RubyGems - spree_api - Versions diffs - 3.2.1 → 3.2.2 - Mend

spree_api 3.2.1 → 3.2.2

Files changed (45) hide show

data/spec/controllers/spree/api/v1/tags_controller_spec.rb DELETED Viewed

@@ -1,102 +0,0 @@
-require 'spec_helper'
-module Spree
-  describe Api::V1::TagsController, type: :controller do
-    render_views
-    let!(:tag) { create(:tag) }
-    let(:base_attributes) { Api::ApiHelpers.tag_attributes }
-    before do
-      stub_authentication!
-    end
-    context "as a normal user" do
-      context "with caching enabled" do
-        let!(:tag_2) { create(:tag) }
-        before do
-          ActionController::Base.perform_caching = true
-        end
-        it "returns unique tags" do
-          api_get :index
-          tag_ids = json_response["tags"].map { |p| p["id"] }
-          expect(tag_ids.uniq.count).to eq(tag_ids.count)
-        end
-        after do
-          ActionController::Base.perform_caching = false
-        end
-      end
-      it "retrieves a list of tags" do
-        api_get :index
-        expect(json_response["tags"].first).to have_attributes(base_attributes)
-        expect(json_response["total_count"]).to eq(1)
-        expect(json_response["current_page"]).to eq(1)
-        expect(json_response["pages"]).to eq(1)
-        expect(json_response["per_page"]).to eq(Kaminari.config.default_per_page)
-      end
-      it "retrieves a list of tags by id" do
-        api_get :index, ids: [tag.id]
-        expect(json_response["tags"].first).to have_attributes(base_attributes)
-        expect(json_response["total_count"]).to eq(1)
-        expect(json_response["current_page"]).to eq(1)
-        expect(json_response["pages"]).to eq(1)
-        expect(json_response["per_page"]).to eq(Kaminari.config.default_per_page)
-      end
-      it "retrieves a list of tags by ids string" do
-        second_tag = create(:tag)
-        api_get :index, ids: [tag.id, second_tag.id].join(",")
-        expect(json_response["tags"].first).to have_attributes(base_attributes)
-        expect(json_response["tags"][1]).to have_attributes(base_attributes)
-        expect(json_response["total_count"]).to eq(2)
-        expect(json_response["current_page"]).to eq(1)
-        expect(json_response["pages"]).to eq(1)
-        expect(json_response["per_page"]).to eq(Kaminari.config.default_per_page)
-      end
-      context "pagination" do
-        let!(:second_tag) { create(:tag) }
-        it "can select the next page of tags" do
-          api_get :index, page: 2, per_page: 1
-          expect(json_response["tags"].first).to have_attributes(base_attributes)
-          expect(json_response["total_count"]).to eq(2)
-          expect(json_response["current_page"]).to eq(2)
-          expect(json_response["pages"]).to eq(2)
-        end
-        it 'can control the page size through a parameter' do
-          api_get :index, per_page: 1
-          expect(json_response['count']).to eq(1)
-          expect(json_response['total_count']).to eq(2)
-          expect(json_response['current_page']).to eq(1)
-          expect(json_response['pages']).to eq(2)
-        end
-      end
-      it "can search for tags" do
-        create(:tag, name: "The best tag in the world")
-        api_get :index, q: { name_cont: "best" }
-        expect(json_response["tags"].first).to have_attributes(base_attributes)
-        expect(json_response["count"]).to eq(1)
-      end
-    end
-    context "as an admin" do
-      sign_in_as_admin!
-      it "can see all tags" do
-        api_get :index
-        expect(json_response["tags"].count).to eq(1)
-        expect(json_response["count"]).to eq(1)
-        expect(json_response["current_page"]).to eq(1)
-        expect(json_response["pages"]).to eq(1)
-      end
-    end
-  end
-end

