spree_api 3.7.14.1 → 4.0.0.beta

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of spree_api might be problematic. Click here for more details.

Files changed (139) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/app/controllers/spree/api/base_controller.rb +3 -3
  4. data/app/controllers/spree/api/v1/addresses_controller.rb +2 -2
  5. data/app/controllers/spree/api/v1/countries_controller.rb +2 -2
  6. data/app/controllers/spree/api/v1/credit_cards_controller.rb +2 -2
  7. data/app/controllers/spree/api/v1/images_controller.rb +3 -3
  8. data/app/controllers/spree/api/v1/inventory_units_controller.rb +2 -2
  9. data/app/controllers/spree/api/v1/option_types_controller.rb +4 -4
  10. data/app/controllers/spree/api/v1/option_values_controller.rb +3 -3
  11. data/app/controllers/spree/api/v1/payments_controller.rb +2 -2
  12. data/app/controllers/spree/api/v1/product_properties_controller.rb +4 -4
  13. data/app/controllers/spree/api/v1/properties_controller.rb +4 -4
  14. data/app/controllers/spree/api/v1/return_authorizations_controller.rb +4 -4
  15. data/app/controllers/spree/api/v1/shipments_controller.rb +3 -3
  16. data/app/controllers/spree/api/v1/states_controller.rb +3 -3
  17. data/app/controllers/spree/api/v1/stock_items_controller.rb +2 -2
  18. data/app/controllers/spree/api/v1/stock_locations_controller.rb +5 -4
  19. data/app/controllers/spree/api/v1/stock_movements_controller.rb +3 -3
  20. data/app/controllers/spree/api/v1/stores_controller.rb +4 -4
  21. data/app/controllers/spree/api/v1/taxonomies_controller.rb +3 -3
  22. data/app/controllers/spree/api/v1/taxons_controller.rb +5 -5
  23. data/app/controllers/spree/api/v1/users_controller.rb +3 -3
  24. data/app/controllers/spree/api/v1/variants_controller.rb +3 -3
  25. data/app/controllers/spree/api/v1/zones_controller.rb +3 -3
  26. data/app/controllers/spree/api/v2/base_controller.rb +1 -6
  27. data/app/controllers/spree/api/v2/storefront/account/credit_cards_controller.rb +1 -1
  28. data/app/controllers/spree/api/v2/storefront/countries_controller.rb +2 -1
  29. data/app/controllers/spree/api/v2/storefront/order_status_controller.rb +0 -6
  30. data/app/controllers/spree/api/v2/storefront/products_controller.rb +1 -1
  31. data/app/controllers/spree/api/v2/storefront/taxons_controller.rb +1 -1
  32. data/app/views/spree/api/errors/{gateway_error.v1.rabl → gateway_error.rabl} +0 -0
  33. data/app/views/spree/api/errors/{invalid_api_key.v1.rabl → invalid_api_key.rabl} +0 -0
  34. data/app/views/spree/api/errors/{invalid_resource.v1.rabl → invalid_resource.rabl} +0 -0
  35. data/app/views/spree/api/errors/{must_specify_api_key.v1.rabl → must_specify_api_key.rabl} +0 -0
  36. data/app/views/spree/api/errors/{not_found.v1.rabl → not_found.rabl} +0 -0
  37. data/app/views/spree/api/errors/{unauthorized.v1.rabl → unauthorized.rabl} +0 -0
  38. data/app/views/spree/api/v1/addresses/{show.v1.rabl → show.rabl} +0 -0
  39. data/app/views/spree/api/v1/adjustments/{show.v1.rabl → show.rabl} +0 -0
  40. data/app/views/spree/api/v1/countries/{index.v1.rabl → index.rabl} +0 -0
  41. data/app/views/spree/api/v1/countries/{show.v1.rabl → show.rabl} +0 -0
  42. data/app/views/spree/api/v1/credit_cards/{index.v1.rabl → index.rabl} +0 -0
  43. data/app/views/spree/api/v1/credit_cards/{show.v1.rabl → show.rabl} +0 -0
  44. data/app/views/spree/api/v1/customer_returns/{index.v1.rabl → index.rabl} +0 -0
  45. data/app/views/spree/api/v1/images/{index.v1.rabl → index.rabl} +0 -0
  46. data/app/views/spree/api/v1/images/{new.v1.rabl → new.rabl} +0 -0
  47. data/app/views/spree/api/v1/images/{show.v1.rabl → show.rabl} +0 -0
  48. data/app/views/spree/api/v1/line_items/{new.v1.rabl → new.rabl} +0 -0
  49. data/app/views/spree/api/v1/line_items/{show.v1.rabl → show.rabl} +0 -0
  50. data/app/views/spree/api/v1/option_types/{index.v1.rabl → index.rabl} +0 -0
  51. data/app/views/spree/api/v1/option_types/{new.v1.rabl → new.rabl} +0 -0
