spree_api 3.1.5 → 3.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/spree/api/v1/product_properties_controller.rb +7 -10
- data/app/views/spree/api/v1/countries/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/credit_cards/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/orders/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/orders/mine.v1.rabl +1 -1
- data/app/views/spree/api/v1/payments/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/product_properties/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/products/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/properties/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/return_authorizations/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/shipments/mine.v1.rabl +1 -1
- data/app/views/spree/api/v1/states/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/stock_items/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/stock_locations/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/stock_movements/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/taxonomies/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/taxons/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/users/index.v1.rabl +1 -1
- data/app/views/spree/api/v1/zones/index.v1.rabl +1 -1
- data/spree_api.gemspec +1 -2
- metadata +6 -88
- data/spec/controllers/spree/api/base_controller_spec.rb +0 -96
- data/spec/controllers/spree/api/v1/addresses_controller_spec.rb +0 -56
- data/spec/controllers/spree/api/v1/checkouts_controller_spec.rb +0 -363
- data/spec/controllers/spree/api/v1/classifications_controller_spec.rb +0 -48
- data/spec/controllers/spree/api/v1/countries_controller_spec.rb +0 -48
- data/spec/controllers/spree/api/v1/credit_cards_controller_spec.rb +0 -80
- data/spec/controllers/spree/api/v1/images_controller_spec.rb +0 -115
- data/spec/controllers/spree/api/v1/inventory_units_controller_spec.rb +0 -49
- data/spec/controllers/spree/api/v1/line_items_controller_spec.rb +0 -184
- data/spec/controllers/spree/api/v1/option_types_controller_spec.rb +0 -122
- data/spec/controllers/spree/api/v1/option_values_controller_spec.rb +0 -141
- data/spec/controllers/spree/api/v1/orders_controller_spec.rb +0 -735
- data/spec/controllers/spree/api/v1/payments_controller_spec.rb +0 -234
- data/spec/controllers/spree/api/v1/product_properties_controller_spec.rb +0 -116
- data/spec/controllers/spree/api/v1/products_controller_spec.rb +0 -409
- data/spec/controllers/spree/api/v1/promotion_application_spec.rb +0 -50
- data/spec/controllers/spree/api/v1/promotions_controller_spec.rb +0 -64
- data/spec/controllers/spree/api/v1/properties_controller_spec.rb +0 -102
- data/spec/controllers/spree/api/v1/return_authorizations_controller_spec.rb +0 -161
- data/spec/controllers/spree/api/v1/shipments_controller_spec.rb +0 -187
- data/spec/controllers/spree/api/v1/states_controller_spec.rb +0 -86
- data/spec/controllers/spree/api/v1/stock_items_controller_spec.rb +0 -143
- data/spec/controllers/spree/api/v1/stock_locations_controller_spec.rb +0 -113
- data/spec/controllers/spree/api/v1/stock_movements_controller_spec.rb +0 -84
- data/spec/controllers/spree/api/v1/stores_controller_spec.rb +0 -133
- data/spec/controllers/spree/api/v1/taxonomies_controller_spec.rb +0 -114
- data/spec/controllers/spree/api/v1/taxons_controller_spec.rb +0 -177
- data/spec/controllers/spree/api/v1/unauthenticated_products_controller_spec.rb +0 -26
- data/spec/controllers/spree/api/v1/users_controller_spec.rb +0 -153
- data/spec/controllers/spree/api/v1/variants_controller_spec.rb +0 -205
- data/spec/controllers/spree/api/v1/zones_controller_spec.rb +0 -91
- data/spec/fixtures/thinking-cat.jpg +0 -0
- data/spec/models/spree/legacy_user_spec.rb +0 -19
- data/spec/requests/rabl_cache_spec.rb +0 -32
- data/spec/requests/ransackable_attributes_spec.rb +0 -79
- data/spec/requests/version_spec.rb +0 -19
- data/spec/shared_examples/protect_product_actions.rb +0 -17
- data/spec/spec_helper.rb +0 -55
- data/spec/support/controller_hacks.rb +0 -33
- data/spec/support/database_cleaner.rb +0 -14
- data/spec/support/have_attributes_matcher.rb +0 -13
@@ -1,114 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
module Spree
|
4
|
-
describe Api::V1::TaxonomiesController, :type => :controller do
|
5
|
-
render_views
|
6
|
-
|
7
|
-
let(:taxonomy) { create(:taxonomy) }
|
8
|
-
let(:taxon) { create(:taxon, :name => "Ruby", :taxonomy => taxonomy) }
|
9
|
-
let(:taxon2) { create(:taxon, :name => "Rails", :taxonomy => taxonomy) }
|
10
|
-
let(:attributes) { [:id, :name] }
|
11
|
-
|
12
|
-
before do
|
13
|
-
stub_authentication!
