spree_api 0.50.4 → 0.60.0.RC1
Sign up to get free protection for your applications and to get access to all the features.
- data/app/controllers/admin/users_controller_decorator.rb +5 -5
- data/app/controllers/api/base_controller.rb +107 -35
- data/app/controllers/api/countries_controller.rb +1 -2
- data/app/controllers/api/inventory_units_controller.rb +12 -5
- data/app/controllers/api/line_items_controller.rb +10 -4
- data/app/controllers/api/orders_controller.rb +5 -2
- data/app/controllers/api/products_controller.rb +2 -3
- data/app/controllers/api/shipments_controller.rb +6 -4
- data/app/controllers/api/states_controller.rb +6 -3
- data/app/models/order_decorator.rb +5 -0
- data/app/models/shipment_decorator.rb +5 -0
- metadata +46 -19
- data/app/helpers/api/shipments_helper.rb +0 -2
@@ -3,17 +3,17 @@ Admin::UsersController.class_eval do
|
|
3
3
|
before_filter :load_roles, :only => [:edit, :new, :update, :create, :generate_api_key, :clear_api_key]
|
4
4
|
|
5
5
|
def generate_api_key
|
6
|
-
if
|
6
|
+
if @user.generate_api_key!
|
7
7
|
flash.notice = t('api.key_generated')
|
8
8
|
end
|
9
|
-
redirect_to
|
9
|
+
redirect_to edit_admin_user_path(@user)
|
10
10
|
end
|
11
11
|
|
12
12
|
def clear_api_key
|
13
|
-
if
|
13
|
+
if @user.clear_api_key!
|
14
14
|
flash.notice = t('api.key_cleared')
|
15
15
|
end
|
16
|
-
redirect_to
|
16
|
+
redirect_to edit_admin_user_path(@user)
|
17
17
|
end
|
18
18
|
|
19
|
-
end
|
19
|
+
end
|
@@ -1,40 +1,41 @@
|
|
1
1
|
class Api::BaseController < Spree::BaseController
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
show do
|
13
|
-
wants.json { render :json => object.to_json(object_serialization_options) }
|
14
|
-
failure.wants.json { render :text => "Failure\n", :status => 500 }
|
15
|
-
end
|
16
|
-
|
17
|
-
create do
|
18
|
-
wants.json { render :text => "Resource created\n", :status => 201, :location => object_url }
|
19
|
-
failure.wants.json { render :text => "Failure\n", :status => 500 }
|
2
|
+
before_filter :check_http_authorization
|
3
|
+
before_filter :load_resource
|
4
|
+
skip_before_filter :verify_authenticity_token, :if => lambda { admin_token_passed_in_headers }
|
5
|
+
authorize_resource
|
6
|
+
|
7
|
+
respond_to :json
|
8
|
+
|
9
|
+
def index
|
10
|
+
respond_with(@collection) do |format|
|
11
|
+
format.json { render :json => @collection.to_json(collection_serialization_options) }
|
20
12
|
end
|
13
|
+
end
|
21
14
|
|
22
|
-
|
23
|
-
|
24
|
-
|
15
|
+
def show
|
16
|
+
respond_with(@object) do |format|
|
17
|
+
format.json { render :json => @object.to_json(object_serialization_options) }
|
25
18
|
end
|
19
|
+
end
|
26
20
|
|
27
|
-
|
28
|
-
|
21
|
+
def create
|
22
|
+
if @object.save
|
23
|
+
render :text => "Resource created\n", :status => 201, :location => object_url
|
24
|
+
else
|
25
|
+
respond_with(@object.errors, :status => 422)
|
29
26
|
end
|
27
|
+
end
|
30
28
|
|
31
|
-
|
32
|
-
|
29
|
+
def update
|
30
|
+
if @object.update_attributes(params[object_name])
|
31
|
+
render :nothing => true
|
32
|
+
else
|
33
|
+
respond_with(@object.errors, :status => 422)
|
33
34
|
end
|
35
|
+
end
|
34
36
|
|
35
|
-
|
36
|
-
|
37
|
-
end
|
37
|
+
def admin_token_passed_in_headers
|
38
|
+
request.headers['HTTP_AUTHORIZATION'].present?
|
38
39
|
end
|
39
40
|
|
40
41
|
def access_denied
|
@@ -43,13 +44,13 @@ class Api::BaseController < Spree::BaseController
|
|
43
44
|
|
44
45
|
# Generic action to handle firing of state events on an object
|
45
46
|
def event
|
46
|
-
valid_events =
|
47
|
-
valid_events_for_object = object.state_transitions.map(&:event)
|
47
|
+
valid_events = model_class.state_machine.events.map(&:name)
|
48
|
+
valid_events_for_object = @object ? @object.state_transitions.map(&:event) : []
|
48
49
|
|
49
50
|
if params[:e].blank?
