RubyGems - spree_api - Versions diffs - 3.1.14 → 3.2.0.rc1 - Mend

spree_api 3.1.14 → 3.2.0.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (100) hide show

data/spec/controllers/spree/api/v1/classifications_controller_spec.rb ADDED Viewed

@@ -0,0 +1,48 @@
+require 'spec_helper'
+module Spree
+  describe Api::V1::ClassificationsController, type: :controller do
+    let(:taxon) do
+      taxon = create(:taxon)
+      3.times do
+        product = create(:product)
+        product.taxons << taxon
+      end
+      taxon
+    end
+    before do
+      stub_authentication!
+    end
+    context "as a user" do
+      it "cannot change the order of a product" do
+        api_put :update, taxon_id: taxon, product_id: taxon.products.first, position: 1
+        expect(response.status).to eq(401)
+      end
+    end
+    context "as an admin" do
+      sign_in_as_admin!
+      let(:last_product) { taxon.products.last }
+      it "can change the order a product" do
+        classification = taxon.classifications.find_by(product_id: last_product.id)
+        expect(classification.position).to eq(3)
+        api_put :update, taxon_id: taxon.id, product_id: last_product.id, position: 0
+        expect(response.status).to eq(200)
+        expect(classification.reload.position).to eq(1)
+      end
+      it "should touch the taxon" do
+        taxon.update_attributes(updated_at: Time.current - 10.seconds)
+        taxon_last_updated_at = taxon.updated_at
+        api_put :update, taxon_id: taxon.id, product_id: last_product.id, position: 0
+        taxon.reload
+        expect(taxon_last_updated_at.to_i).to_not eq(taxon.updated_at.to_i)
+      end
+    end
+  end
+end

data/spec/controllers/spree/api/v1/countries_controller_spec.rb ADDED Viewed

@@ -0,0 +1,48 @@
+require 'spec_helper'
+module Spree
+  describe Api::V1::CountriesController, type: :controller do
+    render_views
+    before do
+      stub_authentication!
+      @state = create(:state)
+      @country = @state.country
+    end
+    it "gets all countries" do
+      api_get :index
+      expect(json_response['countries'].first['iso3']).to eq @country.iso3
+    end
+    context "with two countries" do
+      before { @zambia = create(:country, name: "Zambia") }
+      it "can view all countries" do
+        api_get :index
+        expect(json_response['count']).to eq(2)
+        expect(json_response['current_page']).to eq(1)
+        expect(json_response['pages']).to eq(1)
+      end
+      it 'can query the results through a paramter' do
+        api_get :index, q: { name_cont: 'zam' }
+        expect(json_response['count']).to eq(1)
+        expect(json_response['countries'].first['name']).to eq @zambia.name
+      end
+      it 'can control the page size through a parameter' do
+        api_get :index, per_page: 1
+        expect(json_response['count']).to eq(1)
+        expect(json_response['current_page']).to eq(1)
+        expect(json_response['pages']).to eq(2)
+      end
+    end
+    it "includes states" do
+      api_get :show, id: @country.id
+      states = json_response['states']
+      expect(states.first['name']).to eq @state.name
+    end
+  end
+end