|
14
|
-
taxon2.children << create(:taxon, :name => "3.2.2", :taxonomy => taxonomy)
|
15
|
-
taxon.children << taxon2
|
16
|
-
taxonomy.root.children << taxon
|
17
|
-
end
|
18
|
-
|
19
|
-
context "as a normal user" do
|
20
|
-
it "gets all taxonomies" do
|
21
|
-
api_get :index
|
22
|
-
|
23
|
-
expect(json_response["taxonomies"].first['name']).to eq taxonomy.name
|
24
|
-
expect(json_response["taxonomies"].first['root']['taxons'].count).to eq 1
|
25
|
-
end
|
26
|
-
|
27
|
-
it 'can control the page size through a parameter' do
|
28
|
-
create(:taxonomy)
|
29
|
-
api_get :index, :per_page => 1
|
30
|
-
expect(json_response['count']).to eq(1)
|
31
|
-
expect(json_response['current_page']).to eq(1)
|
32
|
-
expect(json_response['pages']).to eq(2)
|
33
|
-
end
|
34
|
-
|
35
|
-
it 'can query the results through a paramter' do
|
36
|
-
expected_result = create(:taxonomy, :name => 'Style')
|
37
|
-
api_get :index, :q => { :name_cont => 'style' }
|
38
|
-
expect(json_response['count']).to eq(1)
|
39
|
-
expect(json_response['taxonomies'].first['name']).to eq expected_result.name
|
40
|
-
end
|
41
|
-
|
42
|
-
it "gets a single taxonomy" do
|
43
|
-
api_get :show, :id => taxonomy.id
|
44
|
-
|
45
|
-
expect(json_response['name']).to eq taxonomy.name
|
46
|
-
|
47
|
-
children = json_response['root']['taxons']
|
48
|
-
expect(children.count).to eq 1
|
49
|
-
expect(children.first['name']).to eq taxon.name
|
50
|
-
expect(children.first.key?('taxons')).to be false
|
51
|
-
end
|
52
|
-
|
53
|
-
it "gets a single taxonomy with set=nested" do
|
54
|
-
api_get :show, :id => taxonomy.id, :set => 'nested'
|
55
|
-
|
56
|
-
expect(json_response['name']).to eq taxonomy.name
|
57
|
-
|
58
|
-
children = json_response['root']['taxons']
|
59
|
-
expect(children.first.key?('taxons')).to be true
|
60
|
-
end
|
61
|
-
|
62
|
-
it "gets the jstree-friendly version of a taxonomy" do
|
63
|
-
api_get :jstree, :id => taxonomy.id
|
64
|
-
expect(json_response["data"]).to eq(taxonomy.root.name)
|
65
|
-
expect(json_response["attr"]).to eq({ "id" => taxonomy.root.id, "name" => taxonomy.root.name})
|
66
|
-
expect(json_response["state"]).to eq("closed")
|
67
|
-
end
|
68
|
-
|
69
|
-
it "can learn how to create a new taxonomy" do
|
70
|
-
api_get :new
|
71
|
-
expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
|
72
|
-
required_attributes = json_response["required_attributes"]
|
73
|
-
expect(required_attributes).to include("name")
|
74
|
-
end
|
75
|
-
|
76
|
-
it "cannot create a new taxonomy if not an admin" do
|
77
|
-
api_post :create, :taxonomy => { :name => "Location" }
|
78
|
-
assert_unauthorized!
