RubyGems - spree_api - Versions diffs - 5.4.0.beta6 → 5.4.0.beta8 - Mend

spree_api 5.4.0.beta6 → 5.4.0.beta8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

data/app/serializers/spree/api/v3/media_serializer.rb ADDED Viewed

@@ -0,0 +1,60 @@
+module Spree
+  module Api
+    module V3
+      class MediaSerializer < BaseSerializer
+        typelize position: :number, alt: [:string, nullable: true],
+                 product_id: [:string, nullable: true],
+                 variant_ids: [:string, multi: true],
+                 media_type: :string,
+                 focal_point_x: [:number, nullable: true],
+                 focal_point_y: [:number, nullable: true],
+                 external_video_url: [:string, nullable: true],
+                 original_url: [:string, nullable: true], mini_url: [:string, nullable: true],
+                 small_url: [:string, nullable: true], medium_url: [:string, nullable: true],
+                 large_url: [:string, nullable: true], xlarge_url: [:string, nullable: true],
+                 og_image_url: [:string, nullable: true]
+        attribute :product_id do |asset|
+          asset.product&.prefixed_id
+        end
+        # Returns prefixed IDs of variants this media is associated with.
+        # Currently: single variant via viewable (legacy). In 6.0: multiple via VariantMedia join table.
+        attribute :variant_ids do |asset|
+          if asset.viewable_type == 'Spree::Variant'
+            [asset.viewable&.prefixed_id].compact
+          else
+            []
+          end
+        end
+        attributes :position, :alt, :media_type,
+                   :focal_point_x, :focal_point_y, :external_video_url,
+                   created_at: :iso8601, updated_at: :iso8601
+        attribute :original_url do |asset|
+          image_url_for(asset)
+        end
+        # Dynamically define attributes for each configured image variant
+        # Uses named variants from Spree::Config.product_image_variant_sizes
+        # (e.g., mini, small, medium, large, xlarge)
+        Spree::Config.product_image_variant_sizes.each_key do |variant_name|
+          attribute :"#{variant_name}_url" do |asset|
+            variant_url(asset, variant_name)
+          end
+        end
+        private
+        def variant_url(asset, variant_name)
+          return nil unless asset&.attachment&.attached?
+          Rails.application.routes.url_helpers.cdn_image_url(
+            asset.attachment.variant(variant_name)
+          )
+        end
+      end
+    end
+  end
+end

data/app/serializers/spree/api/v3/order_serializer.rb CHANGED Viewed

@@ -2,11 +2,11 @@ module Spree
   module Api
     module V3
       # Store API Order Serializer
-      # Customer-facing order data
+      # Post-purchase order data (completed orders)
       class OrderSerializer < BaseSerializer
-        typelize number: :string, state: :string, checkout_steps: 'string[]', token: :string, email: [:string, nullable: true],
+        typelize number: :string, email: :string,
                  special_instructions: [:string, nullable: true], currency: :string, locale: [:string, nullable: true], item_count: :number,
-                 state_lock_version: :number, shipment_state: [:string, nullable: true], payment_state: [:string, nullable: true],
+                 shipment_state: [:string, nullable: true], payment_state: [:string, nullable: true],
                  item_total: :string, display_item_total: :string,
                  ship_total: :string, display_ship_total: :string,
                  adjustment_total: :string, display_adjustment_total: :string,
@@ -17,22 +17,20 @@ module Spree
                  total: :string, display_total: :string, completed_at: [:string, nullable: true],
                  bill_address: { nullable: true }, ship_address: { nullable: true }
-        attributes :number, :state, :checkout_steps, :token, :email, :special_instructions,
-                   :currency, :locale, :item_count, :state_lock_version, :shipment_state, :payment_state,
+        attributes :number, :email, :special_instructions,
+                   :currency, :locale, :item_count, :shipment_state, :payment_state,
                    :item_total, :display_item_total, :ship_total, :display_ship_total,
                    :adjustment_total, :display_adjustment_total, :promo_total, :display_promo_total,
                    :tax_total, :display_tax_total, :included_tax_total, :display_included_tax_total,
                    :additional_tax_total, :display_additional_tax_total, :total, :display_total,
                    completed_at: :iso8601, created_at: :iso8601, updated_at: :iso8601
-        many :order_promotions, resource: Spree.api.order_promotion_serializer
-        many :line_items, resource: Spree.api.line_item_serializer
+        many :order_promotions, key: :promotions, resource: Spree.api.order_promotion_serializer
+        many :line_items, key: :items, resource: Spree.api.line_item_serializer
         many :shipments, resource: Spree.api.shipment_serializer
         many :payments, resource: Spree.api.payment_serializer
         one :bill_address, resource: Spree.api.address_serializer
         one :ship_address, resource: Spree.api.address_serializer
-        many :payment_methods, resource: Spree.api.payment_method_serializer
       end
     end
   end