data/spec/controllers/spree/api/v1/credit_cards_controller_spec.rb ADDED Viewed

@@ -0,0 +1,80 @@
+require 'spec_helper'
+module Spree
+  describe Api::V1::CreditCardsController, type: :controller do
+    render_views
+    let!(:admin_user) do
+      user = Spree.user_class.new(email: "spree@example.com", id: 1)
+      user.generate_spree_api_key!
+      allow(user).to receive(:has_spree_role?).with('admin').and_return(true)
+      user
+    end
+    let!(:normal_user) do
+      user = Spree.user_class.new(email: "spree2@example.com", id: 2)
+      user.generate_spree_api_key!
+      user
+    end
+    let!(:card) { create(:credit_card, user_id: admin_user.id, gateway_customer_profile_id: "random") }
+    before do
+      stub_authentication!
+    end
+    it "the user id doesn't exist" do
+      api_get :index, user_id: 1000
+      expect(response.status).to eq(404)
+    end
+    context "calling user is in admin role" do
+      let(:current_api_user) do
+        user = admin_user
+        user
+      end
+      it "no credit cards exist for user" do
+        api_get :index, user_id: normal_user.id
+        expect(response.status).to eq(200)
+        expect(json_response["pages"]).to eq(0)
+      end
+      it "can view all credit cards for user" do
+        api_get :index, user_id: current_api_user.id
+        expect(response.status).to eq(200)
+        expect(json_response["pages"]).to eq(1)
+        expect(json_response["current_page"]).to eq(1)
+        expect(json_response["credit_cards"].length).to eq(1)
+        expect(json_response["credit_cards"].first["id"]).to eq(card.id)
+      end
+    end
+    context "calling user is not in admin role" do
+      let(:current_api_user) do
+        user = normal_user
+        user
+      end
+      let!(:card) { create(:credit_card, user_id: normal_user.id, gateway_customer_profile_id: "random") }
+      it "can not view user" do
+        api_get :index, user_id: admin_user.id
+        expect(response.status).to eq(404)
+      end
+      it "can view own credit cards" do
+        api_get :index, user_id: normal_user.id
+        expect(response.status).to eq(200)
+        expect(json_response["pages"]).to eq(1)
+        expect(json_response["current_page"]).to eq(1)
+        expect(json_response["credit_cards"].length).to eq(1)
+        expect(json_response["credit_cards"].first["id"]).to eq(card.id)
+      end
+    end
+  end
+end

data/spec/controllers/spree/api/v1/images_controller_spec.rb ADDED Viewed

@@ -0,0 +1,114 @@
+require 'spec_helper'
+module Spree
+  describe Api::V1::ImagesController, type: :controller do
+    render_views
+    let!(:product) { create(:product) }
+    let!(:attributes) { [:id, :position, :attachment_content_type,
+                         :attachment_file_name, :type, :attachment_updated_at, :attachment_width,
+                         :attachment_height, :alt] }
+    before do
+      stub_authentication!
+    end
+    context "as an admin" do
+      sign_in_as_admin!
+      it "can learn how to create a new image" do
+        api_get :new, product_id: product.id
+        expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
+        expect(json_response["required_attributes"]).to be_empty
+      end
+      it "can upload a new image for a variant" do
+        expect do
+          api_post :create,
+                   image: { attachment: upload_image('thinking-cat.jpg'),
+                               viewable_type: 'Spree::Variant',
+                               viewable_id: product.master.to_param  },
+                   product_id: product.id
+          expect(response.status).to eq(201)
+          expect(json_response).to have_attributes(attributes)
+        end.to change(Image, :count).by(1)
+      end
+      it "can't upload a new image for a variant without attachment" do
+        api_post :create,
+                 image: { viewable_type: 'Spree::Variant',
+                          viewable_id: product.master.to_param
+                        },
+                 product_id: product.id
+        expect(response.status).to eq(422)
+      end
+      context "working with an existing image" do
+        let!(:product_image) { product.master.images.create!(attachment: image('thinking-cat.jpg')) }
+        it "can get a single product image" do
+          api_get :show, id: product_image.id, product_id: product.id
+          expect(response.status).to eq(200)
+          expect(json_response).to have_attributes(attributes)
+        end
+        it "can get a single variant image" do
+          api_get :show, id: product_image.id, variant_id: product.master.id
+          expect(response.status).to eq(200)
+          expect(json_response).to have_attributes(attributes)
+        end
+        it "can get a list of product images" do
+          api_get :index, product_id: product.id
+          expect(response.status).to eq(200)
+          expect(json_response).to have_key("images")
+          expect(json_response["images"].first).to have_attributes(attributes)
+        end
+        it "can get a list of variant images" do
+          api_get :index, variant_id: product.master.id
+          expect(response.status).to eq(200)
+          expect(json_response).to have_key("images")
+          expect(json_response["images"].first).to have_attributes(attributes)
+        end
+        it "can update image data" do
+          expect(product_image.position).to eq(1)
+          api_post :update, image: { position: 2 }, id: product_image.id, product_id: product.id
+          expect(response.status).to eq(200)
+          expect(json_response).to have_attributes(attributes)
+          expect(product_image.reload.position).to eq(2)
+        end
+        it "can't update an image without attachment" do
+          api_post :update,
+                   id: product_image.id, product_id: product.id
+          expect(response.status).to eq(422)
+        end
+        it "can delete an image" do
+          api_delete :destroy, id: product_image.id, product_id: product.id
+          expect(response.status).to eq(204)
+          expect { product_image.reload }.to raise_error(ActiveRecord::RecordNotFound)
+        end
+      end
+    end
+    context "as a non-admin" do
+      it "cannot create an image" do
+        api_post :create, product_id: product.id
+        assert_unauthorized!
+      end
+      it "cannot update an image" do
+        api_put :update, id: 1, product_id: product.id
+        assert_not_found!
+      end
+      it "cannot delete an image" do
+        api_delete :destroy, id: 1, product_id: product.id
+        assert_not_found!
+      end
+    end
+  end
+end