  52. data/app/views/spree/api/v1/option_types/{show.v1.rabl → show.rabl} +0 -0
  53. data/app/views/spree/api/v1/option_values/{index.v1.rabl → index.rabl} +0 -0
  54. data/app/views/spree/api/v1/option_values/{new.v1.rabl → new.rabl} +0 -0
  55. data/app/views/spree/api/v1/option_values/{show.v1.rabl → show.rabl} +0 -0
  56. data/app/views/spree/api/v1/orders/{address.v1.rabl → address.rabl} +0 -0
  57. data/app/views/spree/api/v1/orders/{canceled.v1.rabl → canceled.rabl} +0 -0
  58. data/app/views/spree/api/v1/orders/{cart.v1.rabl → cart.rabl} +0 -0
  59. data/app/views/spree/api/v1/orders/{complete.v1.rabl → complete.rabl} +0 -0
  60. data/app/views/spree/api/v1/orders/{could_not_apply_coupon.v1.rabl → could_not_apply_coupon.rabl} +0 -0
  61. data/app/views/spree/api/v1/orders/{could_not_transition.v1.rabl → could_not_transition.rabl} +0 -0
  62. data/app/views/spree/api/v1/orders/{index.v1.rabl → index.rabl} +0 -0
  63. data/app/views/spree/api/v1/orders/{insufficient_quantity.v1.rabl → insufficient_quantity.rabl} +0 -0
  64. data/app/views/spree/api/v1/orders/{invalid_shipping_method.v1.rabl → invalid_shipping_method.rabl} +0 -0
  65. data/app/views/spree/api/v1/orders/{mine.v1.rabl → mine.rabl} +0 -0
  66. data/app/views/spree/api/v1/orders/{order.v1.rabl → order.rabl} +0 -0
  67. data/app/views/spree/api/v1/orders/{payment.v1.rabl → payment.rabl} +0 -0
  68. data/app/views/spree/api/v1/orders/{show.v1.rabl → show.rabl} +0 -0
  69. data/app/views/spree/api/v1/payments/{credit_over_limit.v1.rabl → credit_over_limit.rabl} +0 -0
  70. data/app/views/spree/api/v1/payments/{index.v1.rabl → index.rabl} +0 -0
  71. data/app/views/spree/api/v1/payments/{new.v1.rabl → new.rabl} +0 -0
  72. data/app/views/spree/api/v1/payments/{show.v1.rabl → show.rabl} +0 -0
  73. data/app/views/spree/api/v1/payments/{update_forbidden.v1.rabl → update_forbidden.rabl} +0 -0
  74. data/app/views/spree/api/v1/product_properties/{index.v1.rabl → index.rabl} +0 -0
  75. data/app/views/spree/api/v1/product_properties/{new.v1.rabl → new.rabl} +0 -0
  76. data/app/views/spree/api/v1/product_properties/{show.v1.rabl → show.rabl} +0 -0
  77. data/app/views/spree/api/v1/products/{index.v1.rabl → index.rabl} +0 -0
  78. data/app/views/spree/api/v1/products/{new.v1.rabl → new.rabl} +0 -0
  79. data/app/views/spree/api/v1/products/{product.v1.rabl → product.rabl} +0 -0
  80. data/app/views/spree/api/v1/products/{show.v1.rabl → show.rabl} +0 -0
  81. data/app/views/spree/api/v1/promotions/{handler.v1.rabl → handler.rabl} +0 -0
  82. data/app/views/spree/api/v1/promotions/{show.v1.rabl → show.rabl} +0 -0
  83. data/app/views/spree/api/v1/properties/{index.v1.rabl → index.rabl} +0 -0
  84. data/app/views/spree/api/v1/properties/{new.v1.rabl → new.rabl} +0 -0
  85. data/app/views/spree/api/v1/properties/{show.v1.rabl → show.rabl} +0 -0
  86. data/app/views/spree/api/v1/reimbursements/{index.v1.rabl → index.rabl} +0 -0
  87. data/app/views/spree/api/v1/return_authorizations/{index.v1.rabl → index.rabl} +0 -0
  88. data/app/views/spree/api/v1/return_authorizations/{new.v1.rabl → new.rabl} +0 -0
  89. data/app/views/spree/api/v1/return_authorizations/{show.v1.rabl → show.rabl} +0 -0
  90. data/app/views/spree/api/v1/shared/{stock_location_required.v1.rabl → stock_location_required.rabl} +0 -0
  91. data/app/views/spree/api/v1/shipments/{big.v1.rabl → big.rabl} +0 -0
  92. data/app/views/spree/api/v1/shipments/{cannot_ready_shipment.v1.rabl → cannot_ready_shipment.rabl} +0 -0
  93. data/app/views/spree/api/v1/shipments/{mine.v1.rabl → mine.rabl} +0 -0
  94. data/app/views/spree/api/v1/shipments/{show.v1.rabl → show.rabl} +0 -0
  95. data/app/views/spree/api/v1/shipments/{small.v1.rabl → small.rabl} +0 -0
  96. data/app/views/spree/api/v1/shipping_rates/{show.v1.rabl → show.rabl} +0 -0
  97. data/app/views/spree/api/v1/states/{index.v1.rabl → index.rabl} +0 -0
  98. data/app/views/spree/api/v1/states/{show.v1.rabl → show.rabl} +0 -0