data/app/serializers/spree/api/v3/product_serializer.rb CHANGED Viewed

@@ -40,9 +40,9 @@ module Spree
           product.default_variant&.prefixed_id
         end
-        # Main product image URL for listings (cached thumbnail)
+        # Main product image URL for listings (cached primary_media)
         attribute :thumbnail_url do |product|
-          image_url_for(product.thumbnail)
+          image_url_for(product.primary_media)
         end
         attribute :tags do |product|
@@ -68,10 +68,14 @@ module Spree
         end
         # Conditional associations
-        many :variant_images,
-             key: :images,
-             resource: Spree.api.image_serializer,
-             if: proc { expand?('images') }
+        one :primary_media,
+            resource: Spree.api.media_serializer,
+            if: proc { expand?('primary_media') }
+        many :gallery_media,
+             key: :media,
+             resource: Spree.api.media_serializer,
+             if: proc { expand?('media') }
         many :variants,
              resource: Spree.api.variant_serializer,

data/app/serializers/spree/api/v3/variant_serializer.rb CHANGED Viewed

@@ -5,8 +5,8 @@ module Spree
       # Customer-facing variant data with limited fields
       class VariantSerializer < BaseSerializer
         typelize product_id: :string, sku: [:string, nullable: true],
-                 is_master: :boolean, options_text: :string, track_inventory: :boolean, image_count: :number,
-                 thumbnail: [:string, nullable: true],
+                 is_master: :boolean, options_text: :string, track_inventory: :boolean, media_count: :number,
+                 thumbnail_url: [:string, nullable: true],
                  purchasable: :boolean, in_stock: :boolean, backorderable: :boolean,
                  weight: [:number, nullable: true], height: [:number, nullable: true], width: [:number, nullable: true], depth: [:number, nullable: true],
                  price: 'Price',
@@ -16,12 +16,12 @@ module Spree
           variant.product&.prefixed_id
         end
-        attributes :sku, :is_master, :options_text, :track_inventory, :image_count,
+        attributes :sku, :is_master, :options_text, :track_inventory, :media_count,
                    created_at: :iso8601, updated_at: :iso8601
-        # Main variant image URL for listings (cached thumbnail)
-        attribute :thumbnail do |variant|
-          image_url_for(variant.thumbnail)
+        # Main variant image URL for listings (cached primary_media)
+        attribute :thumbnail_url do |variant|
+          image_url_for(variant.primary_media)
         end
         attribute :purchasable do |variant|
@@ -70,9 +70,14 @@ module Spree
         end
         # Conditional associations
-        many :images,
-             resource: Spree.api.image_serializer,
-             if: proc { expand?('images') }
+        one :primary_media,
+            resource: Spree.api.media_serializer,
+            if: proc { expand?('primary_media') }
+        many :gallery_media,
+             key: :media,
+             resource: Spree.api.media_serializer,
+             if: proc { expand?('media') }
         many :option_values, resource: Spree.api.option_value_serializer

