spree_api 3.2.9 → 3.3.0.rc1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (64) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/spree/api/base_controller.rb +11 -12
  3. data/app/controllers/spree/api/v1/checkouts_controller.rb +5 -8
  4. data/app/controllers/spree/api/v1/customer_returns_controller.rb +24 -0
  5. data/app/controllers/spree/api/v1/orders_controller.rb +13 -24
  6. data/app/controllers/spree/api/v1/payments_controller.rb +2 -3
  7. data/app/controllers/spree/api/v1/reimbursements_controller.rb +24 -0
  8. data/app/controllers/spree/api/v1/shipments_controller.rb +4 -4
  9. data/app/controllers/spree/api/v1/zones_controller.rb +8 -3
  10. data/app/helpers/spree/api/api_helpers.rb +13 -1
  11. data/app/models/concerns/spree/user_api_authentication.rb +19 -0
  12. data/app/models/concerns/spree/user_api_methods.rb +7 -0
  13. data/app/views/spree/api/v1/customer_returns/index.v1.rabl +7 -0
  14. data/app/views/spree/api/v1/line_items/show.v1.rabl +0 -1
  15. data/app/views/spree/api/v1/reimbursements/index.v1.rabl +7 -0
  16. data/config/initializers/user_class_extensions.rb +7 -0
  17. data/config/routes.rb +3 -0
  18. data/spec/controllers/spree/api/base_controller_spec.rb +84 -0
  19. data/spec/controllers/spree/api/v1/addresses_controller_spec.rb +56 -0
  20. data/spec/controllers/spree/api/v1/checkouts_controller_spec.rb +361 -0
  21. data/spec/controllers/spree/api/v1/classifications_controller_spec.rb +48 -0
  22. data/spec/controllers/spree/api/v1/countries_controller_spec.rb +48 -0
  23. data/spec/controllers/spree/api/v1/credit_cards_controller_spec.rb +80 -0
  24. data/spec/controllers/spree/api/v1/customer_returns_controller_spec.rb +27 -0
  25. data/spec/controllers/spree/api/v1/images_controller_spec.rb +114 -0
  26. data/spec/controllers/spree/api/v1/inventory_units_controller_spec.rb +48 -0
  27. data/spec/controllers/spree/api/v1/line_items_controller_spec.rb +210 -0
  28. data/spec/controllers/spree/api/v1/option_types_controller_spec.rb +122 -0
  29. data/spec/controllers/spree/api/v1/option_values_controller_spec.rb +141 -0
  30. data/spec/controllers/spree/api/v1/orders_controller_spec.rb +735 -0
  31. data/spec/controllers/spree/api/v1/payments_controller_spec.rb +234 -0
  32. data/spec/controllers/spree/api/v1/product_properties_controller_spec.rb +156 -0
  33. data/spec/controllers/spree/api/v1/products_controller_spec.rb +409 -0
  34. data/spec/controllers/spree/api/v1/promotion_application_spec.rb +50 -0
  35. data/spec/controllers/spree/api/v1/promotions_controller_spec.rb +64 -0
  36. data/spec/controllers/spree/api/v1/properties_controller_spec.rb +102 -0
  37. data/spec/controllers/spree/api/v1/reimbursements_controller_spec.rb +24 -0
  38. data/spec/controllers/spree/api/v1/return_authorizations_controller_spec.rb +161 -0
  39. data/spec/controllers/spree/api/v1/shipments_controller_spec.rb +187 -0