|
79
|
-
end
|
80
|
-
|
81
|
-
it "cannot update a taxonomy" do
|
82
|
-
api_put :update, :id => taxonomy.id, :taxonomy => { :name => "I hacked your store!" }
|
83
|
-
assert_unauthorized!
|
84
|
-
end
|
85
|
-
|
86
|
-
it "cannot delete a taxonomy" do
|
87
|
-
api_delete :destroy, :id => taxonomy.id
|
88
|
-
assert_unauthorized!
|
89
|
-
end
|
90
|
-
end
|
91
|
-
|
92
|
-
context "as an admin" do
|
93
|
-
sign_in_as_admin!
|
94
|
-
|
95
|
-
it "can create" do
|
96
|
-
api_post :create, :taxonomy => { :name => "Colors"}
|
97
|
-
expect(json_response).to have_attributes(attributes)
|
98
|
-
expect(response.status).to eq(201)
|
99
|
-
end
|
100
|
-
|
101
|
-
it "cannot create a new taxonomy with invalid attributes" do
|
102
|
-
api_post :create, :taxonomy => {}
|
103
|
-
expect(response.status).to eq(422)
|
104
|
-
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
|
105
|
-
errors = json_response["errors"]
|
106
|
-
end
|
107
|
-
|
108
|
-
it "can destroy" do
|
109
|
-
api_delete :destroy, :id => taxonomy.id
|
110
|
-
expect(response.status).to eq(204)
|
111
|
-
end
|
112
|
-
end
|
113
|
-
end
|
114
|
-
end
|
@@ -1,177 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
module Spree
|
4
|
-
describe Api::V1::TaxonsController, :type => :controller do
|
5
|
-
render_views
|
6
|
-
|
7
|
-
let(:taxonomy) { create(:taxonomy) }
|
8
|
-
let(:taxon) { create(:taxon, :name => "Ruby", :taxonomy => taxonomy) }
|
9
|
-
let(:taxon2) { create(:taxon, :name => "Rails", :taxonomy => taxonomy) }
|
10
|
-
let(:attributes) { ["id", "name", "pretty_name", "permalink", "parent_id", "taxonomy_id"] }
|
11
|
-
|
12
|
-
before do
|
13
|
-
stub_authentication!
|
14
|
-
taxon2.children << create(:taxon, :name => "3.2.2", :taxonomy => taxonomy)
|
15
|
-
taxon.children << taxon2
|
16
|
-
taxonomy.root.children << taxon
|
17
|
-
end
|
18
|
-
|
19
|
-
context "as a normal user" do
|
20
|
-
it "gets all taxons for a taxonomy" do
|
21
|
-
api_get :index, :taxonomy_id => taxonomy.id
|
22
|
-
|
23
|
-
expect(json_response['taxons'].first['name']).to eq taxon.name
|
24
|
-
children = json_response['taxons'].first['taxons']
|
25
|
-
expect(children.count).to eq 1
|
26
|
-
expect(children.first['name']).to eq taxon2.name
|
27
|
-
expect(children.first['taxons'].count).to eq 1
|
28
|
-
end
|
29
|
-
|
30
|
-
# Regression test for #4112
|
31
|
-
it "does not include children when asked not to" do
|
32
|
-
api_get :index, :taxonomy_id => taxonomy.id, :without_children => 1
|
33
|
-
|
34
|
-
expect(json_response['taxons'].first['name']).to eq(taxon.name)
|
35
|
-
expect(json_response['taxons'].first['taxons']).to be_nil
|
36
|
-
end
|
37
|
-
|
38
|
-
it "paginates through taxons" do
|
39
|
-
new_taxon = create(:taxon, :name => "Go", :taxonomy => taxonomy)
|
40
|
-
