spree_api 3.2.9 → 3.3.0.rc1

data/spec/controllers/spree/api/v1/inventory_units_controller_spec.rb

@@ -0,0 +1,48 @@
+require 'spec_helper'
+
+module Spree
+  describe Api::V1::InventoryUnitsController, type: :controller do
+    render_views
+
+    before do
+      stub_authentication!
+      @inventory_unit = create(:inventory_unit)
+    end
+
+    context "as an admin" do
+      sign_in_as_admin!
+
+      it "gets an inventory unit" do
+        api_get :show, id: @inventory_unit.id
+        expect(json_response['state']).to eq @inventory_unit.state
+      end
+
+      it "updates an inventory unit" do
+        api_put :update, id: @inventory_unit.id,
+                         inventory_unit: { shipment_id: nil }
+        expect(json_response['shipment_id']).to be_nil
+      end
+
+      context 'fires state event' do
+        it 'if supplied with :fire param' do
+          api_put :update, id: @inventory_unit.id,
+                           fire: 'ship',
+                           inventory_unit: { shipment: { tracking: 'foobar' } }
+          expect(json_response['state']).to eq 'shipped'
+        end
+
+        it 'and returns exception if cannot fire' do
+          api_put :update, id: @inventory_unit.id,
+                           fire: 'return'
+          expect(json_response['exception']).to match /cannot transition to return/
+        end
+
+        it 'and returns exception bad state' do
+          api_put :update, id: @inventory_unit.id,
+                           fire: 'bad'
+          expect(json_response['exception']).to match /cannot transition to bad/
+        end
+      end
+    end
+  end
+end