  40. data/spec/controllers/spree/api/v1/states_controller_spec.rb +86 -0
  41. data/spec/controllers/spree/api/v1/stock_items_controller_spec.rb +151 -0
  42. data/spec/controllers/spree/api/v1/stock_locations_controller_spec.rb +113 -0
  43. data/spec/controllers/spree/api/v1/stock_movements_controller_spec.rb +84 -0
  44. data/spec/controllers/spree/api/v1/stores_controller_spec.rb +133 -0
  45. data/spec/controllers/spree/api/v1/tags_controller_spec.rb +102 -0
  46. data/spec/controllers/spree/api/v1/taxonomies_controller_spec.rb +114 -0
  47. data/spec/controllers/spree/api/v1/taxons_controller_spec.rb +177 -0
  48. data/spec/controllers/spree/api/v1/unauthenticated_products_controller_spec.rb +26 -0
  49. data/spec/controllers/spree/api/v1/users_controller_spec.rb +153 -0
  50. data/spec/controllers/spree/api/v1/variants_controller_spec.rb +205 -0
  51. data/spec/controllers/spree/api/v1/zones_controller_spec.rb +91 -0
  52. data/spec/models/spree/legacy_user_spec.rb +19 -0
  53. data/spec/requests/rabl_cache_spec.rb +32 -0
  54. data/spec/requests/ransackable_attributes_spec.rb +79 -0
  55. data/spec/requests/version_spec.rb +19 -0
  56. data/spec/shared_examples/protect_product_actions.rb +17 -0
  57. data/spec/spec_helper.rb +63 -0
  58. data/spec/support/controller_hacks.rb +40 -0
  59. data/spec/support/database_cleaner.rb +14 -0
  60. data/spec/support/have_attributes_matcher.rb +13 -0
  61. data/spree_api.gemspec +4 -3
  62. metadata +105 -13
  63. data/app/views/spree/api/v1/config/money.v1.rabl +0 -2
  64. data/app/views/spree/api/v1/config/show.v1.rabl +0 -2
@@ -0,0 +1,161 @@
1
+ require 'spec_helper'
2
+
3
+ module Spree
4
+ describe Api::V1::ReturnAuthorizationsController, type: :controller do
5
+ render_views
6
+
7
+ let!(:order) { create(:shipped_order) }
8
+
9
+ let(:product) { create(:product) }
10
+ let(:attributes) { [:id, :memo, :state] }
11
+ let(:resource_scoping) { { order_id: order.to_param } }
12
+
13
+ before do
14
+ stub_authentication!
15
+ end
16
+
17
+ context "as the order owner" do
18
+ before do
19
+ allow_any_instance_of(Order).to receive_messages user: current_api_user
20
+ end
21
+
22
+ it "cannot see any return authorizations" do
23
+ api_get :index
24
+ assert_unauthorized!
25
+ end
26
+
27
+ it "cannot see a single return authorization" do
28
+ api_get :show, id: 1
29
+ assert_unauthorized!
30
+ end
31
+
32
+ it "cannot learn how to create a new return authorization" do
33
+ api_get :new
34
+ assert_unauthorized!
35
+ end
36
+
37
+ it "cannot create a new return authorization" do
38
+ api_post :create
39
+ assert_unauthorized!
40
+ end
41
+
42
+ it "cannot update a return authorization" do
43
+ api_put :update, id: 1
44
+ assert_not_found!
45
+ end
46
+
47
+ it "cannot delete a return authorization" do
48
+ api_delete :destroy, id: 1
49
+ assert_not_found!
50
+ end
51
+ end
52
+
53
+ context "as an admin" do
54
+ sign_in_as_admin!