taxonomy.root.children << new_taxon
|
41
|
-
expect(taxonomy.root.children.count).to eql(2)
|
42
|
-
api_get :index, :taxonomy_id => taxonomy.id, :page => 1, :per_page => 1
|
43
|
-
expect(json_response["count"]).to eql(1)
|
44
|
-
expect(json_response["total_count"]).to eql(2)
|
45
|
-
expect(json_response["current_page"]).to eql(1)
|
46
|
-
expect(json_response["per_page"]).to eql(1)
|
47
|
-
expect(json_response["pages"]).to eql(2)
|
48
|
-
end
|
49
|
-
|
50
|
-
describe 'searching' do
|
51
|
-
context 'with a name' do
|
52
|
-
before do
|
53
|
-
api_get :index, :q => { :name_cont => name }
|
54
|
-
end
|
55
|
-
|
56
|
-
context 'with one result' do
|
57
|
-
let(:name) { "Ruby" }
|
58
|
-
|
59
|
-
it "returns an array including the matching taxon" do
|
60
|
-
expect(json_response['taxons'].count).to eq(1)
|
61
|
-
expect(json_response['taxons'].first['name']).to eq "Ruby"
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
|
-
context 'with no results' do
|
66
|
-
let(:name) { "Imaginary" }
|
67
|
-
|
68
|
-
it 'returns an empty array of taxons' do
|
69
|
-
expect(json_response.keys).to include('taxons')
|
70
|
-
expect(json_response['taxons'].count).to eq(0)
|
71
|
-
end
|
72
|
-
end
|
73
|
-
end
|
74
|
-
|
75
|
-
context 'with no filters' do
|
76
|
-
it "gets all taxons" do
|
77
|
-
api_get :index
|
78
|
-
|
79
|
-
expect(json_response['taxons'].first['name']).to eq taxonomy.root.name
|
80
|
-
children = json_response['taxons'].first['taxons']
|
81
|
-
expect(children.count).to eq 1
|
82
|
-
expect(children.first['name']).to eq taxon.name
|
83
|
-
expect(children.first['taxons'].count).to eq 1
|
84
|
-
end
|
85
|
-
end
|
86
|
-
end
|
87
|
-
|
88
|
-
it "gets a single taxon" do
|
89
|
-
api_get :show, :id => taxon.id, :taxonomy_id => taxonomy.id
|
90
|
-
|
91
|
-
expect(json_response['name']).to eq taxon.name
|
92
|
-
expect(json_response['taxons'].count).to eq 1
|
93
|
-
end
|
94
|
-
|
95
|
-
it "gets all taxons in JSTree form" do
|
96
|
-
api_get :jstree, :taxonomy_id => taxonomy.id, :id => taxon.id
|
97
|
-
response = json_response.first
|
98
|
-
expect(response["data"]).to eq(taxon2.name)
|
99
|
-
expect(response["attr"]).to eq({ "name" => taxon2.name, "id" => taxon2.id})
|
100
|
-
expect(response["state"]).to eq("closed")
|
101
|
-
end
|
102
|
-
|
103
|
-
it "can learn how to create a new taxon" do
|
104
|
-
api_get :new, :taxonomy_id => taxonomy.id
|
105
|
-
expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
|
106
|
-
required_attributes = json_response["required_attributes"]
|
107
|
-
expect(required_attributes).to include("name")
|
108
|
-
end
|
109
|
-
|
110
|
-
it "cannot create a new taxon if not an admin" do
|
111
|
-
api_post :create, :taxonomy_id => taxonomy.id, :taxon => { :name => "Location" }
|
112
|
-
assert_unauthorized!
