+      it_should_behave_like 'action which loads order using load_order_with_lock'
+    end
+  end
+end