spree_api 4.2.3.1 → 4.3.0.rc2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (92) hide show
  1. checksums.yaml +4 -4
  2. data/Rakefile +14 -1
  3. data/app/controllers/concerns/spree/api/v2/caching.rb +33 -0
  4. data/app/controllers/concerns/spree/api/v2/product_list_includes.rb +23 -0
  5. data/app/controllers/spree/api/v1/classifications_controller.rb +4 -3
  6. data/app/controllers/spree/api/v1/orders_controller.rb +5 -1
  7. data/app/controllers/spree/api/v1/products_controller.rb +2 -2
  8. data/app/controllers/spree/api/v1/taxonomies_controller.rb +1 -1
  9. data/app/controllers/spree/api/v2/base_controller.rb +29 -6
  10. data/app/controllers/spree/api/v2/platform/addresses_controller.rb +19 -0
  11. data/app/controllers/spree/api/v2/platform/classifications_controller.rb +43 -0
  12. data/app/controllers/spree/api/v2/platform/cms_pages_controller.rb +15 -0
  13. data/app/controllers/spree/api/v2/platform/cms_sections_controller.rb +34 -0
  14. data/app/controllers/spree/api/v2/platform/countries_controller.rb +19 -0
  15. data/app/controllers/spree/api/v2/platform/menu_items_controller.rb +35 -0
  16. data/app/controllers/spree/api/v2/platform/menus_controller.rb +19 -0
  17. data/app/controllers/spree/api/v2/platform/option_types_controller.rb +15 -0
  18. data/app/controllers/spree/api/v2/platform/option_values_controller.rb +19 -0
  19. data/app/controllers/spree/api/v2/platform/products_controller.rb +33 -0
  20. data/app/controllers/spree/api/v2/platform/resource_controller.rb +112 -0
  21. data/app/controllers/spree/api/v2/platform/taxons_controller.rb +30 -0
  22. data/app/controllers/spree/api/v2/platform/users_controller.rb +28 -0
  23. data/app/controllers/spree/api/v2/resource_controller.rb +24 -7
  24. data/app/controllers/spree/api/v2/storefront/account/addresses_controller.rb +2 -14
  25. data/app/controllers/spree/api/v2/storefront/account/credit_cards_controller.rb +13 -11
  26. data/app/controllers/spree/api/v2/storefront/account/orders_controller.rb +6 -2
  27. data/app/controllers/spree/api/v2/storefront/account_controller.rb +32 -1
  28. data/app/controllers/spree/api/v2/storefront/cart_controller.rb +28 -6
  29. data/app/controllers/spree/api/v2/storefront/checkout_controller.rb +2 -1
  30. data/app/controllers/spree/api/v2/storefront/cms_pages_controller.rb +41 -0
  31. data/app/controllers/spree/api/v2/storefront/countries_controller.rb +9 -14
  32. data/app/controllers/spree/api/v2/storefront/menus_controller.rb +35 -0
  33. data/app/controllers/spree/api/v2/storefront/order_status_controller.rb +1 -1
  34. data/app/controllers/spree/api/v2/storefront/products_controller.rb +10 -12
  35. data/app/controllers/spree/api/v2/storefront/stores_controller.rb +1 -1
  36. data/app/controllers/spree/api/v2/storefront/taxons_controller.rb +7 -8
  37. data/app/helpers/spree/api/v2/display_money_helper.rb +2 -2
  38. data/app/models/spree/api_configuration.rb +4 -1
  39. data/app/models/spree/api_dependencies.rb +20 -5
  40. data/app/serializers/concerns/spree/api/v2/resource_serializer_concern.rb +16 -0
  41. data/app/serializers/spree/api/v2/base_serializer.rb +32 -0
  42. data/app/serializers/spree/api/v2/platform/address_serializer.rb +15 -0
  43. data/app/serializers/spree/api/v2/platform/base_serializer.rb +10 -0
  44. data/app/serializers/spree/api/v2/platform/classification_serializer.rb +14 -0
  45. data/app/serializers/spree/api/v2/platform/cms_page_serializer.rb +13 -0
  46. data/app/serializers/spree/api/v2/platform/cms_section_serializer.rb +11 -0
  47. data/app/serializers/spree/api/v2/platform/country_serializer.rb +13 -0
  48. data/app/serializers/spree/api/v2/platform/image_serializer.rb +15 -0
  49. data/app/serializers/spree/api/v2/platform/menu_item_serializer.rb +27 -0
  50. data/app/serializers/spree/api/v2/platform/menu_serializer.rb +13 -0
  51. data/app/serializers/spree/api/v2/platform/option_type_serializer.rb +13 -0
  52. data/app/serializers/spree/api/v2/platform/option_value_serializer.rb +13 -0
  53. data/app/serializers/spree/api/v2/platform/product_property_serializer.rb +11 -0