data/spec/controllers/spree/api/v1/taxonomies_controller_spec.rb DELETED Viewed

@@ -1,114 +0,0 @@
-require 'spec_helper'
-module Spree
-  describe Api::V1::TaxonomiesController, type: :controller do
-    render_views
-    let(:taxonomy) { create(:taxonomy) }
-    let(:taxon) { create(:taxon, name: "Ruby", taxonomy: taxonomy) }
-    let(:taxon2) { create(:taxon, name: "Rails", taxonomy: taxonomy) }
-    let(:attributes) { [:id, :name] }
-    before do
-      stub_authentication!
-      taxon2.children << create(:taxon, name: "3.2.2", taxonomy: taxonomy)
-      taxon.children << taxon2
-      taxonomy.root.children << taxon
-    end
-    context "as a normal user" do
-      it "gets all taxonomies" do
-        api_get :index
-        expect(json_response["taxonomies"].first['name']).to eq taxonomy.name
-        expect(json_response["taxonomies"].first['root']['taxons'].count).to eq 1
-      end
-      it 'can control the page size through a parameter' do
-        create(:taxonomy)
-        api_get :index, per_page: 1
-        expect(json_response['count']).to eq(1)
-        expect(json_response['current_page']).to eq(1)
-        expect(json_response['pages']).to eq(2)
-      end
-      it 'can query the results through a paramter' do
-        expected_result = create(:taxonomy, name: 'Style')
-        api_get :index, q: { name_cont: 'style' }
-        expect(json_response['count']).to eq(1)
-        expect(json_response['taxonomies'].first['name']).to eq expected_result.name
-      end
-      it "gets a single taxonomy" do
-        api_get :show, id: taxonomy.id
-        expect(json_response['name']).to eq taxonomy.name
-        children = json_response['root']['taxons']
-        expect(children.count).to eq 1
-        expect(children.first['name']).to eq taxon.name
-        expect(children.first.key?('taxons')).to be false
-      end
-      it "gets a single taxonomy with set=nested" do
-        api_get :show, id: taxonomy.id, set: 'nested'
-        expect(json_response['name']).to eq taxonomy.name
-        children = json_response['root']['taxons']
-        expect(children.first.key?('taxons')).to be true
-      end
-      it "gets the jstree-friendly version of a taxonomy" do
-        api_get :jstree, id: taxonomy.id
-        expect(json_response["data"]).to eq(taxonomy.root.name)
-        expect(json_response["attr"]).to eq({ "id" => taxonomy.root.id, "name" => taxonomy.root.name})
-        expect(json_response["state"]).to eq("closed")
-      end
-      it "can learn how to create a new taxonomy" do
-        api_get :new
-        expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
-        required_attributes = json_response["required_attributes"]
-        expect(required_attributes).to include("name")
-      end
-      it "cannot create a new taxonomy if not an admin" do
-        api_post :create, taxonomy: { name: "Location" }
-        assert_unauthorized!
-      end
-      it "cannot update a taxonomy" do
-        api_put :update, id: taxonomy.id, taxonomy: { name: "I hacked your store!" }
-        assert_unauthorized!
-      end
-      it "cannot delete a taxonomy" do
-        api_delete :destroy, id: taxonomy.id
-        assert_unauthorized!
-      end
-    end
-    context "as an admin" do
-      sign_in_as_admin!
-      it "can create" do
-        api_post :create, taxonomy: { name: "Colors"}
-        expect(json_response).to have_attributes(attributes)
-        expect(response.status).to eq(201)
-      end
-      it "cannot create a new taxonomy with invalid attributes" do
-        api_post :create, taxonomy: {}
-        expect(response.status).to eq(422)
-        expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
-        errors = json_response["errors"]
-      end
-      it "can destroy" do
-        api_delete :destroy, id: taxonomy.id
-        expect(response.status).to eq(204)
-      end
-    end
-  end
-end