data/config/locales/en.yml CHANGED Viewed

@@ -7,6 +7,9 @@ en:
       invalid_resource: Invalid resource. Please fix errors and try again.
       invalid_taxonomy_id: Invalid taxonomy id.
       current_password_invalid: Current password is invalid or missing
+      password_reset_requested: If an account exists for that email, password reset instructions have been sent.
+      password_reset_token_invalid: Password reset token is invalid or has expired.
+      redirect_url_not_allowed: The redirect URL is not from an allowed origin for this store.
       must_specify_api_key: You must specify an API key.
       negative_quantity: quantity is negative
       order:

data/config/routes.rb CHANGED Viewed

@@ -7,9 +7,6 @@ Spree::Core::Engine.add_routes do
         post 'auth/refresh', to: 'auth#refresh'
         post 'auth/oauth/callback', to: 'auth#oauth_callback'
-        # Customer registration
-        resources :customers, only: [:create]
         # Markets
         resources :markets, only: [:index, :show] do
           collection do
@@ -33,46 +30,43 @@ Spree::Core::Engine.add_routes do
           resources :products, only: [:index], controller: 'categories/products'
         end
-        # Cart
-        resource :cart, only: [:show, :create], controller: 'cart' do
-          patch :associate
-        end
-        # Orders - individual order management and checkout
-        resources :orders, only: [:show, :update] do
+        # Carts
+        resources :carts, only: [:index, :show, :create, :update, :destroy] do
           member do
-            # State transitions
-            patch :next       # Move to next checkout step
-            patch :advance    # Advance through all steps
-            patch :complete   # Complete the order
+            patch :associate
+            post :complete
           end
-          # Nested resources - all require order access
-          resource :store_credits, only: [:create, :destroy], controller: 'orders/store_credits'
-          resources :line_items, only: [:create, :update, :destroy], controller: 'orders/line_items'
-          resources :coupon_codes, only: [:create, :destroy], controller: 'orders/coupon_codes'
-          resources :payments, only: [:index, :show, :create], controller: 'orders/payments'
-          resources :payment_methods, only: [:index], controller: 'orders/payment_methods'
-          resources :payment_sessions, only: [:create, :show, :update], controller: 'orders/payment_sessions' do
+          resources :items, only: [:create, :update, :destroy], controller: 'carts/items'
+          resources :coupon_codes, only: [:create, :destroy], controller: 'carts/coupon_codes'
+          resources :shipments, only: [:index, :update], controller: 'carts/shipments'
+          resources :payment_methods, only: [:index], controller: 'carts/payment_methods'
+          resources :payments, only: [:index, :show, :create], controller: 'carts/payments'
+          resources :payment_sessions, only: [:create, :show, :update], controller: 'carts/payment_sessions' do
             member do
               patch :complete
             end
           end
-          resources :shipments, only: [:index, :show, :update], controller: 'orders/shipments'
+          resource :store_credits, only: [:create, :destroy], controller: 'carts/store_credits'
         end
+        # Orders (single order lookup, guest-accessible via order token)
+        resources :orders, only: [:show]
         # Customer (current user profile)
+        resources :customers, only: [:create]
         get 'customer', to: 'customers#show'
         patch 'customer', to: 'customers#update'
         # Customer nested resources
         namespace :customer, path: 'customer' do
+          resources :password_resets, only: [:create, :update]
+          resources :orders, only: [:index, :show]
           resources :addresses, only: [:index, :show, :create, :update, :destroy] do
             member do
               patch :mark_as_default
             end
           end
-          resources :orders, only: [:index]
           resources :credit_cards, only: [:index, :show, :destroy]
           resources :gift_cards, only: [:index, :show]
           resources :payment_setup_sessions, only: [:create, :show] do
@@ -92,6 +86,11 @@ Spree::Core::Engine.add_routes do
         get 'digitals/:token', to: 'digitals#show', as: :digital_download
       end
+      # Webhooks (outside of store namespace — no API key authentication)
+      namespace :webhooks do
+        post 'payments/:payment_method_id', to: 'payments#create', as: :payment_webhook
+      end
     end
   end
 end