data/spec/controllers/spree/api/v1/inventory_units_controller_spec.rb ADDED Viewed

@@ -0,0 +1,48 @@
+require 'spec_helper'
+module Spree
+  describe Api::V1::InventoryUnitsController, type: :controller do
+    render_views
+    before do
+      stub_authentication!
+      @inventory_unit = create(:inventory_unit)
+    end
+    context "as an admin" do
+      sign_in_as_admin!
+      it "gets an inventory unit" do
+        api_get :show, id: @inventory_unit.id
+        expect(json_response['state']).to eq @inventory_unit.state
+      end
+      it "updates an inventory unit" do
+        api_put :update, id: @inventory_unit.id,
+                         inventory_unit: { shipment_id: nil }
+        expect(json_response['shipment_id']).to be_nil
+      end
+      context 'fires state event' do
+        it 'if supplied with :fire param' do
+          api_put :update, id: @inventory_unit.id,
+                           fire: 'ship',
+                           inventory_unit: { shipment: { tracking: 'foobar' } }
+          expect(json_response['state']).to eq 'shipped'
+        end
+        it 'and returns exception if cannot fire' do
+          api_put :update, id: @inventory_unit.id,
+                           fire: 'return'
+          expect(json_response['exception']).to match /cannot transition to return/
+        end
+        it 'and returns exception bad state' do
+          api_put :update, id: @inventory_unit.id,
+                           fire: 'bad'
+          expect(json_response['exception']).to match /cannot transition to bad/
+        end
+      end
+    end
+  end
+end