data/spec/controllers/spree/api/v1/line_items_controller_spec.rb

@@ -0,0 +1,210 @@
+require 'spec_helper'
+
+module Spree
+  PermittedAttributes.module_eval do
+    mattr_writer :line_item_attributes
+  end
+
+  unless PermittedAttributes.line_item_attributes.include? :some_option
+    PermittedAttributes.line_item_attributes += [:some_option]
+  end
+
+  # This should go in an initializer
+  Spree::Api::V1::LineItemsController.line_item_options += [:some_option]
+
+  describe Api::V1::LineItemsController, type: :controller do
+    render_views
+
+    let!(:order) { create(:order_with_line_items, line_items_count: 1) }
+
+    let(:product) { create(:product) }
+    let(:attributes) { [:id, :quantity, :price, :variant, :total, :display_amount, :single_display_amount] }
+    let(:resource_scoping) { { order_id: order.to_param } }
+
+    before do
+      stub_authentication!
+    end
+
+    it "can learn how to create a new line item" do
+      api_get :new
+      expect(json_response["attributes"]).to eq(["quantity", "price", "variant_id"])
+      required_attributes = json_response["required_attributes"]
+      expect(required_attributes).to include("quantity", "variant_id")
+    end
+
+    context "authenticating with a token" do
+      it "can add a new line item to an existing order" do
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }, order_token: order.guest_token
+        expect(response.status).to eq(201)
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["variant"]["name"]).not_to be_blank
+      end
+
+      it "can add a new line item to an existing order with token in header" do
+        request.headers["X-Spree-Order-Token"] = order.guest_token
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+        expect(response.status).to eq(201)
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["variant"]["name"]).not_to be_blank
+      end
+    end
+
+    context "as the order owner" do
+      before do
+        allow_any_instance_of(Order).to receive_messages user: current_api_user
+      end
+
+      it "can add a new line item to an existing order" do
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+        expect(response.status).to eq(201)
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["variant"]["name"]).not_to be_blank
+      end
+
+      it "can add a new line item to an existing order with options" do
+        expect_any_instance_of(LineItem).to receive(:some_option=).with("foo")
+        api_post :create,
+                 line_item: {
+                   variant_id: product.master.to_param,
+                   quantity: 1,
+                   options: { some_option: "foo" }
+                 }
+        expect(response.status).to eq(201)
+      end
+
+      it "default quantity to 1 if none is given" do
+        api_post :create, line_item: { variant_id: product.master.to_param }
+        expect(response.status).to eq(201)
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response[:quantity]).to eq 1
+      end
+
+      it "increases a line item's quantity if it exists already" do
+        order.line_items.create(variant_id: product.master.id, quantity: 10)
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+        expect(response.status).to eq(201)
+        order.reload
+        expect(order.line_items.count).to eq(2) # 1 original due to factory, + 1 in this test
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["quantity"]).to eq(11)
+      end
+
+      it "can update a line item on the order" do
+        line_item = order.line_items.first
+        api_put :update, id: line_item.id, line_item: { quantity: 101 }
+        expect(response.status).to eq(200)
+        order.reload
+        expect(order.total).to eq(1010) # 10 original due to factory, + 1000 in this test
+        expect(json_response).to have_attributes(attributes)
+        expect(json_response["quantity"]).to eq(101)
+      end
+
+      it "can update a line item's options on the order" do
+        expect_any_instance_of(LineItem).to receive(:some_option=).with("foo")
+        line_item = order.line_items.first
+        api_put :update,
+                id: line_item.id,
+                line_item: { quantity: 1, options: { some_option: "foo" } }
+        expect(response.status).to eq(200)
+      end
+
+      it "can delete a line item on the order" do
+        line_item = order.line_items.first
+        api_delete :destroy, id: line_item.id
+        expect(response.status).to eq(204)
+        order.reload
+        expect(order.line_items.count).to eq(0) # 1 original due to factory, - 1 in this test
+        expect { line_item.reload }.to raise_error(ActiveRecord::RecordNotFound)
+      end
+
+      context "order contents changed after shipments were created" do
+        let!(:order) { Order.create }
+        let!(:line_item) { order.contents.add(product.master) }
+
+        before { order.create_proposed_shipments }
+
+        it "clear out shipments on create" do
+          expect(order.reload.shipments).not_to be_empty
+          api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+          expect(order.reload.shipments).to be_empty
+        end
+
+        it "clear out shipments on update" do
+          expect(order.reload.shipments).not_to be_empty
+          api_put :update, id: line_item.id, line_item: { quantity: 1000 }
+          expect(order.reload.shipments).to be_empty
+        end
+
+        it "clear out shipments on delete" do
+          expect(order.reload.shipments).not_to be_empty
+          api_delete :destroy, id: line_item.id
+          expect(order.reload.shipments).to be_empty
+        end
+
+        context "order is completed" do
+          before do
+            order.reload
+            allow(order).to receive_messages completed?: true
+            allow(Order).to receive_message_chain :includes, find_by!: order
+          end
+
+          it "doesn't destroy shipments or restart checkout flow" do
+            expect(order.reload.shipments).not_to be_empty
+            api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+            expect(order.reload.shipments).not_to be_empty
+          end
+
+          context 'deleting line items' do
+            let(:shipments) { order.shipments.load }
+
+            before(:each) do
+              allow(order).to receive(:shipments).and_return(shipments)
+            end
+
+            it 'restocks product after line item removal' do
+              line_item = order.line_items.first
+              variant = line_item.variant
+              expect do
+                api_delete :destroy, id: line_item.id
+              end.to change { variant.total_on_hand }.by(line_item.quantity)
+
+              expect(response.status).to eq(204)
+              order.reload
+              expect(order.line_items.count).to eq(0)
+            end
+
+            it 'calls `restock` on proper stock location' do
+              expect(shipments.first.stock_location).to receive(:restock)
+              api_delete :destroy, id: line_item.id
+            end
+          end
+        end
+      end
+    end
+
+    context "as just another user" do
+      before do
+        user = create(:user)
+      end
+
+      it "cannot add a new line item to the order" do
+        api_post :create, line_item: { variant_id: product.master.to_param, quantity: 1 }
+        assert_unauthorized!
+      end
+
+      it "cannot update a line item on the order" do
+        line_item = order.line_items.first
+        api_put :update, id: line_item.id, line_item: { quantity: 1000 }
+        assert_unauthorized!
+        expect(line_item.reload.quantity).not_to eq(1000)
+      end
+
+      it "cannot delete a line item on the order" do
+        line_item = order.line_items.first
+        api_delete :destroy, id: line_item.id
+        assert_unauthorized!
+        expect { line_item.reload }.not_to raise_error
+      end
+    end
+  end
+end