|
50
51
|
errors = t('api.errors.missing_event')
|
51
52
|
elsif valid_events_for_object.include?(params[:e].to_sym)
|
52
|
-
object.send("#{params[:e]}!")
|
53
|
+
@object.send("#{params[:e]}!")
|
53
54
|
errors = nil
|
54
55
|
elsif valid_events.include?(params[:e].to_sym)
|
55
56
|
errors = t('api.errors.invalid_event_for_object', :events => valid_events_for_object.join(','))
|
@@ -69,12 +70,60 @@ class Api::BaseController < Spree::BaseController
|
|
69
70
|
end
|
70
71
|
|
71
72
|
protected
|
73
|
+
def model_class
|
74
|
+
controller_name.classify.constantize
|
75
|
+
end
|
76
|
+
|
77
|
+
def object_name
|
78
|
+
controller_name.singularize
|
79
|
+
end
|
80
|
+
|
81
|
+
def load_resource
|
82
|
+
if member_action?
|
83
|
+
@object ||= load_resource_instance
|
84
|
+
instance_variable_set("@#{object_name}", @object)
|
85
|
+
else
|
86
|
+
@collection ||= collection
|
87
|
+
instance_variable_set("@#{controller_name}", @collection)
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
def load_resource_instance
|
92
|
+
if new_actions.include?(params[:action].to_sym)
|
93
|
+
build_resource
|
94
|
+
elsif params[:id]
|
95
|
+
find_resource
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
def parent
|
100
|
+
nil
|
101
|
+
end
|
72
102
|
|
73
|
-
def
|
74
|
-
|
103
|
+
def find_resource
|
104
|
+
if parent.present?
|
105
|
+
parent.send(controller_name).find(params[:id])
|
106
|
+
else
|
107
|
+
model_class.includes(eager_load_associations).find(params[:id])
|
108
|
+
end
|
109
|
+
end
|
110
|
+
|
111
|
+
def build_resource
|
112
|
+
if parent.present?
|
113
|
+
parent.send(controller_name).build(params[object_name])
|
114
|
+
else
|
115
|
+
model_class.new(params[object_name])
|
116
|
+
end
|
117
|
+
end
|
118
|
+
|
119
|
+
def collection
|
120
|
+
return @search unless @search.nil?
|
75
121
|
params[:search] = {} if params[:search].blank?
|
76
122
|
params[:search][:meta_sort] = 'created_at.desc' if params[:search][:meta_sort].blank?
|
77
|
-
|
123
|
+
|
124
|
+
scope = parent.present? ? parent.send(controller_name) : model_class.scoped
|
125
|
+
|
126
|
+
@search = scope.metasearch(params[:search]).relation.limit(100)
|
78
127
|
@search
|
79
128
|
end
|
80
129
|
|
@@ -94,9 +143,32 @@ class Api::BaseController < Spree::BaseController
|
|
94
143
|
{:errors => object.errors.full_messages}
|
95
144
|
end
|
96
145
|
|
146
|
+
def object_url(object = nil, options = {})
|
147
|
+
target = object ? object : @object
|
148
|
+
if parent.present?
|
149
|
+
send "admin_#{parent[:model_name]}_#{object_name}_url", parent, target, options
|
150
|
+
else
|
151
|
+
send "admin_#{object_name}_url", target, options
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
155
|
+
def collection_actions
|
156
|
+
[:index]
|
157
|
+
end
|
158
|
+
|
159
|
+
def member_action?
|
160
|
+
!collection_actions.include? params[:action].to_sym
|
161
|
+
end
|
162
|
+
|
163
|
+
def new_actions
|
164
|
+
[:new, :create]
|
165
|
+
end
|
166
|
+
|
97
167
|
private
|
98
168
|
def check_http_authorization
|
99
|
-
|
169
|
+
if request.headers['HTTP_AUTHORIZATION'].blank?