data/spec/controllers/spree/api/v1/line_items_controller_spec.rb ADDED Viewed

@@ -0,0 +1,203 @@
+require 'spec_helper'
+module Spree
+  PermittedAttributes.module_eval do
+    mattr_writer :line_item_attributes
+  end
+  unless PermittedAttributes.line_item_attributes.include? :some_option
+    PermittedAttributes.line_item_attributes += [:some_option]
+  end
+  # This should go in an initializer
+  Spree::Api::V1::LineItemsController.line_item_options += [:some_option]
+  describe Api::V1::LineItemsController, type: :controller do
+    render_views
+    let!(:order) { create(:order_with_line_items, line_items_count: 1) }
+    let(:product) { create(:product) }
+    let(:attributes) { [:id, :quantity, :price, :variant, :total, :display_amount, :single_display_amount] }
+    let(:resource_scoping) { { order_id: order.to_param } }
+    before do
+      stub_authentication!
+    end
+    it "can learn how to create a new line item" do
+      api_get :new
+      expect(json_response["attributes"]).to eq(["quantity", "price", "variant_id"])
+      required_attributes = json_response["required_attributes"]
+      expect(required_attributes).to include("quantity", "variant_id")
+    end
+    context "authenticating with a token" do
+      it "can add a new line item to an existing order" do
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }, order_token: order.guest_token
+        expect(response.status).to eq(201)
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["variant"]["name"]).not_to be_blank
+      end
+      it "can add a new line item to an existing order with token in header" do
+        request.headers["X-Spree-Order-Token"] = order.guest_token
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+        expect(response.status).to eq(201)
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["variant"]["name"]).not_to be_blank
+      end
+    end
+    context "as the order owner" do
+      before do
+        allow_any_instance_of(Order).to receive_messages user: current_api_user
+      end
+      it "can add a new line item to an existing order" do
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+        expect(response.status).to eq(201)
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["variant"]["name"]).not_to be_blank
+      end
+      it "can add a new line item to an existing order with options" do
+        expect_any_instance_of(LineItem).to receive(:some_option=).with("foo")
+        api_post :create,
+                 line_item: {
+                   variant_id: product.master.to_param,
+                   quantity: 1,
+                   options: { some_option: "foo" }
+                 }
+        expect(response.status).to eq(201)
+      end
+      it "default quantity to 1 if none is given" do
+        api_post :create, line_item: { variant_id: product.master.to_param }
+        expect(response.status).to eq(201)
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response[:quantity]).to eq 1
+      end
+      it "increases a line item's quantity if it exists already" do
+        order.line_items.create(variant_id: product.master.id, quantity: 10)
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+        expect(response.status).to eq(201)
+        order.reload
+        expect(order.line_items.count).to eq(2) # 1 original due to factory, + 1 in this test
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["quantity"]).to eq(11)
+      end
+      it "can update a line item on the order" do
+        line_item = order.line_items.first
+        api_put :update, id: line_item.id, line_item: { quantity: 101 }
+        expect(response.status).to eq(200)
+        order.reload
+        expect(order.total).to eq(1010) # 10 original due to factory, + 1000 in this test
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["quantity"]).to eq(101)
+      end
+      it "can update a line item's options on the order" do
+        expect_any_instance_of(LineItem).to receive(:some_option=).with("foo")
+        line_item = order.line_items.first
+        api_put :update,
+                id: line_item.id,
+                line_item: { quantity: 1, options: { some_option: "foo" } }
+        expect(response.status).to eq(200)
+      end
+      it "can delete a line item on the order" do
+        line_item = order.line_items.first
+        api_delete :destroy, id: line_item.id
+        expect(response.status).to eq(204)
+        order.reload
+        expect(order.line_items.count).to eq(0) # 1 original due to factory, - 1 in this test
+        expect { line_item.reload }.to raise_error(ActiveRecord::RecordNotFound)
+      end
+      context "order contents changed after shipments were created" do
+        let!(:order) { Order.create }
+        let!(:line_item) { order.contents.add(product.master) }
+        before { order.create_proposed_shipments }
+        it "clear out shipments on create" do
+          expect(order.reload.shipments).not_to be_empty
+          api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+          expect(order.reload.shipments).to be_empty
+        end
+        it "clear out shipments on update" do
+          expect(order.reload.shipments).not_to be_empty
+          api_put :update, id: line_item.id, line_item: { quantity: 1000 }
+          expect(order.reload.shipments).to be_empty
+        end
+        it "clear out shipments on delete" do
+          expect(order.reload.shipments).not_to be_empty
+          api_delete :destroy, id: line_item.id
+          expect(order.reload.shipments).to be_empty
+        end
+        context "order is completed" do
+          before do
+            allow(order).to receive_messages completed?: true
+            allow(Order).to receive_message_chain :includes, find_by!: order
+          end
+          it "doesn't destroy shipments or restart checkout flow" do
+            expect(order.reload.shipments).not_to be_empty
+            api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+            expect(order.reload.shipments).not_to be_empty
+          end
+          context 'deleting line items' do
+            it 'restocks product after line item removal' do
+              line_item = order.line_items.first
+              variant = line_item.variant
+              expect do
+                api_delete :destroy, id: line_item.id
+              end.to change { variant.total_on_hand }.by(line_item.quantity)
+              expect(response.status).to eq(204)
+              order.reload
+              expect(order.line_items.count).to eq(0)
+            end
+            it 'calls `restock` on proper stock location' do
+              expect(order.shipments.first.stock_location).to receive(:restock)
+              api_delete :destroy, id: line_item.id
+            end
+          end
+        end
+      end
+    end
+    context "as just another user" do
+      before do
+        user = create(:user)
+      end
+      it "cannot add a new line item to the order" do
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+        assert_unauthorized!
+      end
+      it "cannot update a line item on the order" do
+        line_item = order.line_items.first
+        api_put :update, id: line_item.id, line_item: { quantity: 1000 }
+        assert_unauthorized!
+        expect(line_item.reload.quantity).not_to eq(1000)
+      end
+      it "cannot delete a line item on the order" do
+        line_item = order.line_items.first
+        api_delete :destroy, id: line_item.id
+        assert_unauthorized!
+        expect { line_item.reload }.not_to raise_error
+      end
+    end
+  end
+end