  99. data/app/views/spree/api/v1/stock_items/{index.v1.rabl → index.rabl} +0 -0
  100. data/app/views/spree/api/v1/stock_items/{show.v1.rabl → show.rabl} +0 -0
  101. data/app/views/spree/api/v1/stock_locations/{index.v1.rabl → index.rabl} +0 -0
  102. data/app/views/spree/api/v1/stock_locations/{show.v1.rabl → show.rabl} +0 -0
  103. data/app/views/spree/api/v1/stock_movements/{index.v1.rabl → index.rabl} +0 -0
  104. data/app/views/spree/api/v1/stock_movements/{show.v1.rabl → show.rabl} +0 -0
  105. data/app/views/spree/api/v1/stores/{index.v1.rabl → index.rabl} +0 -0
  106. data/app/views/spree/api/v1/stores/{show.v1.rabl → show.rabl} +0 -0
  107. data/app/views/spree/api/v1/tags/{index.v1.rabl → index.rabl} +0 -0
  108. data/app/views/spree/api/v1/taxonomies/{index.v1.rabl → index.rabl} +0 -0
  109. data/app/views/spree/api/v1/taxonomies/{nested.v1.rabl → nested.rabl} +0 -0
  110. data/app/views/spree/api/v1/taxonomies/{new.v1.rabl → new.rabl} +0 -0
  111. data/app/views/spree/api/v1/taxonomies/{show.v1.rabl → show.rabl} +0 -0
  112. data/app/views/spree/api/v1/taxons/{index.v1.rabl → index.rabl} +0 -0
  113. data/app/views/spree/api/v1/taxons/{new.v1.rabl → new.rabl} +0 -0
  114. data/app/views/spree/api/v1/taxons/{show.v1.rabl → show.rabl} +0 -0
  115. data/app/views/spree/api/v1/taxons/{taxons.v1.rabl → taxons.rabl} +0 -0
  116. data/app/views/spree/api/v1/users/{index.v1.rabl → index.rabl} +0 -0
  117. data/app/views/spree/api/v1/users/{new.v1.rabl → new.rabl} +0 -0
  118. data/app/views/spree/api/v1/users/{show.v1.rabl → show.rabl} +0 -0
  119. data/app/views/spree/api/v1/variants/{big.v1.rabl → big.rabl} +0 -0
  120. data/app/views/spree/api/v1/variants/{index.v1.rabl → index.rabl} +0 -0
  121. data/app/views/spree/api/v1/variants/{new.v1.rabl → new.rabl} +0 -0
  122. data/app/views/spree/api/v1/variants/{show.v1.rabl → show.rabl} +0 -0
  123. data/app/views/spree/api/v1/variants/{small.v1.rabl → small.rabl} +0 -0
  124. data/app/views/spree/api/v1/zones/{index.v1.rabl → index.rabl} +0 -0
  125. data/app/views/spree/api/v1/zones/{show.v1.rabl → show.rabl} +0 -0
  126. data/config/initializers/doorkeeper.rb +12 -0
  127. data/config/initializers/rabl_rails6_fix.rb +16 -0
  128. data/config/routes.rb +0 -2
  129. data/docs/v2/storefront/index.yaml +36 -31
  130. data/lib/spree/api/engine.rb +0 -19
  131. data/lib/spree/api/testing_support/v2/base.rb +1 -1
  132. data/lib/spree_api.rb +0 -1
  133. data/spree_api.gemspec +2 -3
  134. metadata +108 -126
  135. data/app/controllers/spree/api/v1/tags_controller.rb +0 -28
  136. data/app/models/doorkeeper/access_grant_decorator.rb +0 -3
  137. data/app/models/doorkeeper/access_token_decorator.rb +0 -3
  138. data/app/models/doorkeeper/application_decorator.rb +0 -3
  139. data/config/initializers/metal_load_paths.rb +0 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e95b4dd375ca3352b36e5cf43149af4c4bd1a2888b129dc0062e22a4cc851fa4
4
- data.tar.gz: 216504eec54335aa7127682fc5f2c40b51f2b2c748e86473a96321e966db0db8
3
+ metadata.gz: 72f06e43e51c1833d120d602a9558aad7f5ccf2e21bfc2d98bb72a34f1dfd86d
4
+ data.tar.gz: a81013706d6a7e712cc183bffb7d2222bf94e07da568c943daad27e5d3fd7a59
5
5
  SHA512:
6
- metadata.gz: 2f9ed96506e51d38bcd329cc2f9d472da590f48e2b35cdda9aa4c5ed072e32d01084dd98f843b3fbc68f7afa8e7e5f764e866d539c2816577721bbf885d1148c
7
- data.tar.gz: d24344cf64fb701559e67e4b768c1c23149c702c74c8c029ab5994428dd71d667f9fdd855eae98a6cce1f5fe26546ef948a9042e5e15c3d0079032a898376673
6
+ metadata.gz: 93248446a291211f90371a8f6f1355193497e0bae48fa2e9c91e45273d2385d38dbbf108b0b554ac805d993e207d14056a6d0b4962fef56242b9c793755d3e05
7
+ data.tar.gz: 69a6cbd99a6faf0a3e4f7ae450027d99c02ddb7454400f29587d7f866540fff57e3ddb257fe7479c85d67299b06743f67af5b40f4b5ebce583e1ae2fe0476364
data/Gemfile CHANGED
@@ -1,4 +1,4 @@
1
- eval(File.read(File.dirname(__FILE__) + '/../common_spree_dependencies.rb'))
1
+ eval_gemfile('../common_spree_dependencies.rb')
2
2
 