|
113
|
-
end
|
114
|
-
|
115
|
-
it "cannot update a taxon" do
|
116
|
-
api_put :update, :taxonomy_id => taxonomy.id, :id => taxon.id, :taxon => { :name => "I hacked your store!" }
|
117
|
-
assert_unauthorized!
|
118
|
-
end
|
119
|
-
|
120
|
-
it "cannot delete a taxon" do
|
121
|
-
api_delete :destroy, :taxonomy_id => taxonomy.id, :id => taxon.id
|
122
|
-
assert_unauthorized!
|
123
|
-
end
|
124
|
-
end
|
125
|
-
|
126
|
-
context "as an admin" do
|
127
|
-
sign_in_as_admin!
|
128
|
-
|
129
|
-
it "can create" do
|
130
|
-
api_post :create, :taxonomy_id => taxonomy.id, :taxon => { :name => "Colors" }
|
131
|
-
expect(json_response).to have_attributes(attributes)
|
132
|
-
expect(response.status).to eq(201)
|
133
|
-
|
134
|
-
expect(taxonomy.reload.root.children.count).to eq 2
|
135
|
-
taxon = Spree::Taxon.where(:name => 'Colors').first
|
136
|
-
|
137
|
-
expect(taxon.parent_id).to eq taxonomy.root.id
|
138
|
-
expect(taxon.taxonomy_id).to eq taxonomy.id
|
139
|
-
end
|
140
|
-
|
141
|
-
it "can update the position in the list" do
|
142
|
-
taxonomy.root.children << taxon2
|
143
|
-
api_put :update, :taxonomy_id => taxonomy.id, :id => taxon.id, :taxon => {:parent_id => taxon.parent_id, :child_index => 2 }
|
144
|
-
expect(response.status).to eq(200)
|
145
|
-
expect(taxonomy.reload.root.children[0]).to eql taxon2
|
146
|
-
expect(taxonomy.reload.root.children[1]).to eql taxon
|
147
|
-
end
|
148
|
-
|
149
|
-
it "cannot create a new taxon with invalid attributes" do
|
150
|
-
api_post :create, :taxonomy_id => taxonomy.id, :taxon => {}
|
151
|
-
expect(response.status).to eq(422)
|
152
|
-
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
|
153
|
-
errors = json_response["errors"]
|
154
|
-
|
155
|
-
expect(taxonomy.reload.root.children.count).to eq 1
|
156
|
-
end
|
157
|
-
|
158
|
-
it "cannot create a new taxon with invalid taxonomy_id" do
|
159
|
-
api_post :create, :taxonomy_id => 1000, :taxon => { :name => "Colors" }
|
160
|
-
expect(response.status).to eq(422)
|
161
|
-
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
|
162
|
-
|
163
|
-
errors = json_response["errors"]
|
164
|
-
expect(errors["taxonomy_id"]).not_to be_nil
|
165
|
-
expect(errors["taxonomy_id"].first).to eq "Invalid taxonomy id."
