RubyGems - spree_api - Versions diffs - 4.3.0 → 4.4.0 - Mend

spree_api 4.3.0 → 4.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (203) hide show

data/app/controllers/spree/api/v2/platform/payment_methods_controller.rb ADDED Viewed

@@ -0,0 +1,27 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class PaymentMethodsController < ResourceController
+          private
+          def model_class
+            Spree::PaymentMethod
+          end
+          def spree_permitted_attributes
+            preferred_attributes = []
+            if action_name == 'update'
+              resource.defined_preferences.each do |preference|
+                preferred_attributes << "preferred_#{preference}".to_sym
+              end
+            end
+            super + preferred_attributes
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/payments_controller.rb ADDED Viewed

@@ -0,0 +1,17 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class PaymentsController < ResourceController
+          include NumberResource
+          private
+          def model_class
+            Spree::Payment
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/promotion_actions_controller.rb ADDED Viewed

@@ -0,0 +1,30 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class PromotionActionsController < ResourceController
+          include ::Spree::Api::V2::Platform::PromotionCalculatorParams
+          private
+          def model_class
+            Spree::PromotionAction
+          end
+          def scope_includes
+            [:promotion]
+          end
+          def spree_permitted_attributes
+            conditional_params = action_name == 'update' ? [:id] : []
+            super + [{
+              promotion_action_line_items_attributes: Spree::PromotionActionLineItem.json_api_permitted_attributes.concat(conditional_params),
+              calculator_attributes: Spree::Calculator.json_api_permitted_attributes.concat(conditional_params, calculator_params)
+            }]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/promotion_categories_controller.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class PromotionCategoriesController < ResourceController
+          private
+          def model_class
+            Spree::PromotionCategory
+          end
+          def scope_includes
+            [:promotions]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/promotion_rules_controller.rb ADDED Viewed

@@ -0,0 +1,25 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class PromotionRulesController < ResourceController
+          include ::Spree::Api::V2::Platform::PromotionRuleParams
+          private
+          def model_class
+            Spree::PromotionRule
+          end
+          def scope_includes
+            [:promotion]
+          end
+          def spree_permitted_attributes
+            super + rule_params
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/promotions_controller.rb ADDED Viewed

@@ -0,0 +1,31 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class PromotionsController < ResourceController
+          include ::Spree::Api::V2::Platform::PromotionRuleParams
+          include ::Spree::Api::V2::Platform::PromotionCalculatorParams
+          private
+          def model_class
+            Spree::Promotion
+          end
+          def scope_includes
+            [:promotion_category, :promotion_rules, :promotion_actions]
+          end
+          def spree_permitted_attributes
+            conditional_params = action_name == 'update' ? [:id] : []
+            super + [{ promotion_actions_attributes: Spree::PromotionAction.json_api_permitted_attributes.concat(conditional_params) + [{
+              promotion_action_line_items_attributes: Spree::PromotionActionLineItem.json_api_permitted_attributes.concat(conditional_params),
+              calculator_attributes: Spree::Calculator.json_api_permitted_attributes.concat(conditional_params, calculator_params)
+            }], promotion_rules_attributes: Spree::PromotionRule.json_api_permitted_attributes.concat(conditional_params, rule_params) }]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/resource_controller.rb CHANGED Viewed

