spree_api 4.2.7 → 4.3.0.rc1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (90) hide show
  1. checksums.yaml +4 -4
  2. data/Rakefile +14 -1
  3. data/app/controllers/concerns/spree/api/v2/product_list_includes.rb +23 -0
  4. data/app/controllers/spree/api/v1/classifications_controller.rb +4 -3
  5. data/app/controllers/spree/api/v1/orders_controller.rb +5 -1
  6. data/app/controllers/spree/api/v1/products_controller.rb +2 -2
  7. data/app/controllers/spree/api/v1/taxonomies_controller.rb +1 -1
  8. data/app/controllers/spree/api/v2/base_controller.rb +29 -6
  9. data/app/controllers/spree/api/v2/platform/addresses_controller.rb +19 -0
  10. data/app/controllers/spree/api/v2/platform/classifications_controller.rb +43 -0
  11. data/app/controllers/spree/api/v2/platform/cms_pages_controller.rb +15 -0
  12. data/app/controllers/spree/api/v2/platform/cms_sections_controller.rb +34 -0
  13. data/app/controllers/spree/api/v2/platform/countries_controller.rb +19 -0
  14. data/app/controllers/spree/api/v2/platform/menu_items_controller.rb +35 -0
  15. data/app/controllers/spree/api/v2/platform/menus_controller.rb +19 -0
  16. data/app/controllers/spree/api/v2/platform/option_types_controller.rb +15 -0
  17. data/app/controllers/spree/api/v2/platform/option_values_controller.rb +19 -0
  18. data/app/controllers/spree/api/v2/platform/products_controller.rb +21 -0
  19. data/app/controllers/spree/api/v2/platform/resource_controller.rb +112 -0
  20. data/app/controllers/spree/api/v2/platform/taxons_controller.rb +30 -0
  21. data/app/controllers/spree/api/v2/platform/users_controller.rb +28 -0
  22. data/app/controllers/spree/api/v2/resource_controller.rb +18 -6
  23. data/app/controllers/spree/api/v2/storefront/account/addresses_controller.rb +2 -14
  24. data/app/controllers/spree/api/v2/storefront/account/credit_cards_controller.rb +13 -11
  25. data/app/controllers/spree/api/v2/storefront/account/orders_controller.rb +2 -2
  26. data/app/controllers/spree/api/v2/storefront/account_controller.rb +32 -1
  27. data/app/controllers/spree/api/v2/storefront/cart_controller.rb +28 -6
  28. data/app/controllers/spree/api/v2/storefront/checkout_controller.rb +2 -1
  29. data/app/controllers/spree/api/v2/storefront/cms_pages_controller.rb +41 -0
  30. data/app/controllers/spree/api/v2/storefront/countries_controller.rb +9 -14
  31. data/app/controllers/spree/api/v2/storefront/menus_controller.rb +35 -0
  32. data/app/controllers/spree/api/v2/storefront/order_status_controller.rb +1 -1
  33. data/app/controllers/spree/api/v2/storefront/products_controller.rb +6 -12
  34. data/app/controllers/spree/api/v2/storefront/stores_controller.rb +1 -1
  35. data/app/controllers/spree/api/v2/storefront/taxons_controller.rb +7 -8
  36. data/app/helpers/spree/api/v2/display_money_helper.rb +2 -2
  37. data/app/models/spree/api_configuration.rb +1 -0
  38. data/app/models/spree/api_dependencies.rb +19 -5
  39. data/app/serializers/concerns/spree/api/v2/resource_serializer_concern.rb +16 -0
  40. data/app/serializers/spree/api/v2/base_serializer.rb +32 -0
  41. data/app/serializers/spree/api/v2/platform/address_serializer.rb +15 -0
  42. data/app/serializers/spree/api/v2/platform/base_serializer.rb +10 -0
  43. data/app/serializers/spree/api/v2/platform/classification_serializer.rb +14 -0
  44. data/app/serializers/spree/api/v2/platform/cms_page_serializer.rb +13 -0
  45. data/app/serializers/spree/api/v2/platform/cms_section_serializer.rb +11 -0
  46. data/app/serializers/spree/api/v2/platform/country_serializer.rb +13 -0
  47. data/app/serializers/spree/api/v2/platform/image_serializer.rb +15 -0
  48. data/app/serializers/spree/api/v2/platform/menu_item_serializer.rb +22 -0
  49. data/app/serializers/spree/api/v2/platform/menu_serializer.rb +13 -0
  50. data/app/serializers/spree/api/v2/platform/option_type_serializer.rb +13 -0