|
166
|
-
|
167
|
-
expect(taxonomy.reload.root.children.count).to eq 1
|
168
|
-
end
|
169
|
-
|
170
|
-
it "can destroy" do
|
171
|
-
api_delete :destroy, :taxonomy_id => taxonomy.id, :id => taxon.id
|
172
|
-
expect(response.status).to eq(204)
|
173
|
-
end
|
174
|
-
end
|
175
|
-
|
176
|
-
end
|
177
|
-
end
|
@@ -1,26 +0,0 @@
|
|
1
|
-
require 'shared_examples/protect_product_actions'
|
2
|
-
require 'spec_helper'
|
3
|
-
|
4
|
-
module Spree
|
5
|
-
describe Api::V1::ProductsController, :type => :controller do
|
6
|
-
render_views
|
7
|
-
|
8
|
-
let!(:product) { create(:product) }
|
9
|
-
let(:attributes) { [:id, :name, :description, :price, :available_on, :slug, :meta_description, :meta_keywords, :taxon_ids] }
|
10
|
-
|
11
|
-
context "without authentication" do
|
12
|
-
before { Spree::Api::Config[:requires_authentication] = false }
|
13
|
-
|
14
|
-
it "retrieves a list of products" do
|
15
|
-
api_get :index
|
16
|
-
expect(json_response["products"].first).to have_attributes(attributes)
|
17
|
-
expect(json_response["count"]).to eq(1)
|
18
|
-
expect(json_response["current_page"]).to eq(1)
|
19
|
-
expect(json_response["pages"]).to eq(1)
|
20
|
-
end
|
21
|
-
|
22
|
-
it_behaves_like "modifying product actions are restricted"
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
@@ -1,153 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
module Spree
|
4
|
-
describe Api::V1::UsersController, :type => :controller do
|
5
|
-
render_views
|
6
|
-
|
7
|
-
let(:user) { create(:user, spree_api_key: rand.to_s) }
|
8
|
-
let(:stranger) { create(:user, :email => 'stranger@example.com') }
|
9
|
-
let(:attributes) { [:id, :email, :created_at, :updated_at] }
|
10
|
-
|
11
|
-
context "as a normal user" do
|
12
|
-
it "can get own details" do
|
13
|
-
api_get :show, id: user.id, token: user.spree_api_key
|
14
|
-
|
15
|
-
expect(json_response['email']).to eq user.email
|
16
|
-
end
|
17
|
-
|
18
|
-
it "cannot get other users details" do
|
19
|
-
api_get :show, id: stranger.id, token: user.spree_api_key
|
20
|
-
|
21
|
-
assert_not_found!
|
22
|
-
end
|
23
|
-
|
24
|
-
it "can learn how to create a new user" do
|
25
|
-
api_get :new, token: user.spree_api_key
|
26
|
-
expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
|
27
|
-
end
|
28
|
-
|
29
|
-
it "can create a new user" do
|
30
|
-
user_params = {
|
31
|
-
:email => 'new@example.com', :password => 'spree123', :password_confirmation => 'spree123'
|
32
|
-
}
|
33
|
-
|
34
|
-
api_post :create, :user => user_params, token: user.spree_api_key
|
35
|
-
expect(json_response['email']).to eq 'new@example.com'
|
36
|
-
end
|
37
|
-
|
38
|
-
# there's no validations on LegacyUser?
|
39
|
-
xit "cannot create a new user with invalid attributes" do
|
40
|
-
api_post :create, :user => {}, token: user.spree_api_key
|
41
|
-
expect(response.status).to eq(422)
|
42
|
-
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
|
43
|
-
errors = json_response["errors"]
|
44
|
-
end
|
45
|
-
|
46
|
-
it "can update own details" do
|
47
|
-
country = create(:country)
|
48
|
-
api_put :update, id: user.id, token: user.spree_api_key, user: {
|
49
|
-
email: "mine@example.com",
|
50
|
-
bill_address_attributes: {
|
51
|
-
first_name: 'First',
|
52
|
-
last_name: 'Last',
|
53
|
-
address1: '1 Test Rd',
|
54
|
-
city: 'City',
|
55
|
-
country_id: country.id,
|
56
|
-
state_id: 1,
|
57
|
-
zipcode: '55555',
|
58
|
-
phone: '5555555555'
|
59
|
-
},
|
60
|
-
ship_address_attributes: {
|
61
|
-
first_name: 'First',
|
62
|
-
last_name: 'Last',
|
63
|
-
address1: '1 Test Rd',
|
64
|
-
city: 'City',
|
65
|
-
country_id: country.id,
|
66
|
-
state_id: 1,
|
67
|
-
zipcode: '55555',
|
68
|
-
phone: '5555555555'
|
69
|
-
}
|
70
|
-
}
|
71
|
-
expect(json_response['email']).to eq 'mine@example.com'
|
72
|
-
expect(json_response['bill_address']).to_not be_nil
|
73
|
-
expect(json_response['ship_address']).to_not be_nil
|
74
|
-
end
|
75
|
-
|
76
|
-
it "cannot update other users details" do
|
77
|
-
api_put :update, id: stranger.id, token: user.spree_api_key, user: { :email => "mine@example.com" }
|
78
|
-
assert_not_found!