3
3
  gem 'spree_core', path: '../core'
4
4
 
data/app/controllers/spree/api/base_controller.rb CHANGED
@@ -133,12 +133,12 @@ module Spree
133
133
 
134
134
  def product_scope
135
135
  if @current_user_roles.include?('admin')
136
- scope = Product.with_deleted.accessible_by(current_ability, :read).includes(*product_includes)
136
+ scope = Product.with_deleted.accessible_by(current_ability, :show).includes(*product_includes)
137
137
 
138
138
  scope = scope.not_deleted unless params[:show_deleted]
139
139
  scope = scope.not_discontinued unless params[:show_discontinued]
140
140
  else
141
- scope = Product.accessible_by(current_ability, :read).active.includes(*product_includes)
141
+ scope = Product.accessible_by(current_ability, :show).active.includes(*product_includes)
142
142
  end
143
143
 
144
144
  scope
@@ -158,7 +158,7 @@ module Spree
158
158
 
159
159
  def authorize_for_order
160
160
  @order = Spree::Order.find_by(number: order_id)
161
- authorize! :read, @order, order_token
161
+ authorize! :show, @order, order_token
162
162
  end
163
163
  end
164
164
  end
data/app/controllers/spree/api/v1/addresses_controller.rb CHANGED
@@ -5,7 +5,7 @@ module Spree
5
5
  before_action :find_order
6
6
 
7
7
  def show
8
- authorize! :read, @order, order_token
8
+ authorize! :show, @order, order_token
9
9
  @address = find_address
10
10
  respond_with(@address)
11
11
  end
@@ -14,7 +14,7 @@ module Spree
14
14
  authorize! :update, @order, order_token
15
15
  @address = find_address
16
16
 
17
- if @address.update_attributes(address_params)
17
+ if @address.update(address_params)
18
18
  respond_with(@address, default_template: :show)
19
19
  else
20
20
  invalid_resource!(@address)
data/app/controllers/spree/api/v1/countries_controller.rb CHANGED
@@ -5,7 +5,7 @@ module Spree
5
5
  skip_before_action :authenticate_user
6
6
 
7
7
  def index
8
- @countries = Country.accessible_by(current_ability, :read).ransack(params[:q]).result.
8
+ @countries = Country.accessible_by(current_ability).ransack(params[:q]).result.
9
9
  order('name ASC').
10
10
  page(params[:page]).per(params[:per_page])
11
11
  country = Country.order('updated_at ASC').last
@@ -13,7 +13,7 @@ module Spree
13
13
  end
14
14
 
15
15
  def show
16
- @country = Country.accessible_by(current_ability, :read).find(params[:id])
16
+ @country = Country.accessible_by(current_ability, :show).find(params[:id])
17
17
  respond_with(@country)
18
18
  end
19
19
  end
data/app/controllers/spree/api/v1/credit_cards_controller.rb CHANGED
@@ -7,7 +7,7 @@ module Spree
7
7
  def index
8
8
  @credit_cards = user.
9
9
  credit_cards.
10
- accessible_by(current_ability, :read).
10
+ accessible_by(current_ability).
11
11
  with_payment_profile.
12
12
  ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
13
13
  respond_with(@credit_cards)
@@ -17,7 +17,7 @@ module Spree
17
17
 
18
18
  def user
19
19
  if params[:user_id].present?
20
- @user ||= Spree.user_class.accessible_by(current_ability, :read).find(params[:user_id])
20
+ @user ||= Spree.user_class.accessible_by(current_ability, :show).find(params[:user_id])
21
21
  end
22
22
  end
23
23
  end
data/app/controllers/spree/api/v1/images_controller.rb CHANGED
@@ -3,12 +3,12 @@ module Spree
3
3
  module V1
4
4
  class ImagesController < Spree::Api::BaseController
5
5
  def index
6
- @images = scope.images.accessible_by(current_ability, :read)
6
+ @images = scope.images.accessible_by(current_ability)
7
7
  respond_with(@images)
8
8
  end
9
9
 
10
10
  def show
11
- @image = Image.accessible_by(current_ability, :read).find(params[:id])
11
+ @image = Image.accessible_by(current_ability, :show).find(params[:id])
12
12
  respond_with(@image)
13
13
  end
14
14
 
@@ -26,7 +26,7 @@ module Spree
26
26
 
27
27
  def update
28
28
  @image = scope.images.accessible_by(current_ability, :update).find(params[:id])
29
- if @image.update_attributes(image_params)
29
+ if @image.update(image_params)
30
30
  respond_with(@image, default_template: :show)
31
31
  else
32
32
  invalid_resource!(@image)
data/app/controllers/spree/api/v1/inventory_units_controller.rb CHANGED
@@ -13,7 +13,7 @@ module Spree
13
13
  authorize! :update, inventory_unit.order
14
14
 
15
15
  inventory_unit.transaction do
16
- if inventory_unit.update_attributes(inventory_unit_params)
16
+ if inventory_unit.update(inventory_unit_params)
17
17
  fire
18
18
  render :show, status: 200
19
19
  else
@@ -25,7 +25,7 @@ module Spree
25
25
  private
26
26
 
27
27
  def inventory_unit
28
- @inventory_unit ||= InventoryUnit.accessible_by(current_ability, :read).find(params[:id])
28
+ @inventory_unit ||= InventoryUnit.accessible_by(current_ability, :show).find(params[:id])
29
29
  end
30
30
 
31
31
  def prepare_event
data/app/controllers/spree/api/v1/option_types_controller.rb CHANGED
@@ -6,19 +6,19 @@ module Spree
6
6
  @option_types = if params[:ids]
7
7
  Spree::OptionType.
8
8
  includes(:option_values).
9
- accessible_by(current_ability, :read).
9
+ accessible_by(current_ability).
10
10
  where(id: params[:ids].split(','))
11
11
  else
12
12
  Spree::OptionType.
13
13
  includes(:option_values).
14
- accessible_by(current_ability, :read).
14
+ accessible_by(current_ability).
15
15
  load.ransack(params[:q]).result
16
16
  end
17
17
  respond_with(@option_types)
18
18
  end
19
19
 