data/lib/spree/api/configuration.rb CHANGED Viewed

@@ -19,6 +19,7 @@ module Spree
       preference :rate_limit_register, :integer, default: 3 # per IP
       preference :rate_limit_refresh, :integer, default: 10 # per IP
       preference :rate_limit_oauth, :integer, default: 5 # per IP
+      preference :rate_limit_password_reset, :integer, default: 3 # per IP
       # Request body size limit in bytes
       preference :max_request_body_size, :integer, default: 102_400 # 100KB

data/lib/spree/api/dependencies.rb CHANGED Viewed

@@ -96,9 +96,10 @@ module Spree
         price_serializer: 'Spree::Api::V3::PriceSerializer',
         product_serializer: 'Spree::Api::V3::ProductSerializer',
         variant_serializer: 'Spree::Api::V3::VariantSerializer',
-        image_serializer: 'Spree::Api::V3::ImageSerializer',
+        media_serializer: 'Spree::Api::V3::MediaSerializer',
         option_type_serializer: 'Spree::Api::V3::OptionTypeSerializer',
         option_value_serializer: 'Spree::Api::V3::OptionValueSerializer',
+        cart_serializer: 'Spree::Api::V3::CartSerializer',
         order_serializer: 'Spree::Api::V3::OrderSerializer',
         line_item_serializer: 'Spree::Api::V3::LineItemSerializer',
         payment_serializer: 'Spree::Api::V3::PaymentSerializer',
@@ -119,6 +120,7 @@ module Spree
         shipping_rate_serializer: 'Spree::Api::V3::ShippingRateSerializer',
         stock_location_serializer: 'Spree::Api::V3::StockLocationSerializer',
         category_serializer: 'Spree::Api::V3::CategorySerializer',
+        cart_promotion_serializer: 'Spree::Api::V3::CartPromotionSerializer',
         order_promotion_serializer: 'Spree::Api::V3::OrderPromotionSerializer',
         digital_link_serializer: 'Spree::Api::V3::DigitalLinkSerializer',
         gift_card_serializer: 'Spree::Api::V3::GiftCardSerializer',
@@ -159,7 +161,7 @@ module Spree
         admin_line_item_serializer: 'Spree::Api::V3::Admin::LineItemSerializer',
         admin_option_type_serializer: 'Spree::Api::V3::Admin::OptionTypeSerializer',
         admin_option_value_serializer: 'Spree::Api::V3::Admin::OptionValueSerializer',
-        admin_image_serializer: 'Spree::Api::V3::Admin::ImageSerializer',
+        admin_media_serializer: 'Spree::Api::V3::Admin::MediaSerializer',
         admin_asset_serializer: 'Spree::Api::V3::Admin::AssetSerializer',
         admin_stock_item_serializer: 'Spree::Api::V3::Admin::StockItemSerializer',
         admin_shipment_serializer: 'Spree::Api::V3::Admin::ShipmentSerializer',

data/lib/spree/api/openapi/schema_helper.rb CHANGED Viewed

@@ -84,6 +84,15 @@ module Spree
                 user: { '$ref' => '#/components/schemas/Customer' }
               },
               required: %w[token user]
+            },
+            CheckoutRequirement: {
+              type: :object,
+              properties: {
+                step: { type: :string, description: 'Checkout step this requirement belongs to', example: 'payment' },
+                field: { type: :string, description: 'Field that needs to be satisfied', example: 'payment' },
+                message: { type: :string, description: 'Human-readable requirement message', example: 'Add a payment method' }
+              },
+              required: %w[step field message]
             }
           }
         end
@@ -110,10 +119,29 @@ module Spree
               s[:'x-typelizer'] = true
               strip_null_from_enums(s)
             end
+            patch_cart_schema(schemas)
             schemas
           end
         end
+        # Typelizer cannot represent Array<{...}> inline object types in OpenAPI,
+        # so we patch them to reference manually-defined component schemas.
+        def patch_cart_schema(schemas)
+          cart = schemas['Cart'] || schemas[:Cart]
+          return unless cart
+          props = cart[:properties]
+          return unless props
+          req_key = props.key?('requirements') ? 'requirements' : :requirements
+          if props[req_key]
+            props[req_key] = {
+              type: :array,
+              items: { '$ref' => '#/components/schemas/CheckoutRequirement' }
+            }
+          end
+        end
         # Typelizer adds nil to enum arrays for nullable fields.
         # OpenAPI 3.0 handles nullability via `nullable: true`, so the nil entry is redundant
         # and causes issues with code generators.

