spree_api 0.50.4 → 0.60.0.RC1

data/app/controllers/admin/users_controller_decorator.rb

@@ -3,17 +3,17 @@ Admin::UsersController.class_eval do
   before_filter :load_roles, :only => [:edit, :new, :update, :create, :generate_api_key, :clear_api_key]
 
   def generate_api_key
-    if object.generate_api_key!
+    if @user.generate_api_key!
       flash.notice = t('api.key_generated')
     end
-    redirect_to edit_object_path
+    redirect_to edit_admin_user_path(@user)
   end
 
   def clear_api_key
-    if object.clear_api_key!
+    if @user.clear_api_key!
       flash.notice = t('api.key_cleared')
     end
-    redirect_to edit_object_path
+    redirect_to edit_admin_user_path(@user)
   end
 
-end
+end

data/app/controllers/api/base_controller.rb

@@ -1,40 +1,41 @@
 class Api::BaseController < Spree::BaseController
-
-  def self.resource_controller_for_api
-    resource_controller
-    before_filter :check_http_authorization
-    skip_before_filter :verify_authenticity_token, :if => lambda { admin_token_passed_in_headers }
-
-    index do
-      wants.json { render :json => collection.to_json(collection_serialization_options) }
-    end
-
-    show do
-      wants.json { render :json => object.to_json(object_serialization_options) }
-      failure.wants.json { render :text => "Failure\n", :status => 500 }
-    end
-
-    create do
-      wants.json { render :text => "Resource created\n", :status => 201, :location => object_url }
-      failure.wants.json { render :text => "Failure\n", :status => 500 }
+  before_filter :check_http_authorization
+  before_filter :load_resource
+  skip_before_filter :verify_authenticity_token, :if => lambda { admin_token_passed_in_headers }
+  authorize_resource
+  
+  respond_to :json
+
+  def index
+    respond_with(@collection) do |format|
+      format.json { render :json => @collection.to_json(collection_serialization_options) }
     end
+  end
 
-    update do
-      wants.json { render :nothing => true }
-      failure.wants.json { render :text => "Failure\n", :status => 500 }
+  def show
+    respond_with(@object) do |format|
+      format.json { render :json => @object.to_json(object_serialization_options) }
     end
+  end
 
-    define_method :admin_token_passed_in_headers do
-      request.headers['HTTP_AUTHORIZATION'].present?
+  def create
+    if @object.save
+      render :text => "Resource created\n", :status => 201, :location => object_url
+    else
+      respond_with(@object.errors, :status => 422)
     end
+  end
 
-    define_method :end_of_association_chain do
-      parent? ? parent_association.scoped : model.scoped(:include  => eager_load_associations)
+  def update
+    if @object.update_attributes(params[object_name])
+      render :nothing => true
+    else
+      respond_with(@object.errors, :status => 422)
     end
+  end
 
-    define_method :collection do
-      @collection ||= search.relation.limit(100)
-    end
+  def admin_token_passed_in_headers
+    request.headers['HTTP_AUTHORIZATION'].present?
   end
 
   def access_denied
@@ -43,13 +44,13 @@ class Api::BaseController < Spree::BaseController
 
   # Generic action to handle firing of state events on an object
   def event
-    valid_events = model.state_machine.events.map(&:name)
-    valid_events_for_object = object.state_transitions.map(&:event)
+    valid_events = model_class.state_machine.events.map(&:name)
+    valid_events_for_object = @object ? @object.state_transitions.map(&:event) : []
 
     if params[:e].blank?
       errors = t('api.errors.missing_event')
     elsif valid_events_for_object.include?(params[:e].to_sym)
-      object.send("#{params[:e]}!")
+      @object.send("#{params[:e]}!")
       errors = nil
     elsif valid_events.include?(params[:e].to_sym)
       errors = t('api.errors.invalid_event_for_object', :events => valid_events_for_object.join(','))
@@ -69,12 +70,60 @@ class Api::BaseController < Spree::BaseController
   end
 
   protected
+    def model_class
+      controller_name.classify.constantize
+    end
+    
+    def object_name
+      controller_name.singularize
+    end
+    
+    def load_resource
+      if member_action?
+        @object ||= load_resource_instance
+        instance_variable_set("@#{object_name}", @object)
+      else
+        @collection ||= collection
+        instance_variable_set("@#{controller_name}", @collection)
+      end
+    end
+    
+    def load_resource_instance
+      if new_actions.include?(params[:action].to_sym)
+        build_resource
+      elsif params[:id]
+        find_resource
+      end
+    end
+    
+    def parent
+      nil
+    end
 