20
20
  def show
21
- @option_type = Spree::OptionType.accessible_by(current_ability, :read).find(params[:id])
21
+ @option_type = Spree::OptionType.accessible_by(current_ability, :show).find(params[:id])
22
22
  respond_with(@option_type)
23
23
  end
24
24
 
@@ -36,7 +36,7 @@ module Spree
36
36
 
37
37
  def update
38
38
  @option_type = Spree::OptionType.accessible_by(current_ability, :update).find(params[:id])
39
- if @option_type.update_attributes(option_type_params)
39
+ if @option_type.update(option_type_params)
40
40
  render :show
41
41
  else
42
42
  invalid_resource!(@option_type)
data/app/controllers/spree/api/v1/option_values_controller.rb CHANGED
@@ -30,7 +30,7 @@ module Spree
30
30
 
31
31
  def update
32
32
  @option_value = scope.accessible_by(current_ability, :update).find(params[:id])
33
- if @option_value.update_attributes(option_value_params)
33
+ if @option_value.update(option_value_params)
34
34
  render :show
35
35
  else
36
36
  invalid_resource!(@option_value)
@@ -47,9 +47,9 @@ module Spree
47
47
 
48
48
  def scope
49
49
  @scope ||= if params[:option_type_id]
50
- Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability, :read)
50
+ Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability, :show)
51
51
  else
52
- Spree::OptionValue.accessible_by(current_ability, :read).load
52
+ Spree::OptionValue.accessible_by(current_ability, :show).load
53
53
  end
54
54
  end
55
55
 
data/app/controllers/spree/api/v1/payments_controller.rb CHANGED
@@ -29,7 +29,7 @@ module Spree
29
29
  authorize! params[:action], @payment
30
30
  if !@payment.editable?
31
31
  render 'update_forbidden', status: 403
32
- elsif @payment.update_attributes(payment_params)
32
+ elsif @payment.update(payment_params)
33
33
  respond_with(@payment, default_template: :show)
34
34
  else
35
35
  invalid_resource!(@payment)
@@ -60,7 +60,7 @@ module Spree
60
60
 
61
61
  def find_order
62
62
  @order = Spree::Order.find_by!(number: order_id)
63
- authorize! :read, @order, order_token
63
+ authorize! :show, @order, order_token
64
64
  end
65
65
 
66
66
  def find_payment
data/app/controllers/spree/api/v1/product_properties_controller.rb CHANGED
@@ -6,7 +6,7 @@ module Spree
6
6
  before_action :product_property, only: [:show, :update, :destroy]
7
7
 
8
8
  def index
9
- @product_properties = @product.product_properties.accessible_by(current_ability, :read).
9
+ @product_properties = @product.product_properties.accessible_by(current_ability).
10
10
  ransack(params[:q]).result.
11
11
  page(params[:page]).per(params[:per_page])
12
12
  respond_with(@product_properties)
@@ -31,7 +31,7 @@ module Spree
31
31
  def update
32
32
  authorize! :update, @product_property
33
33
 
34
- if @product_property.update_attributes(product_property_params)
34
+ if @product_property.update(product_property_params)
35
35
  respond_with(@product_property, status: 200, default_template: :show)
36
36
  else
37
37
  invalid_resource!(@product_property)
@@ -51,7 +51,7 @@ module Spree
51
51
  end
52
52
 
53
53
  def authorize_product!
54
- authorize! :read, @product
54
+ authorize! :show, @product
55
55
  end
56
56
 
57
57
  def product_property
@@ -60,7 +60,7 @@ module Spree
60
60
  @product_property ||= @product.product_properties.includes(:property).where(spree_properties: { name: params[:id] }).first
61
61
  raise ActiveRecord::RecordNotFound unless @product_property
62
62
 
63
- authorize! :read, @product_property
63
+ authorize! :show, @product_property
64
64
  end
65
65
  end
66
66
 
data/app/controllers/spree/api/v1/properties_controller.rb CHANGED
@@ -5,7 +5,7 @@ module Spree
5
5
  before_action :find_property, only: [:show, :update, :destroy]
6
6
 
7
7
  def index
8
- @properties = Spree::Property.accessible_by(current_ability, :read)
8
+ @properties = Spree::Property.accessible_by(current_ability)
9
9
 
10
10
  @properties = if params[:ids]
11
11
  @properties.where(id: params[:ids].split(',').flatten)
@@ -36,7 +36,7 @@ module Spree
36
36
  def update
37
37
  if @property
38
38
  authorize! :update, @property
39
- @property.update_attributes(property_params)
39
+ @property.update(property_params)
40
40
  respond_with(@property, status: 200, default_template: :show)
41
41
  else
42
42
  invalid_resource!(@property)
@@ -56,9 +56,9 @@ module Spree
56
56
  private
57
57
 
58
58
  def find_property
59
- @property = Spree::Property.accessible_by(current_ability, :read).find(params[:id])
59
+ @property = Spree::Property.accessible_by(current_ability, :show).find(params[:id])
60
60
  rescue ActiveRecord::RecordNotFound
61
- @property = Spree::Property.accessible_by(current_ability, :read).find_by!(name: params[:id])
61
+ @property = Spree::Property.accessible_by(current_ability, :show).find_by!(name: params[:id])
62
62
  end
63
63
 
64
64
  def property_params
data/app/controllers/spree/api/v1/return_authorizations_controller.rb CHANGED
@@ -20,7 +20,7 @@ module Spree
20
20
 