data/spec/controllers/spree/api/v1/taxons_controller_spec.rb DELETED Viewed

@@ -1,177 +0,0 @@
-require 'spec_helper'
-module Spree
-  describe Api::V1::TaxonsController, type: :controller do
-    render_views
-    let(:taxonomy) { create(:taxonomy) }
-    let(:taxon) { create(:taxon, name: "Ruby", taxonomy: taxonomy) }
-    let(:taxon2) { create(:taxon, name: "Rails", taxonomy: taxonomy) }
-    let(:attributes) { ["id", "name", "pretty_name", "permalink", "parent_id", "taxonomy_id", "meta_title", "meta_description"] }
-    before do
-      stub_authentication!
-      taxon2.children << create(:taxon, name: "3.2.2", taxonomy: taxonomy)
-      taxon.children << taxon2
-      taxonomy.root.children << taxon
-    end
-    context "as a normal user" do
-      it "gets all taxons for a taxonomy" do
-        api_get :index, taxonomy_id: taxonomy.id
-        expect(json_response['taxons'].first['name']).to eq taxon.name
-        children = json_response['taxons'].first['taxons']
-        expect(children.count).to eq 1
-        expect(children.first['name']).to eq taxon2.name
-        expect(children.first['taxons'].count).to eq 1
-      end
-      # Regression test for #4112
-      it "does not include children when asked not to" do
-        api_get :index, taxonomy_id: taxonomy.id, without_children: 1
-        expect(json_response['taxons'].first['name']).to eq(taxon.name)
-        expect(json_response['taxons'].first['taxons']).to be_nil
-      end
-      it "paginates through taxons" do
-        new_taxon = create(:taxon, name: "Go", taxonomy: taxonomy)
-        taxonomy.root.children << new_taxon
-        expect(taxonomy.root.children.count).to eql(2)
-        api_get :index, taxonomy_id: taxonomy.id, page: 1, per_page: 1
-        expect(json_response["count"]).to eql(1)
-        expect(json_response["total_count"]).to eql(2)
-        expect(json_response["current_page"]).to eql(1)
-        expect(json_response["per_page"]).to eql(1)
-        expect(json_response["pages"]).to eql(2)
-      end
-      describe 'searching' do
-        context 'with a name' do
-          before do
-            api_get :index, q: { name_cont: name }
-          end
-          context 'with one result' do
-            let(:name) { "Ruby" }
-            it "returns an array including the matching taxon" do
-              expect(json_response['taxons'].count).to eq(1)
-              expect(json_response['taxons'].first['name']).to eq "Ruby"
-            end
-          end
-          context 'with no results' do
-            let(:name) { "Imaginary" }
-            it 'returns an empty array of taxons' do
-              expect(json_response.keys).to include('taxons')
-              expect(json_response['taxons'].count).to eq(0)
-            end
-          end
-        end
-        context 'with no filters' do
-          it "gets all taxons" do
-            api_get :index
-            expect(json_response['taxons'].first['name']).to eq taxonomy.root.name
-            children = json_response['taxons'].first['taxons']
-            expect(children.count).to eq 1
-            expect(children.first['name']).to eq taxon.name
-            expect(children.first['taxons'].count).to eq 1
-          end
-        end
-      end
-      it "gets a single taxon" do