55
+
56
+ it "can show return authorization" do
57
+ FactoryGirl.create(:return_authorization, order: order)
58
+ return_authorization = order.return_authorizations.first
59
+ api_get :show, order_id: order.number, id: return_authorization.id
60
+ expect(response.status).to eq(200)
61
+ expect(json_response).to have_attributes(attributes)
62
+ expect(json_response["state"]).not_to be_blank
63
+ end
64
+
65
+ it "can get a list of return authorizations" do
66
+ FactoryGirl.create(:return_authorization, order: order)
67
+ FactoryGirl.create(:return_authorization, order: order)
68
+ api_get :index, { order_id: order.number }
69
+ expect(response.status).to eq(200)
70
+ return_authorizations = json_response["return_authorizations"]
71
+ expect(return_authorizations.first).to have_attributes(attributes)
72
+ expect(return_authorizations.first).not_to eq(return_authorizations.last)
73
+ end
74
+
75
+ it 'can control the page size through a parameter' do
76
+ FactoryGirl.create(:return_authorization, order: order)
77
+ FactoryGirl.create(:return_authorization, order: order)
78
+ api_get :index, order_id: order.number, per_page: 1
79
+ expect(json_response['count']).to eq(1)
80
+ expect(json_response['current_page']).to eq(1)
81
+ expect(json_response['pages']).to eq(2)
82
+ end
83
+
84
+ it 'can query the results through a paramter' do
85
+ FactoryGirl.create(:return_authorization, order: order)
86
+ expected_result = create(:return_authorization, memo: 'damaged')
87
+ order.return_authorizations << expected_result
88
+ api_get :index, q: { memo_cont: 'damaged' }
89
+ expect(json_response['count']).to eq(1)
90
+ expect(json_response['return_authorizations'].first['memo']).to eq expected_result.memo
91
+ end
92
+
93
+ it "can learn how to create a new return authorization" do
94
+ api_get :new
95
+ expect(json_response["attributes"]).to eq(["id", "number", "state", "order_id", "memo", "created_at", "updated_at"])
96
+ required_attributes = json_response["required_attributes"]
97
+ expect(required_attributes).to include("order")
98
+ end
99
+
100
+ it "can update a return authorization on the order" do
101
+ FactoryGirl.create(:return_authorization, order: order)
102
+ return_authorization = order.return_authorizations.first
103
+ api_put :update, id: return_authorization.id, return_authorization: { memo: "ABC" }
104
+ expect(response.status).to eq(200)
105
+ expect(json_response).to have_attributes(attributes)
106
+ end
107
+
108
+ it "can cancel a return authorization on the order" do
109
+ FactoryGirl.create(:new_return_authorization, order: order)
110
+ return_authorization = order.return_authorizations.first
111
+ expect(return_authorization.state).to eq("authorized")
112
+ api_delete :cancel, id: return_authorization.id
113
+ expect(response.status).to eq(200)
114
+ expect(return_authorization.reload.state).to eq("canceled")
115
+ end
116
+
117
+ it "can delete a return authorization on the order" do
118
+ FactoryGirl.create(:return_authorization, order: order)
119
+ return_authorization = order.return_authorizations.first
120
+ api_delete :destroy, id: return_authorization.id
121
+ expect(response.status).to eq(204)
122
+ expect { return_authorization.reload }.to raise_error(ActiveRecord::RecordNotFound)
123
+ end
124
+
125
+ it "can add a new return authorization to an existing order" do
126
+ stock_location = FactoryGirl.create(:stock_location)
127
+ reason = FactoryGirl.create(:return_authorization_reason)
128
+ rma_params = { stock_location_id: stock_location.id,
129
+ return_authorization_reason_id: reason.id,
130
+ memo: "Defective" }
131
+ api_post :create, order_id: order.number, return_authorization: rma_params
132
+ expect(response.status).to eq(201)
133
+ expect(json_response).to have_attributes(attributes)
134
+ expect(json_response["state"]).not_to be_blank
135
+ end
136
+ end
137
+
138
+ context "as just another user" do
139
+ it "cannot add a return authorization to the order" do
140
+ api_post :create, return_autorization: { order_id: order.number, memo: "Defective" }
141
+ assert_unauthorized!
142
+ end
143
+
144
+ it "cannot update a return authorization on the order" do
145
+ FactoryGirl.create(:return_authorization, order: order)
146
+ return_authorization = order.return_authorizations.first
147
+ api_put :update, id: return_authorization.id, return_authorization: { memo: "ABC" }
148
+ assert_unauthorized!
149
+ expect(return_authorization.reload.memo).not_to eq("ABC")
150
+ end
151
+
152
+ it "cannot delete a return authorization on the order" do
153
+ FactoryGirl.create(:return_authorization, order: order)
154
+ return_authorization = order.return_authorizations.first
155
+ api_delete :destroy, id: return_authorization.id
156
+ assert_unauthorized!