21
21
  def index
22
22
  authorize! :admin, ReturnAuthorization
23
- @return_authorizations = order.return_authorizations.accessible_by(current_ability, :read).
23
+ @return_authorizations = order.return_authorizations.accessible_by(current_ability).
24
24
  ransack(params[:q]).result.
25
25
  page(params[:page]).per(params[:per_page])
26
26
  respond_with(@return_authorizations)
@@ -32,13 +32,13 @@ module Spree
32
32
 
33
33
  def show
34
34
  authorize! :admin, ReturnAuthorization
35
- @return_authorization = order.return_authorizations.accessible_by(current_ability, :read).find(params[:id])
35
+ @return_authorization = order.return_authorizations.accessible_by(current_ability, :show).find(params[:id])
36
36
  respond_with(@return_authorization)
37
37
  end
38
38
 
39
39
  def update
40
40
  @return_authorization = order.return_authorizations.accessible_by(current_ability, :update).find(params[:id])
41
- if @return_authorization.update_attributes(return_authorization_params)
41
+ if @return_authorization.update(return_authorization_params)
42
42
  respond_with(@return_authorization, default_template: :show)
43
43
  else
44
44
  invalid_resource!(@return_authorization)
@@ -58,7 +58,7 @@ module Spree
58
58
 
59
59
  def order
60
60
  @order ||= Spree::Order.find_by!(number: order_id)
61
- authorize! :read, @order
61
+ authorize! :show, @order
62
62
  end
63
63
 
64
64
  def return_authorization_params
data/app/controllers/spree/api/v1/shipments_controller.rb CHANGED
@@ -20,7 +20,7 @@ module Spree
20
20
 
21
21
  def create
22
22
  @order = Spree::Order.find_by!(number: params.fetch(:shipment).fetch(:order_id))
23
- authorize! :read, @order
23
+ authorize! :show, @order
24
24
  authorize! :create, Shipment
25
25
  quantity = params[:quantity].to_i
26
26
  @shipment = @order.shipments.create(stock_location_id: params.fetch(:stock_location_id))
@@ -126,13 +126,13 @@ module Spree
126
126
  @original_shipment = Spree::Shipment.find_by!(number: params[:original_shipment_number])
127
127
  @variant = Spree::Variant.find(params[:variant_id])
128
128
  @quantity = params[:quantity].to_i
129
- authorize! :read, @original_shipment
129
+ authorize! :show, @original_shipment
130
130
  authorize! :create, Shipment
131
131
  end
132
132
 
133
133
  def find_and_update_shipment
134
134
  @shipment = Spree::Shipment.accessible_by(current_ability, :update).readonly(false).find_by!(number: params[:id])
135
- @shipment.update_attributes(shipment_params)
135
+ @shipment.update(shipment_params)
136
136
  @shipment.reload
137
137
  end
138
138
 
data/app/controllers/spree/api/v1/states_controller.rb CHANGED
@@ -24,10 +24,10 @@ module Spree
24
24
 
25
25
  def scope
26
26
  if params[:country_id]
27
- @country = Country.accessible_by(current_ability, :read).find(params[:country_id])
28
- @country.states.accessible_by(current_ability, :read).order('name ASC')
27
+ @country = Country.accessible_by(current_ability, :show).find(params[:country_id])
28
+ @country.states.accessible_by(current_ability).order('name ASC')
29
29
  else
30
- State.accessible_by(current_ability, :read).order('name ASC')
30
+ State.accessible_by(current_ability).order('name ASC')
31
31
  end
32
32
  end
33
33
  end
data/app/controllers/spree/api/v1/stock_items_controller.rb CHANGED
@@ -65,12 +65,12 @@ module Spree
65
65
 
66
66
  def stock_location
67
67
  render 'spree/api/v1/shared/stock_location_required', status: 422 and return unless params[:stock_location_id]
68
- @stock_location ||= StockLocation.accessible_by(current_ability, :read).find(params[:stock_location_id])
68
+ @stock_location ||= StockLocation.accessible_by(current_ability, :show).find(params[:stock_location_id])
69
69
  end
70
70
 
71
71
  def scope
72
72
  includes = { variant: [{ option_values: :option_type }, :product] }
73
- @stock_location.stock_items.accessible_by(current_ability, :read).includes(includes)
73
+ @stock_location.stock_items.accessible_by(current_ability, :show).includes(includes)
74
74
  end
75
75
 
76
76
  def stock_item_params
data/app/controllers/spree/api/v1/stock_locations_controller.rb CHANGED
@@ -3,8 +3,9 @@ module Spree
3
3
  module V1
4
4
  class StockLocationsController < Spree::Api::BaseController
5
5
  def index
6
- authorize! :read, StockLocation
7
- @stock_locations = StockLocation.accessible_by(current_ability, :read).order('name ASC').ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
6
+ authorize! :index, StockLocation
7
+ @stock_locations = StockLocation.accessible_by(current_ability).order('name ASC').
8
+ ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
8
9
  respond_with(@stock_locations)
9
10
  end
10
11
 
@@ -24,7 +25,7 @@ module Spree
24
25
 
25
26
  def update
26
27
  authorize! :update, stock_location
27
- if stock_location.update_attributes(stock_location_params)
28
+ if stock_location.update(stock_location_params)
28
29
  respond_with(stock_location, status: 200, default_template: :show)
29
30
  else
30
31
  invalid_resource!(stock_location)
@@ -40,7 +41,7 @@ module Spree
40
41
  private
41
42
 