-        api_get :show, id: taxon.id, taxonomy_id: taxonomy.id
-        expect(json_response['name']).to eq taxon.name
-        expect(json_response['taxons'].count).to eq 1
-      end
-      it "gets all taxons in JSTree form" do
-        api_get :jstree, taxonomy_id: taxonomy.id, id: taxon.id
-        response = json_response.first
-        expect(response["data"]).to eq(taxon2.name)
-        expect(response["attr"]).to eq({ "name" => taxon2.name, "id" => taxon2.id})
-        expect(response["state"]).to eq("closed")
-      end
-      it "can learn how to create a new taxon" do
-        api_get :new, taxonomy_id: taxonomy.id
-        expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
-        required_attributes = json_response["required_attributes"]
-        expect(required_attributes).to include("name")
-      end
-      it "cannot create a new taxon if not an admin" do
-        api_post :create, taxonomy_id: taxonomy.id, taxon: { name: "Location" }
-        assert_unauthorized!
-      end
-      it "cannot update a taxon" do
-        api_put :update, taxonomy_id: taxonomy.id, id: taxon.id, taxon: { name: "I hacked your store!" }
-        assert_unauthorized!
-      end
-      it "cannot delete a taxon" do
-        api_delete :destroy, taxonomy_id: taxonomy.id, id: taxon.id
-        assert_unauthorized!
-      end
-    end
-    context "as an admin" do
-      sign_in_as_admin!
-      it "can create" do
-        api_post :create, taxonomy_id: taxonomy.id, taxon: { name: "Colors" }
-        expect(json_response).to have_attributes(attributes)
-        expect(response.status).to eq(201)
-        expect(taxonomy.reload.root.children.count).to eq 2
-        taxon = Spree::Taxon.where(name: 'Colors').first
-        expect(taxon.parent_id).to eq taxonomy.root.id
-        expect(taxon.taxonomy_id).to eq taxonomy.id
-      end
-      it "can update the position in the list" do
-        taxonomy.root.children << taxon2
-        api_put :update, taxonomy_id: taxonomy.id, id: taxon.id, taxon: {parent_id: taxon.parent_id, child_index: 2 }
-        expect(response.status).to eq(200)
-        expect(taxonomy.reload.root.children[0]).to eql taxon2
-        expect(taxonomy.reload.root.children[1]).to eql taxon
-      end
-      it "cannot create a new taxon with invalid attributes" do
-        api_post :create, taxonomy_id: taxonomy.id, taxon: { foo: :bar }
-        expect(response.status).to eq(422)
-        expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
-        errors = json_response["errors"]
-        expect(taxonomy.reload.root.children.count).to eq 1
-      end
-      it "cannot create a new taxon with invalid taxonomy_id" do
-        api_post :create, taxonomy_id: 1000, taxon: { name: "Colors" }
-        expect(response.status).to eq(422)
-        expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
-        errors = json_response["errors"]
-        expect(errors["taxonomy_id"]).not_to be_nil
-        expect(errors["taxonomy_id"].first).to eq "Invalid taxonomy id."
-        expect(taxonomy.reload.root.children.count).to eq 1
-      end
-      it "can destroy" do
-        api_delete :destroy, taxonomy_id: taxonomy.id, id: taxon.id
-        expect(response.status).to eq(204)
-      end
-    end
-  end
-end