  51. data/app/serializers/spree/api/v2/platform/option_value_serializer.rb +13 -0
  52. data/app/serializers/spree/api/v2/platform/product_property_serializer.rb +11 -0
  53. data/app/serializers/spree/api/v2/platform/product_serializer.rb +78 -0
  54. data/app/serializers/spree/api/v2/platform/state_serializer.rb +13 -0
  55. data/app/serializers/spree/api/v2/platform/stock_item_serializer.rb +20 -0
  56. data/app/serializers/spree/api/v2/platform/stock_location_serializer.rb +16 -0
  57. data/app/serializers/spree/api/v2/platform/store_serializer.rb +14 -0
  58. data/app/serializers/spree/api/v2/platform/tax_category_serializer.rb +13 -0
  59. data/app/serializers/spree/api/v2/platform/taxon_image_serializer.rb +13 -0
  60. data/app/serializers/spree/api/v2/platform/taxon_serializer.rb +38 -0
  61. data/app/serializers/spree/api/v2/platform/taxonomy_serializer.rb +14 -0
  62. data/app/serializers/spree/api/v2/platform/user_serializer.rb +21 -0
  63. data/app/serializers/spree/api/v2/platform/variant_serializer.rb +57 -0
  64. data/app/serializers/spree/v2/storefront/base_serializer.rb +3 -2
  65. data/app/serializers/spree/v2/storefront/cms_page_serializer.rb +14 -0
  66. data/app/serializers/spree/v2/storefront/cms_section_serializer.rb +28 -0
  67. data/app/serializers/spree/v2/storefront/country_serializer.rb +4 -4
  68. data/app/serializers/spree/v2/storefront/estimated_shipping_rate_serializer.rb +2 -0
  69. data/app/serializers/spree/v2/storefront/menu_item_serializer.rb +37 -0
  70. data/app/serializers/spree/v2/storefront/menu_serializer.rb +13 -0
  71. data/app/serializers/spree/v2/storefront/product_property_serializer.rb +1 -1
  72. data/app/serializers/spree/v2/storefront/product_serializer.rb +4 -1
  73. data/app/serializers/spree/v2/storefront/store_serializer.rb +10 -0
  74. data/app/serializers/spree/v2/storefront/taxon_serializer.rb +6 -5
  75. data/config/initializers/doorkeeper.rb +8 -1
  76. data/config/initializers/rabl.rb +9 -0
  77. data/config/routes.rb +115 -3
  78. data/db/migrate/20210727102516_change_integer_id_columns_type.rb +9 -0
  79. data/docs/oauth/index.yml +2 -2
  80. data/docs/v2/platform/index.yaml +1501 -0
  81. data/docs/v2/storefront/index.yaml +48 -2
  82. data/lib/spree/api/engine.rb +6 -17
  83. data/lib/spree/api/testing_support/v2/base.rb +1 -1
  84. data/lib/spree/api/testing_support/v2/platform_contexts.rb +214 -0
  85. data/lib/spree/api/testing_support/v2/serializers_params.rb +14 -0
  86. data/lib/spree/api.rb +1 -0
  87. data/spree_api.gemspec +3 -0
  88. metadata +101 -11
  89. data/app/assets/javascripts/spree/api/main.js +0 -36
  90. data/app/assets/javascripts/spree/api/storefront/cart.js +0 -49
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ebb01666d648a0e2ddca7b1dec811507fd8be8004532980a8b0647ed55b58fa4
4
- data.tar.gz: dc4ec944e5a8695940f6c6aafa8f03819b54d2d981e3ea52b3ec4378ed777438
3
+ metadata.gz: 381bcae626a5cfcc30444d47853c1bc26063befbc5c18db328276d8c1998c309
4
+ data.tar.gz: 01fc310be446eff60debb73a6da32a1b4e548dcd2ec7e7fca562ef7fada5a248
5
5
  SHA512:
6
- metadata.gz: c0fe029befd0b9af98ab276d140427581086676d26106486e2d7459ab013f49aff89bc739827314809513994c20fd51405a7c094cb43bdb59f86b36dbabc0313
7
- data.tar.gz: 0651c7281b4df1da230e998c326179cf8c42b74fb5707aa4185879adf452972c883ad98b47163d60c0d436937e2307b9d8d8c835303376983c3b31a9bda9415a
6
+ metadata.gz: 03c6087202462b6ff19e3cc1b081a175e3db9273ce486b321c27aa44e4ae82a57c9b73b24894f788c1335584e0cfcf7b94733844f3875d8f4ff67be59ba04acb
7
+ data.tar.gz: 24ae9980e17d37c7963cdbd7fb1e9ab6a02ef099e7763b83bf8276d9ea8e296ee49e4a3b4c42587a3b02010151f450478c0c376f6c835f8db4e6536fbc33d0fa
data/Rakefile CHANGED
@@ -3,7 +3,6 @@ require 'rake'
3
3
  require 'rake/testtask'
4
4
  require 'rspec/core/rake_task'
5
5
  require 'spree/testing_support/common_rake'
6
- require 'rails/all'
7
6
 