-    def search
-      return @search unless @search.nil?
+    def find_resource
+      if parent.present?
+        parent.send(controller_name).find(params[:id])
+      else
+        model_class.includes(eager_load_associations).find(params[:id])
+      end
+    end
+    
+    def build_resource
+      if parent.present?
+        parent.send(controller_name).build(params[object_name])
+      else
+        model_class.new(params[object_name])
+      end
+    end
+    
+    def collection
+      return @search unless @search.nil?      
       params[:search] = {} if params[:search].blank?
       params[:search][:meta_sort] = 'created_at.desc' if params[:search][:meta_sort].blank?
-      @search = end_of_association_chain.metasearch(params[:search])
+      
+      scope = parent.present? ? parent.send(controller_name) : model_class.scoped
+     
+      @search = scope.metasearch(params[:search]).relation.limit(100)
       @search
     end
 
@@ -94,9 +143,32 @@ class Api::BaseController < Spree::BaseController
       {:errors => object.errors.full_messages}
     end
 
+    def object_url(object = nil, options = {})
+      target = object ? object : @object
+      if parent.present?
+        send "admin_#{parent[:model_name]}_#{object_name}_url", parent, target, options
+      else
+        send "admin_#{object_name}_url", target, options
+      end
+    end
+    
+    def collection_actions
+      [:index]
+    end
+
+    def member_action?
+      !collection_actions.include? params[:action].to_sym
+    end
+
+    def new_actions
+      [:new, :create]
+    end
+
   private
   def check_http_authorization
-    render :text => "Access Denied\n", :status => 401 unless request.headers['HTTP_AUTHORIZATION'].present?
+    if request.headers['HTTP_AUTHORIZATION'].blank?
+      render :text => "Access Denied\n", :status => 401
+    end
   end
 
 end

data/app/controllers/api/countries_controller.rb

@@ -1,4 +1,3 @@
 class Api::CountriesController < Api::BaseController
-  resource_controller_for_api
-  actions :index, :show
+  before_filter :access_denied, :except => [:index, :show]
 end

data/app/controllers/api/inventory_units_controller.rb

@@ -1,10 +1,17 @@
 class Api::InventoryUnitsController < Api::BaseController
-  resource_controller_for_api
-  actions :index, :show, :update, :create
-  belongs_to :shipment, :order
-
   private
-
+    def parent
+      if params[:order_id]
+        @parent = Order.find_by_param(params[:order_id])
+      elsif params[:shipment_id]
+        @parent = Shipment.find_by_param(params[:shipment_id])
+      end
+    end
+  
+    def parent_data
+      [params[:order_id], params[:shipment_id]].compact
+    end
+    
     def eager_load_associations
       [:variant]
     end

data/app/controllers/api/line_items_controller.rb

@@ -1,10 +1,16 @@
 class Api::LineItemsController < Api::BaseController
-  resource_controller_for_api
-  actions :index, :show, :update, :create
-  belongs_to :order
 
   private
-
+    def parent
+      if params[:order_id]
+        @parent ||= Order.find_by_param(params[:order_id])
+      end
+    end
+  
+    def parent_data
+      params[:order_id]
+    end
+    
     def collection_serialization_options
       { :include => [:variant], :methods => [:description] }
     end

data/app/controllers/api/orders_controller.rb

@@ -1,9 +1,12 @@
 class Api::OrdersController < Api::BaseController
-  resource_controller_for_api
-  actions :index, :show
+  before_filter :access_denied, :except => [:index, :show]
 
   private
 
+    def find_resource
+      Order.find_by_param(params[:id])
+    end
+
     def object_serialization_options
       { :include => {
           :bill_address => {:include => [:country, :state]},

data/app/controllers/api/products_controller.rb

@@ -1,10 +1,9 @@
 class Api::ProductsController < Api::BaseController
-  resource_controller_for_api
-  actions :index, :show, :create, :update
   include Spree::Search
 
   private
-    define_method :collection do
+    def collection
+      params[:per_page] ||= 100
       @searcher = Spree::Config.searcher_class.new(params)
       @collection = @searcher.retrieve_products
     end