|
79
|
-
end
|
80
|
-
|
81
|
-
it "can delete itself" do
|
82
|
-
api_delete :destroy, id: user.id, token: user.spree_api_key
|
83
|
-
expect(response.status).to eq(204)
|
84
|
-
end
|
85
|
-
|
86
|
-
it "cannot delete other user" do
|
87
|
-
api_delete :destroy, id: stranger.id, token: user.spree_api_key
|
88
|
-
assert_not_found!
|
89
|
-
end
|
90
|
-
|
91
|
-
it "should only get own details on index" do
|
92
|
-
2.times { create(:user) }
|
93
|
-
api_get :index, token: user.spree_api_key
|
94
|
-
|
95
|
-
expect(Spree.user_class.count).to eq 3
|
96
|
-
expect(json_response['count']).to eq 1
|
97
|
-
expect(json_response['users'].size).to eq 1
|
98
|
-
end
|
99
|
-
end
|
100
|
-
|
101
|
-
context "as an admin" do
|
102
|
-
before { stub_authentication! }
|
103
|
-
|
104
|
-
sign_in_as_admin!
|
105
|
-
|
106
|
-
it "gets all users" do
|
107
|
-
allow(Spree::LegacyUser).to receive(:find_by).with(hash_including(:spree_api_key)) { current_api_user }
|
108
|
-
|
109
|
-
2.times { create(:user) }
|
110
|
-
|
111
|
-
api_get :index
|
112
|
-
expect(Spree.user_class.count).to eq 2
|
113
|
-
expect(json_response['count']).to eq 2
|
114
|
-
expect(json_response['users'].size).to eq 2
|
115
|
-
end
|
116
|
-
|
117
|
-
it 'can control the page size through a parameter' do
|
118
|
-
2.times { create(:user) }
|
119
|
-
api_get :index, :per_page => 1
|
120
|
-
expect(json_response['count']).to eq(1)
|
121
|
-
expect(json_response['current_page']).to eq(1)
|
122
|
-
expect(json_response['pages']).to eq(2)
|
123
|
-
end
|
124
|
-
|
125
|
-
it 'can query the results through a paramter' do
|
126
|
-
expected_result = create(:user, :email => 'brian@spreecommerce.com')
|
127
|
-
api_get :index, :q => { :email_cont => 'brian' }
|
128
|
-
expect(json_response['count']).to eq(1)
|
129
|
-
expect(json_response['users'].first['email']).to eq expected_result.email
|
130
|
-
end
|
131
|
-
|
132
|
-
it "can create" do
|
133
|
-
api_post :create, :user => { :email => "new@example.com", :password => 'spree123', :password_confirmation => 'spree123' }
|
134
|
-
expect(json_response).to have_attributes(attributes)
|
135
|
-
expect(response.status).to eq(201)
|
136
|
-
end
|
137
|
-
|
138
|
-
it "can destroy user without orders" do
|
139
|
-
user.orders.destroy_all
|
140
|
-
api_delete :destroy, :id => user.id
|
141
|
-
expect(response.status).to eq(204)
|
142
|
-
end
|
143
|
-
|
144
|
-
it "cannot destroy user with orders" do
|
145
|
-
create(:completed_order_with_totals, :user => user)
|
146
|
-
api_delete :destroy, :id => user.id
|
147
|
-
expect(json_response["exception"]).to eq "Spree::Core::DestroyWithOrdersError"
|
148
|
-
expect(response.status).to eq(422)
|
149
|
-
end
|
150
|
-
|
151
|
-
end
|
152
|
-
end
|
153
|
-
end
|