data/spec/controllers/spree/api/v1/option_types_controller_spec.rb

@@ -0,0 +1,122 @@
+require 'spec_helper'
+
+module Spree
+  describe Api::V1::OptionTypesController, type: :controller do
+    render_views
+
+    let(:attributes) { [:id, :name, :presentation, :position] }
+    let!(:option_value) { create(:option_value) }
+    let!(:option_type) { option_value.option_type }
+
+    before do
+      stub_authentication!
+    end
+
+    def check_option_values(option_values)
+      expect(option_values.count).to eq(1)
+      expect(option_values.first).to have_attributes([:id, :name, :presentation,
+                                                      :option_type_id, :option_type_name])
+    end
+
+    it "can list all option types" do
+      api_get :index
+      expect(json_response.count).to eq(1)
+      expect(json_response.first).to have_attributes(attributes)
+
+      check_option_values(json_response.first["option_values"])
+    end
+
+    it "can search for an option type" do
+      create(:option_type, name: "buzz")
+      api_get :index, q: { name_cont: option_type.name }
+      expect(json_response.count).to eq(1)
+      expect(json_response.first).to have_attributes(attributes)
+    end
+
+    it "can retrieve a list of specific option types" do
+      option_type_1 = create(:option_type)
+      option_type_2 = create(:option_type)
+      api_get :index, ids: "#{option_type.id},#{option_type_1.id}"
+      expect(json_response.count).to eq(2)
+
+      check_option_values(json_response.first["option_values"])
+    end
+
+    it "can list a single option type" do
+      api_get :show, id: option_type.id
+      expect(json_response).to have_attributes(attributes)
+      check_option_values(json_response["option_values"])
+    end
+
+    it "can learn how to create a new option type" do
+      api_get :new
+      expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
+      expect(json_response["required_attributes"]).to_not be_empty
+    end
+
+    it "cannot create a new option type" do
+      api_post :create, option_type: {
+                        name: "Option Type",
+                        presentation: "Option Type"
+                      }
+      assert_unauthorized!
+    end
+
+    it "cannot alter an option type" do
+      original_name = option_type.name
+      api_put :update, id: option_type.id,
+                        option_type: {
+                          name: "Option Type"
+                        }
+      assert_not_found!
+      expect(option_type.reload.name).to eq(original_name)
+    end
+
+    it "cannot delete an option type" do
+      api_delete :destroy, id: option_type.id
+      assert_not_found!
+      expect { option_type.reload }.not_to raise_error
+    end
+
+    context "as an admin" do
+      sign_in_as_admin!
+
+      it "can create an option type" do
+        api_post :create, option_type: {
+                          name: "Option Type",
+                          presentation: "Option Type"
+                        }
+        expect(json_response).to have_attributes(attributes)
+        expect(response.status).to eq(201)
+      end
+
+      it "cannot create an option type with invalid attributes" do
+        api_post :create, option_type: {}
+        expect(response.status).to eq(422)
+      end
+
+      it "can update an option type" do
+        original_name = option_type.name
+        api_put :update, id: option_type.id, option_type: {
+                              name: "Option Type",
+                            }
+        expect(response.status).to eq(200)
+
+        option_type.reload
+        expect(option_type.name).to eq("Option Type")
+      end
+
+      it "cannot update an option type with invalid attributes" do
+        api_put :update, id: option_type.id, option_type: {
+                          name: ""
+                         }
+        expect(response.status).to eq(422)
+      end
+
+      it "can delete an option type" do
+        api_delete :destroy, id: option_type.id
+        expect(response.status).to eq(204)
+      end
+    end
+  end
+end