157
+ expect { return_authorization.reload }.not_to raise_error
158
+ end
159
+ end
160
+ end
161
+ end
@@ -0,0 +1,187 @@
1
+ require 'spec_helper'
2
+
3
+ describe Spree::Api::V1::ShipmentsController, type: :controller do
4
+ render_views
5
+ let!(:shipment) { create(:shipment) }
6
+ let!(:attributes) { [:id, :tracking, :number, :cost, :shipped_at, :stock_location_name, :order_id, :shipping_rates, :shipping_methods] }
7
+
8
+ before do
9
+ stub_authentication!
10
+ end
11
+
12
+ let!(:resource_scoping) { { id: shipment.to_param, shipment: { order_id: shipment.order.to_param } } }
13
+
14
+ context "as a non-admin" do
15
+ it "cannot make a shipment ready" do
16
+ api_put :ready
17
+ assert_not_found!
18
+ end
19
+
20
+ it "cannot make a shipment shipped" do
21
+ api_put :ship
22
+ assert_not_found!
23
+ end
24
+ end
25
+
26
+ context "as an admin" do
27
+ let!(:order) { shipment.order }
28
+ let!(:stock_location) { create(:stock_location_with_items) }
29
+ let!(:variant) { create(:variant) }
30
+
31
+ sign_in_as_admin!
32
+
33
+ # Start writing this spec a bit differently than before....
34
+ describe 'POST #create' do
35
+ let(:params) do
36
+ {
37
+ variant_id: stock_location.stock_items.first.variant.to_param,
38
+ shipment: { order_id: order.number },
39
+ stock_location_id: stock_location.to_param
40
+ }
41
+ end
42
+
43
+ subject do
44
+ api_post :create, params
45
+ end
46
+
47
+ [:variant_id, :stock_location_id].each do |field|
48
+ context "when #{field} is missing" do
49
+ before do
50
+ params.delete(field)
51
+ end
52
+
53
+ it 'should return proper error' do
54
+ subject
55
+ expect(response.status).to eq(422)
56
+ expect(json_response['exception']).to eq("param is missing or the value is empty: #{field.to_s}")
57
+ end
58
+ end
59
+ end
60
+
61
+ it 'should create a new shipment' do
62
+ expect(subject).to be_ok
63
+ expect(json_response).to have_attributes(attributes)
64
+ end
65
+ end
66
+
67
+ it 'can update a shipment' do
68
+ params = {
69
+ shipment: {
70
+ stock_location_id: stock_location.to_param
71
+ }
72
+ }
73
+
74
+ api_put :update, params
75
+ expect(response.status).to eq(200)
76
+ expect(json_response['stock_location_name']).to eq(stock_location.name)
77
+ end
78
+
79
+ it "can make a shipment ready" do
80
+ allow_any_instance_of(Spree::Order).to receive_messages(paid?: true, complete?: true)
81
+ api_put :ready
82
+ expect(json_response).to have_attributes(attributes)
83
+ expect(json_response["state"]).to eq("ready")
84
+ expect(shipment.reload.state).to eq("ready")
85
+ end
86
+
87
+ it "cannot make a shipment ready if the order is unpaid" do
88
+ allow_any_instance_of(Spree::Order).to receive_messages(paid?: false)
89
+ api_put :ready
90
+ expect(json_response["error"]).to eq("Cannot ready shipment.")