8
7
  RSpec::Core::RakeTask.new
9
8
 
@@ -14,3 +13,17 @@ task :test_app do
14
13
  ENV['LIB_NAME'] = 'spree/api'
15
14
  Rake::Task['common:test_app'].invoke
16
15
  end
16
+
17
+ namespace :rswag do
18
+ namespace :specs do
19
+ desc 'Generate Swagger JSON files from integration specs'
20
+ RSpec::Core::RakeTask.new('swaggerize') do |t|
21
+ t.pattern = ENV.fetch(
22
+ 'PATTERN',
23
+ 'spec/integration/**/*_spec.rb'
24
+ )
25
+
26
+ t.rspec_opts = ['--format Rswag::Specs::SwaggerFormatter', '--order defined']
27
+ end
28
+ end
29
+ end
@@ -0,0 +1,23 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module ProductListIncludes
5
+ def product_list_includes
6
+ variant_includes = {
7
+ prices: [],
8
+ option_values: :option_type,
9
+ images: []
10
+ }
11
+
12
+ {
13
+ product_properties: [],
14
+ option_types: [],
15
+ variant_images: [],
16
+ master: variant_includes,
17
+ variants: variant_includes
18
+ }
19
+ end
20
+ end
21
+ end
22
+ end
23
+ end
@@ -9,9 +9,10 @@ module Spree
9
9
  product_id: params[:product_id],
10
10
  taxon_id: params[:taxon_id]
11
11
  )
12
- # Because position we get back is 0-indexed.
13
- # acts_as_list is 1-indexed.
14
- classification.insert_at(params[:position].to_i + 1)
12
+ Spree::Dependencies.classification_reposition_service.constantize.call(
13
+ classification: classification,
14
+ position: params[:position]
15
+ )
15
16
  head :ok
16
17
  end
17
18
  end
@@ -56,7 +56,7 @@ module Spree
56
56
 
57
57
  def empty
58
58
  authorize! :update, @order, order_token
59
- @order.empty!
59
+ cart_empty_service.call(order: @order)
60
60
  render plain: nil, status: 204
61
61
  end
62
62
 