  54. data/app/serializers/spree/api/v2/platform/product_serializer.rb +78 -0
  55. data/app/serializers/spree/api/v2/platform/state_serializer.rb +13 -0
  56. data/app/serializers/spree/api/v2/platform/stock_item_serializer.rb +20 -0
  57. data/app/serializers/spree/api/v2/platform/stock_location_serializer.rb +16 -0
  58. data/app/serializers/spree/api/v2/platform/store_serializer.rb +14 -0
  59. data/app/serializers/spree/api/v2/platform/tax_category_serializer.rb +13 -0
  60. data/app/serializers/spree/api/v2/platform/taxon_image_serializer.rb +13 -0
  61. data/app/serializers/spree/api/v2/platform/taxon_serializer.rb +38 -0
  62. data/app/serializers/spree/api/v2/platform/taxonomy_serializer.rb +14 -0
  63. data/app/serializers/spree/api/v2/platform/user_serializer.rb +37 -0
  64. data/app/serializers/spree/api/v2/platform/variant_serializer.rb +57 -0
  65. data/app/serializers/spree/v2/storefront/base_serializer.rb +3 -2
  66. data/app/serializers/spree/v2/storefront/cms_page_serializer.rb +14 -0
  67. data/app/serializers/spree/v2/storefront/cms_section_serializer.rb +28 -0
  68. data/app/serializers/spree/v2/storefront/country_serializer.rb +4 -4
  69. data/app/serializers/spree/v2/storefront/estimated_shipping_rate_serializer.rb +2 -0
  70. data/app/serializers/spree/v2/storefront/menu_item_serializer.rb +43 -0
  71. data/app/serializers/spree/v2/storefront/menu_serializer.rb +13 -0
  72. data/app/serializers/spree/v2/storefront/product_property_serializer.rb +1 -1
  73. data/app/serializers/spree/v2/storefront/product_serializer.rb +20 -11
  74. data/app/serializers/spree/v2/storefront/store_serializer.rb +10 -0
  75. data/app/serializers/spree/v2/storefront/taxon_serializer.rb +6 -5
  76. data/config/initializers/doorkeeper.rb +8 -1
  77. data/config/initializers/rabl.rb +9 -0
  78. data/config/locales/en.yml +1 -1
  79. data/config/routes.rb +115 -3
  80. data/db/migrate/20210727102516_change_integer_id_columns_type.rb +9 -0
  81. data/docs/oauth/index.yml +4 -4
  82. data/docs/v2/platform/index.yaml +2505 -0
  83. data/docs/v2/storefront/index.yaml +3508 -1220
  84. data/lib/spree/api/engine.rb +6 -17
  85. data/lib/spree/api/testing_support/v2/base.rb +1 -1
  86. data/lib/spree/api/testing_support/v2/platform_contexts.rb +214 -0
  87. data/lib/spree/api/testing_support/v2/serializers_params.rb +14 -0
  88. data/lib/spree/api.rb +1 -0
  89. data/spree_api.gemspec +6 -3
  90. metadata +110 -13
  91. data/app/assets/javascripts/spree/api/main.js +0 -36
  92. data/app/assets/javascripts/spree/api/storefront/cart.js +0 -49
@@ -0,0 +1,19 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class OptionValuesController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree::OptionValue
10
+ end
11
+
12
+ def scope_includes
13
+ [:option_type]
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,33 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class ProductsController < ResourceController
6
+ include ::Spree::Api::V2::ProductListIncludes
7
+
8
+ private
9
+
10
+ def model_class
11
+ Spree::Product
12
+ end
13
+
14
+ def scope_includes
15
+ product_list_includes
16
+ end
17
+
18
+ def allowed_sort_attributes
19
+ super << :available_on
20
+ end
21
+
22
+ def sorted_collection
23
+ collection_sorter.new(collection, current_currency, params, allowed_sort_attributes).call
24
+ end
25
+
26
+ def collection_sorter
27
+ Spree::Api::Dependencies.platform_products_sorter.constantize
28
+ end
29
+ end
30
+ end
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,112 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class ResourceController < ::Spree::Api::V2::ResourceController
6
+ READ_ACTIONS = %i[show index]
7
+ WRITE_ACTIONS = %i[create update destroy]
8
+
9
+ # doorkeeper scopes usage: https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
10
+ before_action -> { doorkeeper_authorize! :read, :admin }, only: READ_ACTIONS
11
+ before_action -> { doorkeeper_authorize! :write, :admin }, only: WRITE_ACTIONS
12
+
13
+ # optional authorization if using a user token instead of app token