91
+ expect(response.status).to eq(422)
92
+ end
93
+
94
+ context 'for completed shipments' do
95
+ let(:order) { create :completed_order_with_totals }
96
+ let!(:resource_scoping) { { id: order.shipments.first.to_param, shipment: { order_id: order.to_param } } }
97
+
98
+ it 'adds a variant to a shipment' do
99
+ api_put :add, { variant_id: variant.to_param, quantity: 2 }
100
+ expect(response.status).to eq(200)
101
+ expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(2)
102
+ end
103
+
104
+ it 'removes a variant from a shipment' do
105
+ order.contents.add(variant, 2)
106
+
107
+ api_put :remove, { variant_id: variant.to_param, quantity: 1 }
108
+ expect(response.status).to eq(200)
109
+ expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(1)
110
+ end
111
+
112
+ it 'removes a destroyed variant from a shipment' do
113
+ order.contents.add(variant, 2)
114
+ variant.destroy
115
+
116
+ api_put :remove, { variant_id: variant.to_param, quantity: 1 }
117
+ expect(response.status).to eq(200)
118
+ expect(json_response['manifest'].detect { |h| h['variant']['id'] == variant.id }["quantity"]).to eq(1)
119
+ end
120
+ end
121
+
122
+ context "can transition a shipment from ready to ship" do
123
+ before do
124
+ allow_any_instance_of(Spree::Order).to receive_messages(paid?: true, complete?: true)
125
+ shipment.update!(shipment.order)
126
+ expect(shipment.state).to eq("ready")
127
+ allow_any_instance_of(Spree::ShippingRate).to receive_messages(cost: 5)
128
+ end
129
+
130
+ it "can transition a shipment from ready to ship" do
131
+ shipment.reload
132
+ api_put :ship, id: shipment.to_param, shipment: { tracking: "123123", order_id: shipment.order.to_param }
133
+ expect(json_response).to have_attributes(attributes)
134
+ expect(json_response["state"]).to eq("shipped")
135
+ end
136
+
137
+ end
138
+
139
+ describe '#mine' do
140
+ subject do
141
+ api_get :mine, format: 'json', params: params
142
+ end
143
+
144
+ let(:params) { {} }
145
+
146
+ before { subject }
147
+
148
+ context "the current api user is authenticated and has orders" do
149
+ let(:current_api_user) { shipped_order.user }
150
+ let(:shipped_order) { create(:shipped_order) }
151
+
152
+ it 'succeeds' do
153
+ expect(response.status).to eq 200
154
+ end
155
+
156
+ describe 'json output' do
157
+ render_views
158
+
159
+ let(:rendered_shipment_ids) { json_response['shipments'].map { |s| s['id'] } }
160
+
161
+ it 'contains the shipments' do
162
+ expect(rendered_shipment_ids).to match_array current_api_user.orders.flat_map(&:shipments).map(&:id)
163
+ end
164
+ end
165
+
166
+ context 'with filtering' do
167
+ let(:params) { {q: {order_completed_at_not_null: 1}} }
168
+
169
+ let!(:incomplete_order) { create(:order, user: current_api_user) }
170
+
171
+ it 'filters' do
172
+ expect(assigns(:shipments).map(&:id)).to match_array current_api_user.orders.complete.flat_map(&:shipments).map(&:id)
173
+ end
174
+ end
175
+ end
176
+
177
+ context "the current api user is not persisted" do
178
+ let(:current_api_user) { Spree.user_class.new }
179
+
180
+ it "returns a 401" do
181
+ expect(response.status).to eq(401)
182
+ end
183
+ end
184
+ end
185
+
186
+ end
187
+ end
@@ -0,0 +1,86 @@
1
+ require 'spec_helper'
2
+
3
+ module Spree
4
+ describe Api::V1::StatesController, type: :controller do
5
+ render_views
6
+
7
+ let!(:state) { create(:state, name: "Victoria") }
8
+ let(:attributes) { [:id, :name, :abbr, :country_id] }
9
+
10
+ before do
11
+ stub_authentication!