data/spec/controllers/spree/api/v1/option_values_controller_spec.rb

@@ -0,0 +1,141 @@
+require 'spec_helper'
+
+module Spree
+  describe Api::V1::OptionValuesController, type: :controller do
+    render_views
+
+    let(:attributes) { [:id, :name, :presentation, :option_type_name, :option_type_id, :option_type_presentation] }
+    let!(:option_value) { create(:option_value) }
+    let!(:option_type) { option_value.option_type }
+
+    before do
+      stub_authentication!
+    end
+
+    def check_option_values(option_values)
+      expect(option_values.count).to eq(1)
+      expect(option_values.first).to have_attributes([:id, :name, :presentation,
+                                                  :option_type_name, :option_type_id])
+    end
+
+    context "without any option type scoping" do
+      before do
+        # Create another option value with a brand new option type
+        create(:option_value, option_type: create(:option_type))
+      end
+
+      it "can retrieve a list of all option values" do
+        api_get :index
+        expect(json_response.count).to eq(2)
+        expect(json_response.first).to have_attributes(attributes)
+      end
+    end
+
+    context "for a particular option type" do
+      let(:resource_scoping) { { option_type_id: option_type.id } }
+
+      it "can list all option values" do
+        api_get :index
+        expect(json_response.count).to eq(1)
+        expect(json_response.first).to have_attributes(attributes)
+      end
+
+      it "can search for an option type" do
+        create(:option_value, name: "buzz")
+        api_get :index, q: { name_cont: option_value.name }
+        expect(json_response.count).to eq(1)
+        expect(json_response.first).to have_attributes(attributes)
+      end
+
+      it "can retrieve a list of option types" do
+        option_value_1 = create(:option_value, option_type: option_type)
+        option_value_2 = create(:option_value, option_type: option_type)
+        api_get :index, ids: [option_value.id, option_value_1.id]
+        expect(json_response.count).to eq(2)
+      end
+
+      it "can list a single option value" do
+        api_get :show, id: option_value.id
+        expect(json_response).to have_attributes(attributes)
+      end
+
+      it "cannot create a new option value" do
+        api_post :create, option_value: {
+                          name: "Option Value",
+                          presentation: "Option Value"
+                        }
+        assert_unauthorized!
+      end
+
+      it "cannot alter an option value" do
+        original_name = option_type.name
+        api_put :update, id: option_type.id,
+                          option_value: {
+                            name: "Option Value"
+                          }
+        assert_not_found!
+        expect(option_type.reload.name).to eq(original_name)
+      end
+
+      it "cannot delete an option value" do
+        api_delete :destroy, id: option_type.id
+        assert_not_found!
+        expect { option_type.reload }.not_to raise_error
+      end
+
+      context "as an admin" do
+        sign_in_as_admin!
+
+        it "can learn how to create a new option value" do
+          api_get :new
+          expect(json_response["attributes"]).to eq(attributes.map(&:to_s))
+          expect(json_response["required_attributes"]).to_not be_empty
+        end
+
+        it "can create an option value" do
+          api_post :create, option_value: {
+                            name: "Option Value",
+                            presentation: "Option Value"
+                          }
+          expect(json_response).to have_attributes(attributes)
+          expect(response.status).to eq(201)
+        end
+
+        it "cannot create an option type with invalid attributes" do
+          api_post :create, option_value: {}
+          expect(response.status).to eq(422)
+        end
+
+        it "can update an option value" do
+          original_name = option_value.name
+          api_put :update, id: option_value.id, option_value: {
+                                name: "Option Value",
+                              }
+          expect(response.status).to eq(200)
+
+          option_value.reload
+          expect(option_value.name).to eq("Option Value")
+        end
+
+        it "permits the correct attributes" do
+          expect(controller).to receive(:permitted_option_value_attributes)
+          api_put :update, id: option_value.id, option_value: {
+                            name: ""
+                           }
+        end
+
+        it "cannot update an option value with invalid attributes" do
+          api_put :update, id: option_value.id, option_value: {
+                            name: ""
+                           }
+          expect(response.status).to eq(422)
+        end
+
+        it "can delete an option value" do
+          api_delete :destroy, id: option_value.id
+          expect(response.status).to eq(204)
+        end
+      end
+    end
+  end
+end