14
+ before_action :authorize_spree_user, only: WRITE_ACTIONS
15
+
16
+ # index and show acrtions are defined in Spree::Api::V2::ResourceController
17
+
18
+ def create
19
+ resource = model_class.new(permitted_resource_params)
20
+
21
+ if resource.save
22
+ render_serialized_payload(201) { serialize_resource(resource) }
23
+ else
24
+ render_error_payload(resource.errors)
25
+ end
26
+ end
27
+
28
+ def update
29
+ if resource.update(permitted_resource_params)
30
+ render_serialized_payload { serialize_resource(resource) }
31
+ else
32
+ render_error_payload(resource.errors)
33
+ end
34
+ end
35
+
36
+ def destroy
37
+ if resource.destroy
38
+ head 204
39
+ else
40
+ render_error_payload(resource.errors)
41
+ end
42
+ end
43
+
44
+ protected
45
+
46
+ def resource_serializer
47
+ "Spree::Api::V2::Platform::#{model_class.to_s.demodulize}Serializer".constantize
48
+ end
49
+
50
+ def collection_serializer
51
+ resource_serializer
52
+ end
53
+
54
+ # overwiting to utilize ransack gem for filtering
55
+ # https://github.com/activerecord-hackery/ransack#search-matchers
56
+ def collection
57
+ @collection ||= scope.ransack(params[:filter]).result
58
+ end
59
+
60
+ # overwriting to skip cancancan check if API is consumed by an application
61
+ def scope
62
+ return super if spree_current_user.present?
63
+
64
+ super(skip_cancancan: true)
65
+ end
66
+
67
+ # We're overwriting this method because the original one calls `dookreeper_authorize`
68
+ # which breaks our application authorizations defined on top of this controller
69
+ def spree_current_user
70
+ return nil unless doorkeeper_token
71
+ return nil if doorkeeper_token.resource_owner_id.nil?
72
+ return @spree_current_user if @spree_current_user
73
+
74
+ @spree_current_user ||= Spree.user_class.find_by(id: doorkeeper_token.resource_owner_id)
75
+ end
76
+
77
+ def access_denied(exception)
78
+ access_denied_401(exception)
79
+ end
80
+
81
+ # if using a user oAuth token we need to check CanCanCan abilities
82
+ # defined in https://github.com/spree/spree/blob/master/core/app/models/spree/ability.rb
83
+ def authorize_spree_user
84
+ return if spree_current_user.nil?
85
+
86
+ if action_name == 'create'
87
+ spree_authorize! :create, model_class
88
+ else
89
+ spree_authorize! action_name, resource
90
+ end
91
+ end
92
+
93
+ def model_param_name
94
+ model_class.to_s.demodulize.underscore
95
+ end
96
+
97
+ def spree_permitted_attributes
98
+ Spree::PermittedAttributes.try("#{model_param_name}_attributes") || {}
99
+ end
100
+
101
+ def permitted_resource_params
102
+ params.require(model_param_name).permit(spree_permitted_attributes)
103
+ end
104
+
105
+ def allowed_sort_attributes
106
+ (super << spree_permitted_attributes).uniq.compact
107
+ end
108
+ end
109
+ end
110
+ end
111
+ end
112
+ end
@@ -0,0 +1,30 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class TaxonsController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree::Taxon
10
+ end
11
+
12
+ def scope_includes
13
+ node_includes = %i[icon parent taxonomy]
14
+
15
+ {
16
+ parent: node_includes,
17
+ children: node_includes,
18
+ taxonomy: [root: node_includes],
19
+ icon: [attachment_attachment: :blob]
20
+ }
21
+ end
22
+
23
+ def serializer_params
24
+ super.merge(include_products: action_name == 'show')
25
+ end
26
+ end
27
+ end
28
+ end
29
+ end
30
+ end
@@ -0,0 +1,28 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class UsersController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree.user_class
10
+ end
11
+
12
+ def resource_serializer
13
+ Spree::Api::V2::Platform::UserSerializer
14
+ end
15
+
16
+ def scope_includes
17
+ [:ship_address, :bill_address]
18
+ end
19
+
20
+ # we need to define this here as developers can configure their own `user_class`
21
+ def model_param_name
22
+ 'user'
23
+ end
24
+ end
25
+ end
26
+ end
27
+ end
28
+ end
@@ -3,9 +3,14 @@ module Spree
3
3
  module V2
4
4
  class ResourceController < ::Spree::Api::V2::BaseController
5
5
  include Spree::Api::V2::CollectionOptionsHelpers
6
+ include Spree::Api::V2::Caching
6
7
 