12
+ end
13
+
14
+ it "gets all states" do
15
+ api_get :index
16
+ expect(json_response["states"].first).to have_attributes(attributes)
17
+ expect(json_response['states'].first['name']).to eq(state.name)
18
+ end
19
+
20
+ it "gets all the states for a particular country" do
21
+ api_get :index, country_id: state.country.id
22
+ expect(json_response["states"].first).to have_attributes(attributes)
23
+ expect(json_response['states'].first['name']).to eq(state.name)
24
+ end
25
+
26
+ context "pagination" do
27
+ let(:scope) { double('scope') }
28
+
29
+ before do
30
+ expect(scope).to receive_messages(last: state)
31
+ expect(State).to receive_messages(accessible_by: scope)
32
+ expect(scope).to receive_messages(order: scope)
33
+ allow(scope).to receive_message_chain(:ransack, :result, :includes).and_return(scope)
34
+ end
35
+
36
+ it "does not paginate states results when asked not to do so" do
37
+ expect(scope).not_to receive(:page)
38
+ expect(scope).not_to receive(:per)
39
+ api_get :index
40
+ end
41
+
42
+ it "paginates when page parameter is passed through" do
43
+ expect(scope).to receive(:page).with("1").and_return(scope)
44
+ expect(scope).to receive(:per).with(nil).and_return(scope)
45
+ api_get :index, page: 1
46
+ end
47
+
48
+ it "paginates when per_page parameter is passed through" do
49
+ expect(scope).to receive(:page).with(nil).and_return(scope)
50
+ expect(scope).to receive(:per).with("25").and_return(scope)
51
+ api_get :index, per_page: 25
52
+ end
53
+ end
54
+
55
+
56
+ context "with two states" do
57
+ before { create(:state, name: "New South Wales") }
58
+
59
+ it "gets all states for a country" do
60
+ country = create(:country, states_required: true)
61
+ state.country = country
62
+ state.save
63
+
64
+ api_get :index, country_id: country.id
65
+ expect(json_response["states"].first).to have_attributes(attributes)
66
+ expect(json_response["states"].count).to eq(1)
67
+ json_response["states_required"] = true
68
+ end
69
+
70
+ it "can view all states" do
71
+ api_get :index
72
+ expect(json_response["states"].first).to have_attributes(attributes)
73
+ end
74
+
75
+ it 'can query the results through a paramter' do
76
+ api_get :index, q: { name_cont: 'Vic' }
77
+ expect(json_response['states'].first['name']).to eq("Victoria")
78
+ end
79
+ end
80
+
81
+ it "can view a state" do
82
+ api_get :show, id: state.id
83
+ expect(json_response).to have_attributes(attributes)
84
+ end
85
+ end
86
+ end
@@ -0,0 +1,151 @@
1
+ require 'spec_helper'
2
+
3
+ module Spree
4
+ describe Api::V1::StockItemsController, type: :controller do
5
+ render_views
6
+
7
+ let!(:stock_location) { create(:stock_location_with_items) }
8
+ let!(:stock_item) { stock_location.stock_items.order(:id).first }
9
+ let!(:attributes) { [:id, :count_on_hand, :backorderable,
10
+ :stock_location_id, :variant_id] }
11
+
12
+ before do
13
+ stub_authentication!
14
+ end
15
+
16
+ context "as a normal user" do
17
+ it "cannot list stock items for a stock location" do
18
+ api_get :index, stock_location_id: stock_location.to_param
19
+ expect(response.status).to eq(404)
20
+ end
21
+
22
+ it "cannot see a stock item" do
23
+ api_get :show, stock_location_id: stock_location.to_param, id: stock_item.to_param
24
+ expect(response.status).to eq(404)
25
+ end
26
+
27
+ it "cannot create a stock item" do
28
+ variant = create(:variant)
29
+ params = {
30
+ stock_location_id: stock_location.to_param,
31
+ stock_item: {
32
+ variant_id: variant.id,
33
+ count_on_hand: '20'
34
+ }
35
+ }
36
+
37
+ api_post :create, params
38
+ expect(response.status).to eq(404)
39
+ end
40
+
41
+ it "cannot update a stock item" do
42
+ api_put :update, stock_location_id: stock_location.to_param,
43
+ id: stock_item.to_param
44
+ expect(response.status).to eq(404)
45
+ end
46
+
47
+ it "cannot destroy a stock item" do
48
+ api_delete :destroy, stock_location_id: stock_location.to_param,
49
+ id: stock_item.to_param
50
+ expect(response.status).to eq(404)
51
+ end
52
+ end
53
+
54
+ context "as an admin" do
55
+ sign_in_as_admin!