data/app/controllers/api/shipments_controller.rb

@@ -1,10 +1,12 @@
 class Api::ShipmentsController < Api::BaseController
-  resource_controller_for_api
-  actions :index, :show, :update, :create
-  belongs_to :order
 
   private
-
+    def parent
+      if params[:order_id]
+        @parent ||= Order.find_by_param(params[:order_id])
+      end
+    end
+    
     def collection_serialization_options
       { :include => {:shipping_method => {}, :address => {}, :inventory_units => {:include => :variant}},
       :except => [:shipping_method_id, :address_id] }

data/app/controllers/api/states_controller.rb

@@ -1,5 +1,8 @@
 class Api::StatesController < Api::BaseController
-  resource_controller_for_api
-  actions :index, :show
-  belongs_to :country
+  before_filter :access_denied, :except => [:index, :show]
+
+  private
+  def parent
+    @parent ||= Country.find(params[:country_id])
+  end
 end

data/app/models/order_decorator.rb

@@ -0,0 +1,5 @@
+Order.class_eval do
+  def self.find_by_param(param)
+    Order.where("id = ? OR number = ?", param, param).first
+  end
+end

data/app/models/shipment_decorator.rb

@@ -0,0 +1,5 @@
+Shipment.class_eval do
+  def self.find_by_param(param)
+    Shipment.where("id = ? OR number = ?", param, param).first
+  end
+end

metadata

@@ -1,13 +1,15 @@
 --- !ruby/object:Gem::Specification 
 name: spree_api
 version: !ruby/object:Gem::Version 
-  hash: 223
-  prerelease: 
+  hash: 11094359
+  prerelease: 7
   segments: 
   - 0
-  - 50
-  - 4
-  version: 0.50.4
+  - 60
+  - 0
+  - RC
+  - 1
+  version: 0.60.0.RC1
 platform: ruby
 authors: 
 - David North
@@ -15,24 +17,45 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-10-21 00:00:00 Z
+date: 2011-05-03 00:00:00 -04:00
+default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
-  version_requirements: &id001 !ruby/object:Gem::Requirement 
+  name: spree_core
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - "="
       - !ruby/object:Gem::Version 
-        hash: 223
+        hash: 11094359
         segments: 
         - 0
-        - 50
-        - 4
-        version: 0.50.4
-  requirement: *id001
+        - 60
+        - 0
+        - RC
+        - 1
+        version: 0.60.0.RC1
   type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: spree_auth
   prerelease: false
-  name: spree_core
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        hash: 11094359
+        segments: 
+        - 0
+        - 60
+        - 0
+        - RC
+        - 1
+        version: 0.60.0.RC1
+  type: :runtime
+  version_requirements: *id002
 description: Required dependancy for Spree
 email: david@railsdog.com
 executables: []
@@ -53,8 +76,9 @@ files:
 - app/controllers/api/products_controller.rb
 - app/controllers/api/shipments_controller.rb
 - app/controllers/api/states_controller.rb
-- app/helpers/api/shipments_helper.rb
 - app/models/line_item_decorator.rb
+- app/models/order_decorator.rb
+- app/models/shipment_decorator.rb
 - app/models/user_decorator.rb
 - app/views/admin/users/_api_fields.html.erb
 - config/cucumber.yml
@@ -64,6 +88,7 @@ files:
 - lib/spree_api_hooks.rb
 - lib/tasks/install.rake
 - db/migrate/20100107141738_add_api_key_to_users.rb
+has_rdoc: true
 homepage: http://spreecommerce.com
 licenses: []
 
@@ -86,16 +111,18 @@ required_ruby_version: !ruby/object:Gem::Requirement
 required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
   requirements: 
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version 
-      hash: 3
+      hash: 25
       segments: 
-      - 0
-      version: "0"
+      - 1
+      - 3
+      - 1
+      version: 1.3.1
 requirements: 
 - none
 rubyforge_project: spree_api
-rubygems_version: 1.8.10
+rubygems_version: 1.4.2
 signing_key: 
 specification_version: 3
 summary: Provides RESTful access for Spree.

data/app/helpers/api/shipments_helper.rb

@@ -1,2 +0,0 @@
-module Api::ShipmentsHelper
-end