@@ -3,21 +3,18 @@ module Spree
     module V2
       module Platform
         class ResourceController < ::Spree::Api::V2::ResourceController
-          READ_ACTIONS = %i[show index]
-          WRITE_ACTIONS = %i[create update destroy]
           # doorkeeper scopes usage: https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
-          before_action -> { doorkeeper_authorize! :read, :admin }, only: READ_ACTIONS
-          before_action -> { doorkeeper_authorize! :write, :admin }, only: WRITE_ACTIONS
+          before_action :validate_token_client
+          before_action -> { doorkeeper_authorize! :read, :admin }
+          before_action -> { doorkeeper_authorize! :write, :admin }, if: :write_request?
           # optional authorization if using a user token instead of app token
-          before_action :authorize_spree_user, only: WRITE_ACTIONS
+          before_action :authorize_spree_user
-          # index and show acrtions are defined in Spree::Api::V2::ResourceController
+          # index and show actions are defined in Spree::Api::V2::ResourceController
           def create
             resource = model_class.new(permitted_resource_params)
             ensure_current_store(resource)
             if resource.save
@@ -28,8 +25,10 @@ module Spree
           end
           def update
-            if resource.update(permitted_resource_params)
-              ensure_current_store(resource)
+            resource.assign_attributes(permitted_resource_params)
+            ensure_current_store(resource)
+            if resource.save
               render_serialized_payload { serialize_resource(resource) }
             else
               render_error_payload(resource.errors)
@@ -47,14 +46,15 @@ module Spree
           protected
           def resource_serializer
-            "Spree::Api::V2::Platform::#{model_class.to_s.demodulize}Serializer".constantize
+            serializer_base_name = model_class.to_s.sub('Spree::', '')
+            "Spree::Api::V2::Platform::#{serializer_base_name}Serializer".constantize
           end
           def collection_serializer
             resource_serializer
           end
-          # overwiting to utilize ransack gem for filtering
+          # overwriting to utilize ransack gem for filtering
           # https://github.com/activerecord-hackery/ransack#search-matchers
           def collection
             @collection ||= scope.ransack(params[:filter]).result
@@ -74,22 +74,35 @@ module Spree
             return nil if doorkeeper_token.resource_owner_id.nil?
             return @spree_current_user if @spree_current_user
-            @spree_current_user ||= Spree.user_class.find_by(id: doorkeeper_token.resource_owner_id)
+            @spree_current_user ||= doorkeeper_token.resource_owner
           end
           def access_denied(exception)
             access_denied_401(exception)
           end
+          def validate_token_client
+            return if doorkeeper_token.nil?
+            raise Doorkeeper::Errors::DoorkeeperError if doorkeeper_token.application.nil?
+          end
           # if using a user oAuth token we need to check CanCanCan abilities
           # defined in https://github.com/spree/spree/blob/master/core/app/models/spree/ability.rb
           def authorize_spree_user
             return if spree_current_user.nil?
-            if action_name == 'create'
+            case action_name
+            when 'create'
               spree_authorize! :create, model_class
+            when 'destroy'
+              spree_authorize! :destroy, resource
+            when 'index'
+              spree_authorize! :read, model_class
+            when 'show'
+              spree_authorize! :read, resource
             else
-              spree_authorize! action_name, resource
+              spree_authorize! :update, resource
             end
           end
@@ -98,7 +111,21 @@ module Spree
           end
           def spree_permitted_attributes
-            Spree::PermittedAttributes.try("#{model_param_name}_attributes") || {}
+            store_ids = if model_class.method_defined?(:stores)
+                          [{ store_ids: [] }]
+                        else
+                          []
+                        end
+            model_class.json_api_permitted_attributes + store_ids + metadata_params
+          end
+          def metadata_params
+            if model_class.include?(Metadata)
+              [{ public_metadata: {}, private_metadata: {} }]
+            else
+              []
+            end
           end
           def permitted_resource_params
@@ -108,6 +135,10 @@ module Spree
           def allowed_sort_attributes
             (super << spree_permitted_attributes).uniq.compact
           end
+          def write_request?
+            %w[put patch post delete].include?(request.request_method.downcase)
+          end
         end
       end
     end

data/app/controllers/spree/api/v2/platform/roles_controller.rb ADDED Viewed

@@ -0,0 +1,15 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class RolesController < ResourceController
+          private
+          def model_class
+            Spree::Role
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/shipments_controller.rb ADDED Viewed