@@ -150,6 +150,10 @@ module Spree
150
150
  def order_id
151
151
  super || params[:id]
152
152
  end
153
+
154
+ def cart_empty_service
155
+ Spree::Dependencies.cart_empty_service.constantize
156
+ end
153
157
  end
154
158
  end
155
159
  end
@@ -64,7 +64,7 @@ module Spree
64
64
  params[:product][:available_on] ||= Time.current
65
65
  set_up_shipping_category
66
66
 
67
- options = { variants_attrs: variants_params, options_attrs: option_types_params }
67
+ options = { store: current_store, variants_attrs: variants_params, options_attrs: option_types_params }
68
68
  @product = Core::Importer::Product.new(nil, product_params, options).create
69
69
 
70
70
  if @product.persisted?
@@ -77,7 +77,7 @@ module Spree
77
77
  def update
78
78
  authorize! :update, @product
79
79
 
80
- options = { variants_attrs: variants_params, options_attrs: option_types_params }
80
+ options = { store: current_store, variants_attrs: variants_params, options_attrs: option_types_params }
81
81
  @product = Core::Importer::Product.new(@product, product_params, options).update
82
82
 
83
83
  if @product.errors.empty?
@@ -19,7 +19,7 @@ module Spree
19
19
 
20
20
  def create
21
21
  authorize! :create, Taxonomy
22
- @taxonomy = Taxonomy.new(taxonomy_params)
22
+ @taxonomy = current_store.taxonomies.new(taxonomy_params)
23
23
  if @taxonomy.save
24
24
  respond_with(@taxonomy, status: 201, default_template: :show)
25
25
  else
@@ -7,8 +7,10 @@ module Spree
7
7
  include Spree::Core::ControllerHelpers::Store
8
8
  include Spree::Core::ControllerHelpers::Locale
9
9
  include Spree::Core::ControllerHelpers::Currency
10
+
10
11
  rescue_from ActiveRecord::RecordNotFound, with: :record_not_found
11
12
  rescue_from CanCan::AccessDenied, with: :access_denied
13
+ rescue_from Doorkeeper::Errors::DoorkeeperError, with: :access_denied_401
12
14
  rescue_from Spree::Core::GatewayError, with: :gateway_error
13
15
  rescue_from ActionController::ParameterMissing, with: :error_during_processing
14
16
  if defined?(JSONAPI::Serializer::UnsupportedIncludeError)
@@ -39,7 +41,7 @@ module Spree
39
41
  end
40
42
 
41
43
  def paginated_collection
42
- collection_paginator.new(sorted_collection, params).call
44
+ @paginated_collection ||= collection_paginator.new(sorted_collection, params).call
43
45
  end
44
46
 
45
47
  def collection_paginator
@@ -51,10 +53,22 @@ module Spree
51
53
  end
52
54
 
53
55
  def render_error_payload(error, status = 422)
54
- if error.is_a?(Struct)
55
- render json: { error: error.to_s, errors: error.to_h }, status: status, content_type: content_type
56
- elsif error.is_a?(String)
57
- render json: { error: error }, status: status, content_type: content_type
56
+ json = if error.is_a?(ActiveModel::Errors)
57
+ { error: error.full_messages.to_sentence, errors: error.messages }
58
+ elsif error.is_a?(Struct)
59
+ { error: error.to_s, errors: error.to_h }
60
+ else
61
+ { error: error }
62
+ end
63
+
64
+ render json: json, status: status, content_type: content_type
65
+ end
66
+
67
+ def render_result(result)
68
+ if result.success?
69
+ render_serialized_payload { serialize_resource(result.value) }
70
+ else
71
+ render_error_payload(result.error)
58
72
  end
59
73
  end
60
74
 
@@ -114,7 +128,12 @@ module Spree
114
128
  end
115
129
 
116
130
  def serializer_params
117
- { currency: current_currency, store: current_store, user: spree_current_user }
131
+ {
132
+ currency: current_currency,
133
+ locale: current_locale,
134
+ store: current_store,
135
+ user: spree_current_user
136
+ }
118
137
  end
119
138
 