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spree_api
 version: !ruby/object:Gem::Version
-  version: 5.4.0.beta6
+  version: 5.4.0.beta8
 platform: ruby
 authors:
 - Vendo Connect Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-03-11 00:00:00.000000000 Z
+date: 2026-03-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rswag-specs
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.4.0.beta6
+        version: 5.4.0.beta8
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.4.0.beta6
+        version: 5.4.0.beta8
 description: Spree's API
 email:
 - hello@spreecommerce.org
@@ -104,12 +104,12 @@ files:
 - README.md
 - Rakefile
 - app/controllers/concerns/spree/api/v3/api_key_authentication.rb
+- app/controllers/concerns/spree/api/v3/cart_resolvable.rb
 - app/controllers/concerns/spree/api/v3/error_handler.rb
 - app/controllers/concerns/spree/api/v3/http_caching.rb
 - app/controllers/concerns/spree/api/v3/idempotent.rb
 - app/controllers/concerns/spree/api/v3/jwt_authentication.rb
 - app/controllers/concerns/spree/api/v3/locale_and_currency.rb
-- app/controllers/concerns/spree/api/v3/order_concern.rb
 - app/controllers/concerns/spree/api/v3/order_lock.rb
 - app/controllers/concerns/spree/api/v3/rate_limit_headers.rb
 - app/controllers/concerns/spree/api/v3/resource_serializer.rb
@@ -120,7 +120,14 @@ files:
 - app/controllers/spree/api/v3/resource_controller.rb
 - app/controllers/spree/api/v3/store/auth_controller.rb
 - app/controllers/spree/api/v3/store/base_controller.rb
-- app/controllers/spree/api/v3/store/cart_controller.rb
+- app/controllers/spree/api/v3/store/carts/coupon_codes_controller.rb
+- app/controllers/spree/api/v3/store/carts/items_controller.rb
+- app/controllers/spree/api/v3/store/carts/payment_methods_controller.rb
+- app/controllers/spree/api/v3/store/carts/payment_sessions_controller.rb
+- app/controllers/spree/api/v3/store/carts/payments_controller.rb
+- app/controllers/spree/api/v3/store/carts/shipments_controller.rb
+- app/controllers/spree/api/v3/store/carts/store_credits_controller.rb
+- app/controllers/spree/api/v3/store/carts_controller.rb
 - app/controllers/spree/api/v3/store/categories/products_controller.rb
 - app/controllers/spree/api/v3/store/categories_controller.rb
 - app/controllers/spree/api/v3/store/countries_controller.rb
@@ -129,38 +136,34 @@ files:
 - app/controllers/spree/api/v3/store/customer/credit_cards_controller.rb
 - app/controllers/spree/api/v3/store/customer/gift_cards_controller.rb
 - app/controllers/spree/api/v3/store/customer/orders_controller.rb
+- app/controllers/spree/api/v3/store/customer/password_resets_controller.rb
 - app/controllers/spree/api/v3/store/customer/payment_setup_sessions_controller.rb
 - app/controllers/spree/api/v3/store/customers_controller.rb
 - app/controllers/spree/api/v3/store/digitals_controller.rb
 - app/controllers/spree/api/v3/store/locales_controller.rb
 - app/controllers/spree/api/v3/store/markets/countries_controller.rb
 - app/controllers/spree/api/v3/store/markets_controller.rb
-- app/controllers/spree/api/v3/store/orders/coupon_codes_controller.rb
-- app/controllers/spree/api/v3/store/orders/line_items_controller.rb
-- app/controllers/spree/api/v3/store/orders/payment_methods_controller.rb
-- app/controllers/spree/api/v3/store/orders/payment_sessions_controller.rb
-- app/controllers/spree/api/v3/store/orders/payments_controller.rb