42
43
  def stock_location
43
- @stock_location ||= StockLocation.accessible_by(current_ability, :read).find(params[:id])
44
+ @stock_location ||= StockLocation.accessible_by(current_ability, :show).find(params[:id])
44
45
  end
45
46
 
46
47
  def stock_location_params
data/app/controllers/spree/api/v1/stock_movements_controller.rb CHANGED
@@ -5,7 +5,7 @@ module Spree
5
5
  before_action :stock_location, except: [:update, :destroy]
6
6
 
7
7
  def index
8
- authorize! :read, StockMovement
8
+ authorize! :index, StockMovement
9
9
  @stock_movements = scope.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
10
10
  respond_with(@stock_movements)
11
11
  end
@@ -29,11 +29,11 @@ module Spree
29
29
 
30
30
  def stock_location
31
31
  render 'spree/api/v1/shared/stock_location_required', status: 422 and return unless params[:stock_location_id]
32
- @stock_location ||= StockLocation.accessible_by(current_ability, :read).find(params[:stock_location_id])
32
+ @stock_location ||= StockLocation.accessible_by(current_ability, :show).find(params[:stock_location_id])
33
33
  end
34
34
 
35
35
  def scope
36
- @stock_location.stock_movements.accessible_by(current_ability, :read)
36
+ @stock_location.stock_movements.accessible_by(current_ability, :show)
37
37
  end
38
38
 
39
39
  def stock_movement_params
data/app/controllers/spree/api/v1/stores_controller.rb CHANGED
@@ -5,8 +5,8 @@ module Spree
5
5
  before_action :get_store, except: [:index, :create]
6
6
 
7
7
  def index
8
- authorize! :read, Store
9
- @stores = Store.accessible_by(current_ability, :read).all
8
+ authorize! :index, Store
9
+ @stores = Store.accessible_by(current_ability).all
10
10
  respond_with(@stores)
11
11
  end
12
12
 
@@ -23,7 +23,7 @@ module Spree
23
23
 
24
24
  def update
25
25
  authorize! :update, @store
26
- if @store.update_attributes(store_params)
26
+ if @store.update(store_params)
27
27
  respond_with(@store, status: 200, default_template: :show)
28
28
  else
29
29
  invalid_resource!(@store)
@@ -31,7 +31,7 @@ module Spree
31
31
  end
32
32
 
33
33
  def show
34
- authorize! :read, @store
34
+ authorize! :show, @store
35
35
  respond_with(@store)
36
36
  end
37
37
 
data/app/controllers/spree/api/v1/taxonomies_controller.rb CHANGED
@@ -29,7 +29,7 @@ module Spree
29
29
 
30
30
  def update
31
31
  authorize! :update, taxonomy
32
- if taxonomy.update_attributes(taxonomy_params)
32
+ if taxonomy.update(taxonomy_params)
33
33
  respond_with(taxonomy, status: 200, default_template: :show)
34
34
  else
35
35
  invalid_resource!(taxonomy)
@@ -45,13 +45,13 @@ module Spree
45
45
  private
46
46
 
47
47
  def taxonomies
48
- @taxonomies = Taxonomy.accessible_by(current_ability, :read).order('name').includes(root: :children).
48
+ @taxonomies = Taxonomy.accessible_by(current_ability).order('name').includes(root: :children).
49
49
  ransack(params[:q]).result.
50
50
  page(params[:page]).per(params[:per_page])
51
51
  end
52
52
 
53
53
  def taxonomy
54
- @taxonomy ||= Taxonomy.accessible_by(current_ability, :read).find(params[:id])
54
+ @taxonomy ||= Taxonomy.accessible_by(current_ability, :show).find(params[:id])
55
55
  end
56
56
 
57
57
  def taxonomy_params
data/app/controllers/spree/api/v1/taxons_controller.rb CHANGED
@@ -6,9 +6,9 @@ module Spree
6
6
  @taxons = if taxonomy
7
7
  taxonomy.root.children
8
8
  elsif params[:ids]
9
- Spree::Taxon.includes(:children).accessible_by(current_ability, :read).where(id: params[:ids].split(','))
9
+ Spree::Taxon.includes(:children).accessible_by(current_ability).where(id: params[:ids].split(','))
10
10
  else
11
- Spree::Taxon.includes(:children).accessible_by(current_ability, :read).order(:taxonomy_id, :lft)
11
+ Spree::Taxon.includes(:children).accessible_by(current_ability).order(:taxonomy_id, :lft)
12
12
  end
13
13
  @taxons = @taxons.ransack(params[:q]).result
14
14
  @taxons = @taxons.page(params[:page]).per(params[:per_page])
@@ -48,7 +48,7 @@ module Spree
48
48
 
49
49
  def update
50
50
  authorize! :update, taxon
51
- if taxon.update_attributes(taxon_params)
51
+ if taxon.update(taxon_params)
52
52
  respond_with(taxon, status: 200, default_template: :show)
53
53
  else
54
54
  invalid_resource!(taxon)
@@ -74,12 +74,12 @@ module Spree
74
74
 
75
75
  def taxonomy
76
76
  if params[:taxonomy_id].present?
77
- @taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :read).find(params[:taxonomy_id])
77
+ @taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :show).find(params[:taxonomy_id])
78
78
  end
79
79
  end
80
80
 