120
139
  def record_not_found
@@ -125,6 +144,10 @@ module Spree
125
144
  render_error_payload(exception.message, 403)
126
145
  end
127
146
 
147
+ def access_denied_401(exception)
148
+ render_error_payload(exception.message, 401)
149
+ end
150
+
128
151
  def gateway_error(exception)
129
152
  render_error_payload(exception.message)
130
153
  end
@@ -0,0 +1,19 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class AddressesController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree::Address
10
+ end
11
+
12
+ def scope_includes
13
+ [:country, :state, :user]
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,43 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class ClassificationsController < ResourceController
6
+ before_action -> { doorkeeper_authorize! :write, :admin }, only: WRITE_ACTIONS << :reposition
7
+
8
+ def reposition
9
+ spree_authorize! :update, resource if spree_current_user.present?
10
+
11
+ result = classification_reposition_service.call(
12
+ classification: resource,
13
+ position: permitted_resource_params[:position]
14
+ )
15
+
16
+ if result.success?
17
+ render_serialized_payload { serialize_resource(result.value) }
18
+ else
19
+ render_error_payload(result.error)
20
+ end
21
+ end
22
+
23
+ private
24
+
25
+ def model_class
26
+ Spree::Classification
27
+ end
28
+
29
+ def scope_includes
30
+ [
31
+ taxon: [],
32
+ product: [:variants_including_master, :variant_images, :master, variants: [:prices]]
33
+ ]
34
+ end
35
+
36
+ def classification_reposition_service
37
+ Spree::Dependencies.classification_reposition_service.constantize
38
+ end
39
+ end
40
+ end
41
+ end
42
+ end
43
+ end
@@ -0,0 +1,15 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class CmsPagesController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree::CmsPage
10
+ end
11
+ end
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,34 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class CmsSectionsController < ResourceController
6
+ before_action -> { doorkeeper_authorize! :write, :admin }, only: WRITE_ACTIONS << :reposition
7
+
8
+ def reposition
9
+ spree_authorize! :update, @moved_section if spree_current_user.present?
10
+
11
+ @moved_section = scope.find(params[:section_id])
12
+ new_index = params[:new_position_idx].to_i + 1
13
+
14
+ if @moved_section && new_index
15
+ @moved_section.set_list_position(new_index)
16
+ else
17
+ head :bad_request
18
+ end
19
+
20
+ if @moved_section.save
21
+ head :no_content
22
+ end
23
+ end
24
+
25
+ private
26
+
27
+ def model_class
28
+ Spree::CmsSection
29
+ end
30
+ end
31
+ end
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,19 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class CountriesController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree::Country
10
+ end
11
+
12
+ def scope_includes
13
+ [:states, :zones]
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,35 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class MenuItemsController < ResourceController
6
+ before_action -> { doorkeeper_authorize! :write, :admin }, only: WRITE_ACTIONS << :reposition
7
+
8
+ def reposition
9
+ spree_authorize! :update, @moved_item if spree_current_user.present?
10
+
11
+ @moved_item = scope.find(params[:moved_item_id])
12
+ @new_parent = scope.find(params[:new_parent_id])
13
+ new_index = params[:new_position_idx].to_i
14
+
15
+ if @moved_item && @new_parent && new_index
16
+ @moved_item.move_to_child_with_index(@new_parent, new_index)
17
+ else
18
+ head :bad_request
19
+ end
20
+
21
+ if @moved_item.save
22
+ head :no_content
23
+ end
24
+ end
25
+
26
+ private
27
+
28
+ def model_class
29
+ Spree::MenuItem
30
+ end
31
+ end
32
+ end
33
+ end
34
+ end
35
+ end
@@ -0,0 +1,19 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class MenusController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree::Menu
10
+ end
11
+
12
+ def scope_includes
13
+ [:menu_items]
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,15 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class OptionTypesController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree::OptionType
10
+ end
11
+ end
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,19 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class OptionValuesController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree::OptionValue
10
+ end
11
+
12
+ def scope_includes
13
+ [:option_type]
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,21 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class ProductsController < ResourceController
6
+ include ::Spree::Api::V2::ProductListIncludes
7
+
8
+ private
9
+
10