data/spec/controllers/spree/api/v1/unauthenticated_products_controller_spec.rb DELETED Viewed

@@ -1,26 +0,0 @@
-require 'shared_examples/protect_product_actions'
-require 'spec_helper'
-module Spree
-  describe Api::V1::ProductsController, type: :controller do
-    render_views
-    let!(:product) { create(:product) }
-    let(:attributes) { [:id, :name, :description, :price, :available_on, :slug, :meta_description, :meta_keywords, :taxon_ids] }
-    context "without authentication" do
-      before { Spree::Api::Config[:requires_authentication] = false }
-      it "retrieves a list of products" do
-        api_get :index
-        expect(json_response["products"].first).to have_attributes(attributes)
-        expect(json_response["count"]).to eq(1)
-        expect(json_response["current_page"]).to eq(1)
-        expect(json_response["pages"]).to eq(1)
-      end
-      it_behaves_like "modifying product actions are restricted"
-    end
-  end
-end

data/spec/controllers/spree/api/v1/users_controller_spec.rb DELETED Viewed

@@ -1,153 +0,0 @@
-require 'spec_helper'
-module Spree
-  describe Api::V1::UsersController, type: :controller do
-    render_views
-    let(:user) { create(:user, spree_api_key: rand.to_s) }
-    let(:stranger) { create(:user, email: 'stranger@example.com') }
-    let(:attributes) { [:id, :email, :created_at, :updated_at] }
-    context "as a normal user" do
-      it "can get own details" do
-        api_get :show, id: user.id, token: user.spree_api_key
-        expect(json_response['email']).to eq user.email
-      end
-      it "cannot get other users details" do
-        api_get :show, id: stranger.id, token: user.spree_api_key
-        assert_not_found!
-      end
-      it "can learn how to create a new user" do
-        api_get :new, token: user.spree_api_key
-        expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
-      end
-      it "can create a new user" do
-        user_params = {
-          email: 'new@example.com', password: 'spree123', password_confirmation: 'spree123'
-        }
-        api_post :create, user: user_params, token: user.spree_api_key
-        expect(json_response['email']).to eq 'new@example.com'
-      end
-      # there's no validations on LegacyUser?
-      xit "cannot create a new user with invalid attributes" do
-        api_post :create, user: {}, token: user.spree_api_key
-        expect(response.status).to eq(422)
-        expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
-        errors = json_response["errors"]
-      end
-      it "can update own details" do
-        country = create(:country)
-        api_put :update, id: user.id, token: user.spree_api_key, user: {
-          email: "mine@example.com",
-          bill_address_attributes: {
-            first_name: 'First',
-            last_name: 'Last',
-            address1: '1 Test Rd',
-            city: 'City',
-            country_id: country.id,
-            state_id: 1,
-            zipcode: '55555',
-            phone: '5555555555'
-          },
-          ship_address_attributes: {
-            first_name: 'First',
-            last_name: 'Last',
-            address1: '1 Test Rd',
-            city: 'City',
-            country_id: country.id,
-            state_id: 1,
-            zipcode: '55555',
-            phone: '5555555555'
-          }
-        }
-        expect(json_response['email']).to eq 'mine@example.com'
-        expect(json_response['bill_address']).to_not be_nil
-        expect(json_response['ship_address']).to_not be_nil
-      end
-      it "cannot update other users details" do
-        api_put :update, id: stranger.id, token: user.spree_api_key, user: { email: "mine@example.com" }
-        assert_not_found!
-      end
-      it "can delete itself" do
-        api_delete :destroy, id: user.id, token: user.spree_api_key
-        expect(response.status).to eq(204)
-      end
-      it "cannot delete other user" do
-        api_delete :destroy, id: stranger.id, token: user.spree_api_key
-        assert_not_found!
-      end
-      it "should only get own details on index" do
-        2.times { create(:user) }
-        api_get :index, token: user.spree_api_key
-        expect(Spree.user_class.count).to eq 3
-        expect(json_response['count']).to eq 1
-        expect(json_response['users'].size).to eq 1
-      end
-    end
-    context "as an admin" do
-      before { stub_authentication! }
-      sign_in_as_admin!
-      it "gets all users" do
-        allow(Spree::LegacyUser).to receive(:find_by).with(hash_including(:spree_api_key)) { current_api_user }
-        2.times { create(:user) }
-        api_get :index
-        expect(Spree.user_class.count).to eq 2
-        expect(json_response['count']).to eq 2
-        expect(json_response['users'].size).to eq 2
-      end
-      it 'can control the page size through a parameter' do
-        2.times { create(:user) }
-        api_get :index, per_page: 1
-        expect(json_response['count']).to eq(1)
-        expect(json_response['current_page']).to eq(1)
-        expect(json_response['pages']).to eq(2)
-      end
-      it 'can query the results through a paramter' do
-        expected_result = create(:user, email: 'brian@spreecommerce.com')
-        api_get :index, q: { email_cont: 'brian' }
-        expect(json_response['count']).to eq(1)
-        expect(json_response['users'].first['email']).to eq expected_result.email
-      end
-      it "can create" do
-        api_post :create, user: { email: "new@example.com", password: 'spree123', password_confirmation: 'spree123' }
-        expect(json_response).to have_attributes(attributes)
-        expect(response.status).to eq(201)
-      end
-      it "can destroy user without orders" do
-        user.orders.destroy_all
-        api_delete :destroy, id: user.id
-        expect(response.status).to eq(204)
-      end
-      it "cannot destroy user with orders" do
-        create(:completed_order_with_totals, user: user)
-        api_delete :destroy, id: user.id
-        expect(json_response["exception"]).to eq "Spree::Core::DestroyWithOrdersError"
-        expect(response.status).to eq(422)
-      end
-    end
-  end
-end