@@ -0,0 +1,143 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class ShipmentsController < ResourceController
+          include NumberResource
+          before_action :load_variant, only: %i[transfer_to_location transfer_to_shipment]
+          SHIPMENT_STATES = %w[ready ship cancel resume pend]
+          def create
+            # FIXME: support saving metadata
+            result = create_service.call(
+              store: current_store,
+              shipment_attributes: params.require(:shipment).permit(
+                :order_id, :stock_location_id, :variant_id, :quantity
+              )
+            )
+            render_result(result, 201)
+          end
+          def update
+            result = update_service.call(shipment: resource, shipment_attributes: permitted_resource_params)
+            render_result(result)
+          end
+          SHIPMENT_STATES.each do |state|
+            define_method state do
+              result = change_state_service.call(shipment: resource, state: state)
+              render_result(result)
+            end
+          end
+          def add_item
+            result = add_item_service.call(
+              shipment: resource,
+              variant_id: params.dig(:shipment, :variant_id),
+              quantity: params.dig(:shipment, :quantity)
+            )
+            render_result(result)
+          end
+          def remove_item
+            result = remove_item_service.call(
+              shipment: resource,
+              variant_id: params.dig(:shipment, :variant_id),
+              quantity: params.dig(:shipment, :quantity)
+            )
+            if result.success?
+              if result.value == :shipment_deleted
+                head 204
+              else
+                render_serialized_payload { serialize_resource(result.value) }
+              end
+            else
+              render_error_payload(result.error)
+            end
+          end
+          def transfer_to_location
+            stock_location = Spree::StockLocation.find(params.dig(:shipment, :stock_location_id))
+            quantity = params.dig(:shipment, :quantity)&.to_i || 1
+            unless quantity > 0
+              render_error_payload("#{I18n.t('spree.api.shipment_transfer_errors_occurred')} \n #{I18n.t('spree.api.negative_quantity')}")
+              return
+            end
+            transfer = resource.transfer_to_location(@variant, quantity, stock_location)
+            if transfer.valid? && transfer.run!
+              render json: { message: I18n.t('spree.api.shipment_transfer_success') }, status: 201
+            else
+              render_error_payload(transfer.errors)
+            end
+          end
+          def transfer_to_shipment
+            target_shipment = Spree::Shipment.find_by!(number: params.dig(:shipment, :target_shipment_number))
+            quantity = params.dig(:shipment, :quantity)&.to_i || 1
+            error =
+              if quantity < 0 && target_shipment == resource
+                "#{I18n.t('spree.api.negative_quantity')}, \n#{I18n.t('spree.api.wrong_shipment_target')}"
+              elsif target_shipment == resource
+                I18n.t('spree.api.wrong_shipment_target')
+              elsif quantity < 0
+                I18n.t('spree.api.negative_quantity')
+              end
+            if error
+              render_error_payload("#{I18n.t('spree.api.shipment_transfer_errors_occurred')} \n#{error}")
+            else
+              transfer = resource.transfer_to_shipment(@variant, quantity, target_shipment)
+              if transfer.valid? && transfer.run!
+                render json: { message: I18n.t('spree.api.shipment_transfer_success') }, status: 201
+              else
+                render_error_payload(transfer.errors)
+              end
+            end
+          end
+          private
+          def model_class
+            Spree::Shipment
+          end
+          def load_variant
+            @variant = current_store.variants.find_by(id: params.dig(:shipment, :variant_id))
+          end
+          def spree_permitted_attributes
+            Spree::Shipment.json_api_permitted_attributes + [
+              :selected_shipping_rate_id
+            ]
+          end
+          def create_service
+            Spree::Api::Dependencies.platform_shipment_create_service.constantize
+          end
+          def update_service
+            Spree::Api::Dependencies.platform_shipment_update_service.constantize
+          end
+          def change_state_service
+            Spree::Api::Dependencies.platform_shipment_change_state_service.constantize
+          end
+          def add_item_service
+            Spree::Api::Dependencies.platform_shipment_add_item_service.constantize
+          end
+          def remove_item_service
+            Spree::Api::Dependencies.platform_shipment_remove_item_service.constantize
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/shipping_categories_controller.rb ADDED Viewed

@@ -0,0 +1,15 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class ShippingCategoriesController < ResourceController
+          private
+          def model_class
+            Spree::ShippingCategory
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/shipping_methods_controller.rb ADDED Viewed

@@ -0,0 +1,24 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class ShippingMethodsController < ResourceController
+          private
+          def model_class
+            Spree::ShippingMethod
+          end
+          def spree_permitted_attributes
+            super + [
+              {
+                shipping_category_ids: [],
+                calculator_attributes: {}
+              }
+            ]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/states_controller.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class StatesController < ResourceController
+          private
+          def model_class
+            Spree::State
+          end
+          def scope_includes
+            [:country]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/stock_items_controller.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class StockItemsController < ResourceController
+          private
+          def model_class
+            Spree::StockItem
+          end
+          def scope_includes
+            [:variant, :stock_location]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/stock_locations_controller.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class StockLocationsController < ResourceController
+          private
+          def model_class
+            Spree::StockLocation
+          end
+          def scope_includes
+            [:country]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/store_credit_categories_controller.rb ADDED Viewed

@@ -0,0 +1,15 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class StoreCreditCategoriesController < ResourceController
+          private
+          def model_class
+            Spree::StoreCreditCategory
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/store_credit_types_controller.rb ADDED Viewed

@@ -0,0 +1,15 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class StoreCreditTypesController < ResourceController
+          private
+          def model_class
+            Spree::StoreCreditType
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/store_credits_controller.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class StoreCreditsController < ResourceController
+          private
+          def model_class
+            Spree::StoreCredit
+          end
+          def scope_includes
+            [:user, :created_by, :category, :credit_type]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/tax_categories_controller.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class TaxCategoriesController < ResourceController
+          private
+          def model_class
+            Spree::TaxCategory
+          end
+          def scope_includes
+            [:tax_rates]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/tax_rates_controller.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class TaxRatesController < ResourceController
+          private
+          def model_class
+            Spree::TaxRate
+          end
+          def scope_includes
+            [:zone, :tax_category]
+          end
+          def spree_permitted_attributes
+            super + [calculator_attributes: Spree::Calculator.json_api_permitted_attributes]
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/platform/taxonomies_controller.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Spree
+  module Api
+    module V2
+      module Platform
+        class TaxonomiesController < ResourceController
+          private
+          def model_class
+            Spree::Taxonomy
+          end
+          def scope_includes
+            [:taxons, :root]
+          end
+        end
+      end
+    end
+  end
+end