+ def model_class
11
+ Spree::Product
12
+ end
13
+
14
+ def scope_includes
15
+ product_list_includes
16
+ end
17
+ end
18
+ end
19
+ end
20
+ end
21
+ end
@@ -0,0 +1,112 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class ResourceController < ::Spree::Api::V2::ResourceController
6
+ READ_ACTIONS = %i[show index]
7
+ WRITE_ACTIONS = %i[create update destroy]
8
+
9
+ # doorkeeper scopes usage: https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
10
+ before_action -> { doorkeeper_authorize! :read, :admin }, only: READ_ACTIONS
11
+ before_action -> { doorkeeper_authorize! :write, :admin }, only: WRITE_ACTIONS
12
+
13
+ # optional authorization if using a user token instead of app token
14
+ before_action :authorize_spree_user, only: WRITE_ACTIONS
15
+
16
+ # index and show acrtions are defined in Spree::Api::V2::ResourceController
17
+
18
+ def create
19
+ resource = model_class.new(permitted_resource_params)
20
+
21
+ if resource.save
22
+ render_serialized_payload(201) { serialize_resource(resource) }
23
+ else
24
+ render_error_payload(resource.errors)
25
+ end
26
+ end
27
+
28
+ def update
29
+ if resource.update(permitted_resource_params)
30
+ render_serialized_payload { serialize_resource(resource) }
31
+ else
32
+ render_error_payload(resource.errors)
33
+ end
34
+ end
35
+
36
+ def destroy
37
+ if resource.destroy
38
+ head 204
39
+ else
40
+ render_error_payload(resource.errors)
41
+ end
42
+ end
43
+
44
+ protected
45
+
46
+ def resource_serializer
47
+ "Spree::Api::V2::Platform::#{model_class.to_s.demodulize}Serializer".constantize
48
+ end
49
+
50
+ def collection_serializer
51
+ resource_serializer
52
+ end
53
+
54
+ # overwiting to utilize ransack gem for filtering
55
+ # https://github.com/activerecord-hackery/ransack#search-matchers
56
+ def collection
57
+ @collection ||= scope.ransack(params[:filter]).result
58
+ end
59
+
60
+ # overwriting to skip cancancan check if API is consumed by an application
61
+ def scope
62
+ return super if spree_current_user.present?
63
+
64
+ super(skip_cancancan: true)
65
+ end
66
+
67
+ # We're overwriting this method because the original one calls `dookreeper_authorize`
68
+ # which breaks our application authorizations defined on top of this controller
69
+ def spree_current_user
70
+ return nil unless doorkeeper_token
71
+ return nil if doorkeeper_token.resource_owner_id.nil?
72
+ return @spree_current_user if @spree_current_user
73
+
74
+ @spree_current_user ||= Spree.user_class.find_by(id: doorkeeper_token.resource_owner_id)
75
+ end
76
+
77
+ def access_denied(exception)
78
+ access_denied_401(exception)
79
+ end
80
+
81
+ # if using a user oAuth token we need to check CanCanCan abilities
82
+ # defined in https://github.com/spree/spree/blob/master/core/app/models/spree/ability.rb
83
+ def authorize_spree_user
84
+ return if spree_current_user.nil?
85
+
86
+ if action_name == 'create'
87
+ spree_authorize! :create, model_class
88
+ else
89
+ spree_authorize! action_name, resource
90
+ end
91
+ end
92
+
93
+ def model_param_name
94
+ model_class.to_s.demodulize.underscore
95
+ end
96
+
97
+ def spree_permitted_attributes
98
+ Spree::PermittedAttributes.try("#{model_param_name}_attributes") || {}
99
+ end
100
+
101
+ def permitted_resource_params
102
+ params.require(model_param_name).permit(spree_permitted_attributes)
103
+ end
104
+
105
+ def allowed_sort_attributes
106
+ (super << spree_permitted_attributes).uniq.compact
107
+ end
108
+ end
109
+ end
110
+ end
111
+ end
112
+ end
@@ -0,0 +1,30 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class TaxonsController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree::Taxon
10
+ end
11
+
12
+ def scope_includes
13
+ node_includes = %i[icon parent taxonomy]
14
+
15
+ {
16
+ parent: node_includes,
17
+ children: node_includes,
18
+ taxonomy: [root: node_includes],
19
+ icon: [attachment_attachment: :blob]
20
+ }
21
+ end
22
+
23
+ def serializer_params
24
+ super.merge(include_products: action_name == 'show')
25
+ end
26
+ end
27
+ end
28
+ end
29
+ end
30
+ end
@@ -0,0 +1,28 @@
1
+ module Spree
2
+ module Api
3
+ module V2
4
+ module Platform
5
+ class UsersController < ResourceController
6
+ private
7
+
8
+ def model_class
9
+ Spree.user_class
10
+ end
11
+
12
+ def resource_serializer
13
+ Spree::Api::V2::Platform::UserSerializer
14
+ end
15
+
16
+ def scope_includes
17
+ [:ship_address, :bill_address]
18
+ end
19
+
20
+ # we need to define this here as developers can configure their own `user_class`
21
+ def model_param_name
22
+ 'user'
23
+ end
24
+ end
25
+ end
26
+ end
27
+ end
28
+ end
@@ -15,7 +15,7 @@ module Spree
15
15
  protected
16
16
 