81
81
  def taxon
82
- @taxon ||= taxonomy.taxons.accessible_by(current_ability, :read).find(params[:id])
82
+ @taxon ||= taxonomy.taxons.accessible_by(current_ability, :show).find(params[:id])
83
83
  end
84
84
 
85
85
  def taxon_params
data/app/controllers/spree/api/v1/users_controller.rb CHANGED
@@ -5,7 +5,7 @@ module Spree
5
5
  rescue_from Spree::Core::DestroyWithOrdersError, with: :error_during_processing
6
6
 
7
7
  def index
8
- @users = Spree.user_class.accessible_by(current_ability, :read)
8
+ @users = Spree.user_class.accessible_by(current_ability, :show)
9
9
 
10
10
  @users = if params[:ids]
11
11
  @users.ransack(id_in: params[:ids].split(','))
@@ -37,7 +37,7 @@ module Spree
37
37
 
38
38
  def update
39
39
  authorize! :update, user
40
- if user.update_attributes(user_params)
40
+ if user.update(user_params)
41
41
  respond_with(user, status: 200, default_template: :show)
42
42
  else
43
43
  invalid_resource!(user)
@@ -53,7 +53,7 @@ module Spree
53
53
  private
54
54
 
55
55
  def user
56
- @user ||= Spree.user_class.accessible_by(current_ability, :read).find(params[:id])
56
+ @user ||= Spree.user_class.accessible_by(current_ability, :show).find(params[:id])
57
57
  end
58
58
 
59
59
  def user_params
data/app/controllers/spree/api/v1/variants_controller.rb CHANGED
@@ -38,7 +38,7 @@ module Spree
38
38
 
39
39
  def update
40
40
  @variant = scope.accessible_by(current_ability, :update).find(params[:id])
41
- if @variant.update_attributes(variant_params)
41
+ if @variant.update(variant_params)
42
42
  respond_with(@variant, status: 200, default_template: :show)
43
43
  else
44
44
  invalid_resource!(@product)
@@ -49,7 +49,7 @@ module Spree
49
49
 
50
50
  def product
51
51
  if params[:product_id]
52
- @product ||= Spree::Product.accessible_by(current_ability, :read).
52
+ @product ||= Spree::Product.accessible_by(current_ability, :show).
53
53
  friendly.find(params[:product_id])
54
54
  end
55
55
  end
@@ -65,7 +65,7 @@ module Spree
65
65
  variants = variants.with_deleted
66
66
  end
67
67
 
68
- variants.eligible.accessible_by(current_ability, :read)
68
+ variants.eligible.accessible_by(current_ability)
69
69
  end
70
70
 
71
71
  def variant_params
data/app/controllers/spree/api/v1/zones_controller.rb CHANGED
@@ -19,7 +19,7 @@ module Spree
19
19
  end
20
20
 
21
21
  def index
22
- @zones = Zone.accessible_by(current_ability, :read).order('name ASC').ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
22
+ @zones = Zone.accessible_by(current_ability).order('name ASC').ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
23
23
  respond_with(@zones)
24
24
  end
25
25
 
@@ -29,7 +29,7 @@ module Spree
29
29
 
30
30
  def update
31
31
  authorize! :update, zone
32
- if zone.update_attributes(zone_params)
32
+ if zone.update(zone_params)
33
33
  respond_with(zone, status: 200, default_template: :show)
34
34
  else
35
35
  invalid_resource!(zone)
@@ -47,7 +47,7 @@ module Spree
47
47
  end
48
48
 
49
49
  def zone
50
- @zone ||= Spree::Zone.accessible_by(current_ability, :read).find(params[:id])
50
+ @zone ||= Spree::Zone.accessible_by(current_ability, :show).find(params[:id])
51
51
  end
52
52
  end
53
53
  end
data/app/controllers/spree/api/v2/base_controller.rb CHANGED
@@ -55,12 +55,7 @@ module Spree
55
55
  end
56
56
 
57
57
  def spree_current_user
58
- return nil unless doorkeeper_token
59
- return @spree_current_user if @spree_current_user
60
-
61
- doorkeeper_authorize!
62
-
63
- @spree_current_user ||= Spree.user_class.find_by(id: doorkeeper_token.resource_owner_id)
58
+ @spree_current_user ||= Spree.user_class.find_by(id: doorkeeper_token.resource_owner_id) if doorkeeper_token
64
59
  end
65
60
 
66
61
  def spree_authorize!(action, subject, *args)
data/app/controllers/spree/api/v2/storefront/account/credit_cards_controller.rb CHANGED
@@ -41,7 +41,7 @@ module Spree
41
41
  end
42
42
 
43
43
  def scope
44
- spree_current_user.credit_cards.accessible_by(current_ability, :read)
44
+ spree_current_user.credit_cards.accessible_by(current_ability, :show)
45
45
  end
46
46
  end
47
47
  end
data/app/controllers/spree/api/v2/storefront/countries_controller.rb CHANGED
@@ -36,6 +36,7 @@ module Spree
36
36
  return scope.default if params[:iso] == 'default'
37
37
 
38
38
  scope.find_by(iso: params[:iso]&.upcase) ||
39
+ scope.find_by(id: params[:iso]&.upcase) ||
39
40
  scope.find_by(iso3: params[:iso]&.upcase)
40
41
  end
41
42
 
@@ -52,7 +53,7 @@ module Spree
52
53
  end
53
54
 
54
55
  def scope
55
- Spree::Country.accessible_by(current_ability, :read)
56
+ Spree::Country.accessible_by(current_ability, :show)
56
57
  end
57
58
  end
58
59
  end