56
+
57
+ it 'cannot list of stock items' do
58
+ api_get :index, stock_location_id: stock_location.to_param
59
+ expect(json_response['stock_items'].first).to have_attributes(attributes)
60
+ expect(json_response['stock_items'].first['variant']['sku']).to include 'SKU'
61
+ end
62
+
63
+ it 'requires a stock_location_id to be passed as a parameter' do
64
+ api_get :index
65
+ expect(json_response['error']).to match(/stock_location_id parameter must be provided/)
66
+ expect(response.status).to eq(422)
67
+ end
68
+
69
+ it 'can control the page size through a parameter' do
70
+ api_get :index, stock_location_id: stock_location.to_param, per_page: 1
71
+ expect(json_response['count']).to eq(1)
72
+ expect(json_response['current_page']).to eq(1)
73
+ end
74
+
75
+ it 'can query the results through a paramter (count_on_hand)' do
76
+ stock_item.update_column(:count_on_hand, 30)
77
+ api_get :index, stock_location_id: stock_location.to_param, q: { count_on_hand_eq: '30' }
78
+ expect(json_response['count']).to eq(1)
79
+ expect(json_response['stock_items'].first['count_on_hand']).to eq 30
80
+ end
81
+
82
+ it 'can query the results through a paramter (variant_id)' do
83
+ api_get :index, stock_location_id: stock_location.to_param, q: { variant_id_eq: 999999 }
84
+ expect(json_response['count']).to eq(0)
85
+ api_get :index, stock_location_id: stock_location.to_param, q: { variant_id_eq: stock_item.variant_id }
86
+ expect(json_response['count']).to eq(1)
87
+ expect(json_response['stock_items'].first['variant_id']).to eq stock_item.variant_id
88
+ end
89
+
90
+ it 'gets a stock item' do
91
+ api_get :show, stock_location_id: stock_location.to_param, id: stock_item.to_param
92
+ expect(json_response).to have_attributes(attributes)
93
+ expect(json_response['count_on_hand']).to eq stock_item.count_on_hand
94
+ end
95
+
96
+ it 'can create a new stock item' do
97
+ variant = create(:variant)
98
+ # Creating a variant also creates stock items.
99
+ # We don't want any to exist (as they would conflict with what we're about to create)
100
+ StockItem.delete_all
101
+ params = {
102
+ stock_location_id: stock_location.to_param,
103
+ stock_item: {
104
+ variant_id: variant.id,
105
+ count_on_hand: '20'
106
+ }
107
+ }
108
+
109
+ api_post :create, params
110
+ expect(response.status).to eq(201)
111
+ expect(json_response).to have_attributes(attributes)
112
+ end
113
+
114
+ it 'can update a stock item to add new inventory' do
115
+ expect(stock_item.count_on_hand).to eq(10)
116
+ params = {
117
+ id: stock_item.to_param,
118
+ stock_item: {
119
+ count_on_hand: 40,
120
+ }
121
+ }
122
+
123
+ api_put :update, params
124
+ expect(response.status).to eq(200)
125
+ expect(json_response['count_on_hand']).to eq 50
126
+ end
127
+
128
+ it 'can set a stock item to modify the current inventory' do
129
+ expect(stock_item.count_on_hand).to eq(10)
130
+
131
+ params = {
132
+ id: stock_item.to_param,
133
+ stock_item: {
134
+ count_on_hand: 40,
135
+ force: true,
136
+ }
137
+ }
138
+
139
+ api_put :update, params
140
+ expect(response.status).to eq(200)
141
+ expect(json_response['count_on_hand']).to eq 40
142
+ end
143
+
144
+ it 'can delete a stock item' do
145
+ api_delete :destroy, id: stock_item.to_param
146
+ expect(response.status).to eq(204)
147
+ expect { Spree::StockItem.find(stock_item.id) }.to raise_error(ActiveRecord::RecordNotFound)
148
+ end
149
+ end
150
+ end
151
+ end
@@ -0,0 +1,113 @@
1
+ require 'spec_helper'
2
+
3
+ module Spree
4
+ describe Api::V1::StockLocationsController, type: :controller do
5
+ render_views
6
+
7
+ let!(:stock_location) { create(:stock_location) }
8
+ let!(:attributes) { [:id, :name, :address1, :address2, :city, :state_id, :state_name, :country_id, :zipcode, :phone, :active] }
9
+
10
+ before do
11
+ stub_authentication!