17
17
  def sorted_collection
18
- collection_sorter.new(collection, params, allowed_sort_attributes).call
18
+ @sorted_collection ||= collection_sorter.new(collection, params, allowed_sort_attributes).call
19
19
  end
20
20
 
21
21
  def allowed_sort_attributes
@@ -23,11 +23,14 @@ module Spree
23
23
  end
24
24
 
25
25
  def default_sort_atributes
26
- [:id, :updated_at, :created_at]
26
+ [:id, :name, :number, :position, :updated_at, :created_at]
27
27
  end
28
28
 
29
- def scope
30
- model_class.accessible_by(current_ability, :show).includes(scope_includes)
29
+ def scope(skip_cancancan: false)
30
+ base_scope = model_class.for_store(current_store)
31
+ base_scope = base_scope.accessible_by(current_ability, :show) unless skip_cancancan
32
+ base_scope = base_scope.includes(scope_includes) if scope_includes.any? && action_name == 'index'
33
+ base_scope
31
34
  end
32
35
 
33
36
  def scope_includes
@@ -36,7 +39,7 @@ module Spree
36
39
 
37
40
  def resource
38
41
  @resource ||= if defined?(resource_finder)
39
- resource_finder.new(scope: scope, params: params).execute
42
+ resource_finder.new(scope: scope, params: finder_params).execute
40
43
  else
41
44
  scope.find(params[:id])
42
45
  end
@@ -44,12 +47,21 @@ module Spree
44
47
 
45
48
  def collection
46
49
  @collection ||= if defined?(collection_finder)
47
- collection_finder.new(scope: scope, params: params).execute
50
+ collection_finder.new(scope: scope, params: finder_params).execute
48
51
  else
49
52
  scope
50
53
  end
51
54
  end
52
55
 
56
+ def finder_params
57
+ params.merge(
58
+ store: current_store,
59
+ locale: current_locale,
60
+ currency: current_currency,
61
+ user: spree_current_user
62
+ )
63
+ end
64
+
53
65
  def collection_sorter
54
66
  Spree::Api::Dependencies.storefront_collection_sorter.constantize
55
67
  end