-- app/controllers/spree/api/v3/store/orders/shipments_controller.rb
-- app/controllers/spree/api/v3/store/orders/store_credits_controller.rb
 - app/controllers/spree/api/v3/store/orders_controller.rb
 - app/controllers/spree/api/v3/store/products/filters_controller.rb
 - app/controllers/spree/api/v3/store/products_controller.rb
 - app/controllers/spree/api/v3/store/resource_controller.rb
 - app/controllers/spree/api/v3/store/wishlist_items_controller.rb
 - app/controllers/spree/api/v3/store/wishlists_controller.rb
+- app/controllers/spree/api/v3/webhooks/payments_controller.rb
 - app/jobs/spree/api_keys/mark_as_used.rb
 - app/jobs/spree/webhook_delivery_job.rb
 - app/serializers/spree/api/v3/address_serializer.rb
 - app/serializers/spree/api/v3/admin/address_serializer.rb
 - app/serializers/spree/api/v3/admin/adjustment_serializer.rb
 - app/serializers/spree/api/v3/admin/admin_user_serializer.rb
+- app/serializers/spree/api/v3/admin/allowed_origin_serializer.rb
 - app/serializers/spree/api/v3/admin/asset_serializer.rb
 - app/serializers/spree/api/v3/admin/category_serializer.rb
 - app/serializers/spree/api/v3/admin/credit_card_serializer.rb
 - app/serializers/spree/api/v3/admin/customer_serializer.rb
 - app/serializers/spree/api/v3/admin/digital_link_serializer.rb
-- app/serializers/spree/api/v3/admin/image_serializer.rb
 - app/serializers/spree/api/v3/admin/line_item_serializer.rb
+- app/serializers/spree/api/v3/admin/media_serializer.rb
 - app/serializers/spree/api/v3/admin/metafield_serializer.rb
 - app/serializers/spree/api/v3/admin/option_type_serializer.rb
 - app/serializers/spree/api/v3/admin/option_value_serializer.rb
@@ -185,6 +188,8 @@ files:
 - app/serializers/spree/api/v3/admin/variant_serializer.rb
 - app/serializers/spree/api/v3/asset_serializer.rb
 - app/serializers/spree/api/v3/base_serializer.rb
+- app/serializers/spree/api/v3/cart_promotion_serializer.rb
+- app/serializers/spree/api/v3/cart_serializer.rb
 - app/serializers/spree/api/v3/category_serializer.rb
 - app/serializers/spree/api/v3/country_serializer.rb
 - app/serializers/spree/api/v3/credit_card_serializer.rb
@@ -196,13 +201,13 @@ files:
 - app/serializers/spree/api/v3/export_serializer.rb
 - app/serializers/spree/api/v3/gift_card_batch_serializer.rb
 - app/serializers/spree/api/v3/gift_card_serializer.rb
-- app/serializers/spree/api/v3/image_serializer.rb
 - app/serializers/spree/api/v3/import_row_serializer.rb
 - app/serializers/spree/api/v3/import_serializer.rb
 - app/serializers/spree/api/v3/invitation_serializer.rb
 - app/serializers/spree/api/v3/line_item_serializer.rb
 - app/serializers/spree/api/v3/locale_serializer.rb
 - app/serializers/spree/api/v3/market_serializer.rb
+- app/serializers/spree/api/v3/media_serializer.rb
 - app/serializers/spree/api/v3/metafield_serializer.rb
 - app/serializers/spree/api/v3/newsletter_subscriber_serializer.rb
 - app/serializers/spree/api/v3/option_type_serializer.rb
@@ -263,9 +268,9 @@ licenses:
 - BSD-3-Clause
 metadata:
   bug_tracker_uri: https://github.com/spree/spree/issues
-  changelog_uri: https://github.com/spree/spree/releases/tag/v5.4.0.beta6
+  changelog_uri: https://github.com/spree/spree/releases/tag/v5.4.0.beta8
   documentation_uri: https://docs.spreecommerce.org/
-  source_code_uri: https://github.com/spree/spree/tree/v5.4.0.beta6
+  source_code_uri: https://github.com/spree/spree/tree/v5.4.0.beta8
 post_install_message:
 rdoc_options: []
 require_paths:

data/app/controllers/concerns/spree/api/v3/order_concern.rb DELETED Viewed

@@ -1,46 +0,0 @@
-module Spree
-  module Api
-    module V3
-      module OrderConcern
-        extend ActiveSupport::Concern
-        # Allow access to order via order token for guests or authenticated users
-        # Expects @parent to be set to the order
-        def authorize_order_access!
-          authorize!(:update, @parent, order_token)
-        end
-        def set_parent
-          return if params[:order_id].blank?
-          @parent = order_scope.find_by_prefix_id!(params[:order_id])
-        end
-        def order_scope
-          base = current_store.orders
-          base = if current_user
-                   base.where(user: current_user)
-                 elsif order_token.present?
-                   base.where(token: order_token)
-                 else
-                   base.none
-                 end
-          base.preload_associations_lazily
-        end
-        protected
-        # Render the parent order as JSON using the order serializer.
-        # Use this when sub-resource mutations should return the updated order
-        # (e.g., line items, coupon codes, store credits).
-        def render_order(status: :ok)
-          render json: Spree.api.order_serializer.new(@parent.reload, params: serializer_params).to_h, status: status
-        end
-        def order_token
-          request.headers['x-spree-order-token']
-        end
-      end
-    end
-  end
-end

data/app/controllers/spree/api/v3/store/cart_controller.rb DELETED Viewed

@@ -1,97 +0,0 @@
-module Spree
-  module Api
-    module V3
-      module Store
-        class CartController < Store::BaseController
-          include Spree::Api::V3::OrderConcern
-          before_action :require_authentication!, only: [:associate]
-          # POST /api/v3/store/cart
-          # Creates a new shopping cart (order)
-          # Can be created by guests or authenticated customers
-          def create
-            result = Spree.cart_create_service.call(
-              user: current_user,
-              store: current_store,
-              currency: current_currency,
-              locale: current_locale,
-              metadata: cart_params[:metadata] || {},
-              line_items: cart_params[:line_items] || []
-            )
-            if result.success?
-              @cart = result.value
-              render json: serialize_resource(@cart), status: :created
-            else
-              render_service_error(result.error.to_s)
-            end
-          end
-          # GET /api/v3/store/cart
-          # Returns current incomplete order (cart)
-          # Returns 404 if no cart exists - use POST /cart to create one
-          # Authorize via order_token param or JWT Bearer token
-          def show
-            @cart = find_cart
-            render json: serialize_resource(@cart)
-          end
-          # PATCH /api/v3/store/cart/associate
-          # Associates a guest cart with the currently authenticated user
-          # Requires: JWT authentication + order token (header or param)
-          def associate
-            @cart = find_cart_by_token
-            result = Spree.cart_associate_service.call(guest_order: @cart, user: current_user, guest_only: true)
-            if result.success?
-              render json: serialize_resource(@cart)
-            else
-              render_service_error(result.error.to_s)
-            end
-          end
-          protected
-          def serializer_class
-            Spree.api.order_serializer
-          end
-          private
-          def cart_params
-            params.permit(
-              metadata: {},
-              line_items: [:variant_id, :quantity, { metadata: {}, options: {} }]
-            )
-          end
-          # Find incomplete cart by order token for associate action
-          # Only finds guest carts (no user) or carts already owned by current user (idempotent)
-          def find_cart_by_token
-            current_store.orders.incomplete.where(user: [ nil, current_user ]).find_by!(token: order_token)
-          end
-          def find_cart
-            scope = current_store.orders.incomplete
-            # Try order_token first (guest checkout)
-            if order_token.present?
-              return scope.find_by!(token: order_token)
-            end
-            # Then try JWT authenticated user
-            if current_user.present?
-              cart = scope.where(user: current_user).order(created_at: :desc).first
-              return cart if cart
-            end
-            raise ActiveRecord::RecordNotFound.new(nil, 'Spree::Order')
-          end
-        end
-      end
-    end
-  end
-end