12
+ end
13
+
14
+ context "as a user" do
15
+ it "cannot see stock locations" do
16
+ api_get :index
17
+ expect(response.status).to eq(401)
18
+ end
19
+
20
+ it "cannot see a single stock location" do
21
+ api_get :show, id: stock_location.id
22
+ expect(response.status).to eq(404)
23
+ end
24
+
25
+ it "cannot create a new stock location" do
26
+ params = {
27
+ stock_location: {
28
+ name: "North Pole",
29
+ active: true
30
+ }
31
+ }
32
+
33
+ api_post :create, params
34
+ expect(response.status).to eq(401)
35
+ end
36
+
37
+ it "cannot update a stock location" do
38
+ api_put :update, stock_location: { name: "South Pole" }, id: stock_location.to_param
39
+ expect(response.status).to eq(404)
40
+ end
41
+
42
+ it "cannot delete a stock location" do
43
+ api_put :destroy, id: stock_location.to_param
44
+ expect(response.status).to eq(404)
45
+ end
46
+ end
47
+
48
+
49
+ context "as an admin" do
50
+ sign_in_as_admin!
51
+
52
+ it "gets list of stock locations" do
53
+ api_get :index
54
+ expect(json_response['stock_locations'].first).to have_attributes(attributes)
55
+ expect(json_response['stock_locations'].first['country']).not_to be_nil
56
+ expect(json_response['stock_locations'].first['state']).not_to be_nil
57
+ end
58
+
59
+ it 'can control the page size through a parameter' do
60
+ create(:stock_location)
61
+ api_get :index, per_page: 1
62
+ expect(json_response['count']).to eq(1)
63
+ expect(json_response['current_page']).to eq(1)
64
+ expect(json_response['pages']).to eq(2)
65
+ end
66
+
67
+ it 'can query the results through a paramter' do
68
+ expected_result = create(:stock_location, name: 'South America')
69
+ api_get :index, q: { name_cont: 'south' }
70
+ expect(json_response['count']).to eq(1)
71
+ expect(json_response['stock_locations'].first['name']).to eq expected_result.name
72
+ end
73
+
74
+ it "gets a stock location" do
75
+ api_get :show, id: stock_location.to_param
76
+ expect(json_response).to have_attributes(attributes)
77
+ expect(json_response['name']).to eq stock_location.name
78
+ end
79
+
80
+ it "can create a new stock location" do
81
+ params = {
82
+ stock_location: {
83
+ name: "North Pole",
84
+ active: true
85
+ }
86
+ }
87
+
88
+ api_post :create, params
89
+ expect(response.status).to eq(201)
90
+ expect(json_response).to have_attributes(attributes)
91
+ end
92
+
93
+ it "can update a stock location" do
94
+ params = {
95
+ id: stock_location.to_param,
96
+ stock_location: {
97
+ name: "South Pole"
98
+ }
99
+ }
100
+
101
+ api_put :update, params
102
+ expect(response.status).to eq(200)
103
+ expect(json_response['name']).to eq 'South Pole'
104
+ end
105
+
106
+ it "can delete a stock location" do
107
+ api_delete :destroy, id: stock_location.to_param
108
+ expect(response.status).to eq(204)
109
+ expect { stock_location.reload }.to raise_error(ActiveRecord::RecordNotFound)
110
+ end
111
+ end
112
+ end
113
+ end