7
8
  def index
8
- render_serialized_payload { serialize_collection(paginated_collection) }
9
+ render_serialized_payload do
10
+ Rails.cache.fetch(collection_cache_key(paginated_collection), collection_cache_opts) do
11
+ serialize_collection(paginated_collection)
12
+ end
13
+ end
9
14
  end
10
15
 
11
16
  def show
@@ -15,7 +20,7 @@ module Spree
15
20
  protected
16
21
 
17
22
  def sorted_collection
18
- collection_sorter.new(collection, params, allowed_sort_attributes).call
23
+ @sorted_collection ||= collection_sorter.new(collection, params, allowed_sort_attributes).call
19
24
  end
20
25
 
21
26
  def allowed_sort_attributes
@@ -23,11 +28,14 @@ module Spree
23
28
  end
24
29
 
25
30
  def default_sort_atributes
26
- [:id, :updated_at, :created_at]
31
+ [:id, :name, :number, :position, :updated_at, :created_at]
27
32
  end
28
33
 
29
- def scope
30
- model_class.accessible_by(current_ability, :show).includes(scope_includes)
34
+ def scope(skip_cancancan: false)
35
+ base_scope = model_class.for_store(current_store)
36
+ base_scope = base_scope.accessible_by(current_ability, :show) unless skip_cancancan
37
+ base_scope = base_scope.includes(scope_includes) if scope_includes.any? && action_name == 'index'
38
+ base_scope
31
39
  end
32
40
 
33
41
  def scope_includes
@@ -36,7 +44,7 @@ module Spree
36
44
 
37
45
  def resource
38
46
  @resource ||= if defined?(resource_finder)
39
- resource_finder.new(scope: scope, params: params).execute
47
+ resource_finder.new(scope: scope, params: finder_params).execute
40
48
  else
41
49
  scope.find(params[:id])
42
50
  end
@@ -44,12 +52,21 @@ module Spree
44
52
 
45
53
  def collection
46
54
  @collection ||= if defined?(collection_finder)
47
- collection_finder.new(scope: scope, params: params).execute
55
+ collection_finder.new(scope: scope, params: finder_params).execute
48
56
  else
49
57
  scope
50
58
  end
51
59
  end
52
60
 
61
+ def finder_params
62
+ params.merge(
63
+ store: current_store,
64
+ locale: current_locale,
65
+ currency: current_currency,
66
+ user: spree_current_user
67
+ )
68
+ end
69
+
53
70
  def collection_sorter
54
71
  Spree::Api::Dependencies.storefront_collection_sorter.constantize
55
72
  end
@@ -33,11 +33,11 @@ module Spree
33
33
  private
34
34
 
35
35
  def collection
36
- collection_finder.new(scope: scope, params: params).execute
36
+ collection_finder.new(scope: scope, params: finder_params).execute
37
37
  end
38
38
 
39
39
  def scope
40
- super.not_deleted
40
+ super.where(user: spree_current_user).not_deleted
41
41
  end
42
42
 
43
43
  def model_class
@@ -56,10 +56,6 @@ module Spree
56
56
  Spree::Api::Dependencies.storefront_address_serializer.constantize
57
57
  end
58
58
 
59
- def serialize_collection(collection)
60
- collection_serializer.new(collection).serializable_hash
61
- end
62
-
63
59
  def create_service
64
60
  Spree::Api::Dependencies.storefront_account_create_address_service.constantize
65
61
  end
@@ -71,14 +67,6 @@ module Spree
71
67
  def address_params
72
68
  params.require(:address).permit(permitted_address_attributes)
73
69
  end
74
-
75
- def render_result(result)
76
- if result.success?
77
- render_serialized_payload { serialize_resource(result.value) }
78
- else
79
- render_error_payload(result.error)
80
- end
81
- end
82
70
  end
83
71
  end
84
72
  end
@@ -6,14 +6,24 @@ module Spree
6
6
  class CreditCardsController < ::Spree::Api::V2::ResourceController
7
7
  before_action :require_spree_current_user
8
8
 
9
+ def destroy
10
+ spree_authorize! :destroy, resource, resource
11
+
12
+ destroy_service.call(card: resource)
13
+ end
14
+
9
15
  private
10
16
 
17
+ def resource
18
+ params[:id].eql?('default') ? scope.default.first! : scope.find(params[:id])
19
+ end
20
+
11
21
  def model_class
12
22
  Spree::CreditCard
13
23
  end
14
24
 
15
25
  def scope
16
- super.where(user: spree_current_user)
26
+ super.where(user: spree_current_user, payment_method: current_store.payment_methods.available_on_front_end)
17
27
  end
18
28
 
19
29
  def collection_serializer
@@ -28,16 +38,8 @@ module Spree
28
38
  Spree::Api::Dependencies.storefront_credit_card_serializer.constantize
29
39
  end
30
40
 
31
- def resource_finder
32
- Spree::Api::Dependencies.storefront_credit_card_finder.constantize
33
- end
34
-
35
- def serialize_collection(collection)
36
- collection_serializer.new(
37
- collection,
38
- include: resource_includes,
39
- fields: sparse_fields
40
- ).serializable_hash
41
+ def destroy_service
42
+ Spree::Api::Dependencies.storefront_credit_cards_destroy_service.constantize
41
43
  end
42
44
  end
43
45
  end
@@ -9,11 +9,11 @@ module Spree
9
9
  private
10
10
 
11
11
  def collection
12
- collection_finder.new(user: spree_current_user).execute
12
+ collection_finder.new(user: spree_current_user, store: current_store).execute
13
13
  end
14
14
 
15
15
  def resource
16
- resource = resource_finder.new(user: spree_current_user, number: params[:id]).execute.take
16
+ resource = resource_finder.new(user: spree_current_user, number: params[:id], store: current_store).execute.take
17
17
  raise ActiveRecord::RecordNotFound if resource.nil?
18
18
 
19
19
  resource
@@ -38,6 +38,10 @@ module Spree
38
38
  def resource_finder
39
39
  Spree::Api::Dependencies.storefront_completed_order_finder.constantize
40
40
  end
41
+
42
+ def model_class
43
+ Spree::Order
44
+ end
41
45
  end
42
46
  end
43
47
  end
@@ -3,7 +3,18 @@ module Spree
3
3
  module V2
4
4
  module Storefront
5
5
  class AccountController < ::Spree::Api::V2::ResourceController
6
- before_action :require_spree_current_user
6
+ before_action :require_spree_current_user, except: :create
7
+
8
+ def create
9
+ result = create_service.call(user_params: user_create_params)
10
+ render_result(result)
11
+ end
12
+
13
+ def update
14
+ spree_authorize! :update, spree_current_user
15
+ result = update_service.call(user: spree_current_user, user_params: user_update_params)
16
+ render_result(result)
17
+ end
7
18
 
8
19
  private
9
20
 
@@ -14,6 +25,26 @@ module Spree
14
25
  def resource_serializer
15
26
  Spree::Api::Dependencies.storefront_user_serializer.constantize
16
27
  end
28
+
29
+ def model_class
30
+ Spree.user_class
31
+ end
32
+
33
+ def create_service
34
+ Spree::Api::Dependencies.storefront_account_create_service.constantize
35
+ end
36
+
37
+ def update_service
38
+ Spree::Api::Dependencies.storefront_account_update_service.constantize
39
+ end
40
+
41
+ def user_create_params
42
+ user_update_params.except(:bill_address_id, :ship_address_id)
43
+ end
44
+
45
+ def user_update_params
46
+ params.require(:user).permit(permitted_user_attributes)
47
+ end
17
48
  end
18
49
  end
19
50
  end