|
170
|
+
render :text => "Access Denied\n", :status => 401
|
171
|
+
end
|
100
172
|
end
|
101
173
|
|
102
174
|
end
|
@@ -1,10 +1,17 @@
|
|
1
1
|
class Api::InventoryUnitsController < Api::BaseController
|
2
|
-
resource_controller_for_api
|
3
|
-
actions :index, :show, :update, :create
|
4
|
-
belongs_to :shipment, :order
|
5
|
-
|
6
2
|
private
|
7
|
-
|
3
|
+
def parent
|
4
|
+
if params[:order_id]
|
5
|
+
@parent = Order.find_by_param(params[:order_id])
|
6
|
+
elsif params[:shipment_id]
|
7
|
+
@parent = Shipment.find_by_param(params[:shipment_id])
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
def parent_data
|
12
|
+
[params[:order_id], params[:shipment_id]].compact
|
13
|
+
end
|
14
|
+
|
8
15
|
def eager_load_associations
|
9
16
|
[:variant]
|
10
17
|
end
|
@@ -1,10 +1,16 @@
|
|
1
1
|
class Api::LineItemsController < Api::BaseController
|
2
|
-
resource_controller_for_api
|
3
|
-
actions :index, :show, :update, :create
|
4
|
-
belongs_to :order
|
5
2
|
|
6
3
|
private
|
7
|
-
|
4
|
+
def parent
|
5
|
+
if params[:order_id]
|
6
|
+
@parent ||= Order.find_by_param(params[:order_id])
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
def parent_data
|
11
|
+
params[:order_id]
|
12
|
+
end
|
13
|
+
|
8
14
|
def collection_serialization_options
|
9
15
|
{ :include => [:variant], :methods => [:description] }
|
10
16
|
end
|
@@ -1,9 +1,12 @@
|
|
1
1
|
class Api::OrdersController < Api::BaseController
|
2
|
-
|
3
|
-
actions :index, :show
|
2
|
+
before_filter :access_denied, :except => [:index, :show]
|
4
3
|
|
5
4
|
private
|
6
5
|
|
6
|
+
def find_resource
|
7
|
+
Order.find_by_param(params[:id])
|
8
|
+
end
|
9
|
+
|
7
10
|
def object_serialization_options
|
8
11
|
{ :include => {
|
9
12
|
:bill_address => {:include => [:country, :state]},
|
@@ -1,10 +1,9 @@
|
|
1
1
|
class Api::ProductsController < Api::BaseController
|
2
|
-
resource_controller_for_api
|
3
|
-
actions :index, :show, :create, :update
|
4
2
|
include Spree::Search
|
5
3
|
|
6
4
|
private
|
7
|
-
|
5
|
+
def collection
|
6
|
+
params[:per_page] ||= 100
|
8
7
|
@searcher = Spree::Config.searcher_class.new(params)
|
9
8
|
@collection = @searcher.retrieve_products
|
10
9
|
end
|
@@ -1,10 +1,12 @@
|
|
1
1
|
class Api::ShipmentsController < Api::BaseController
|
2
|
-
resource_controller_for_api
|
3
|
-
actions :index, :show, :update, :create
|
4
|
-
belongs_to :order
|
5
2
|
|
6
3
|
private
|
7
|
-
|
4
|
+
def parent
|
5
|
+
if params[:order_id]
|
6
|
+
@parent ||= Order.find_by_param(params[:order_id])
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
8
10
|
def collection_serialization_options
|
9
11
|
{ :include => {:shipping_method => {}, :address => {}, :inventory_units => {:include => :variant}},
|
10
12
|
:except => [:shipping_method_id, :address_id] }
|
@@ -1,5 +1,8 @@
|
|
1
1
|
class Api::StatesController < Api::BaseController
|
2
|
-
|
3
|
-
|
4
|
-
|
2
|
+
before_filter :access_denied, :except => [:index, :show]
|
3
|
+
|
4
|
+
private
|
5
|
+
def parent
|
6
|
+
@parent ||= Country.find(params[:country_id])
|
7
|
+
end
|
5
8
|
end
|
metadata
CHANGED
@@ -1,13 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: spree_api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
5
|
-
prerelease:
|
4
|
+
hash: 11094359
|
5
|
+
prerelease: 7
|
6
6
|
segments:
|
7
7
|
- 0
|
8
|
-
-
|
9
|
-
-
|
10
|
-
|
8
|
+
- 60
|
9
|
+
- 0
|
10
|
+
- RC
|
11
|
+
- 1
|
12
|
+
version: 0.60.0.RC1
|
11
13
|
platform: ruby
|
12
14
|
authors:
|
13
15
|
- David North
|
@@ -15,24 +17,45 @@ autorequire:
|
|
15
17
|
bindir: bin
|
16
18
|
cert_chain: []
|
17
19
|
|
18
|
-
date: 2011-
|
20
|
+
date: 2011-05-03 00:00:00 -04:00
|
21
|
+
default_executable:
|
19
22
|
dependencies:
|
20
23
|
- !ruby/object:Gem::Dependency
|
21
|
-
|
24
|
+
name: spree_core
|
25
|
+
prerelease: false
|
26
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
22
27
|
none: false
|
23
28
|
requirements:
|
24
29
|
- - "="
|
25
30
|
- !ruby/object:Gem::Version
|
26
|
-
hash:
|
31
|
+
hash: 11094359
|
27
32
|
segments:
|
28
33
|
- 0
|
29
|
-
-
|
30
|
-
-
|
31
|
-
|
32
|
-
|
34
|
+
- 60
|
35
|
+
- 0
|
36
|
+
- RC
|
37
|
+
- 1
|
38
|
+
version: 0.60.0.RC1
|
33
39
|
type: :runtime
|
40
|
+
version_requirements: *id001
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: spree_auth
|
34
43
|
prerelease: false
|
35
|
-
|
44
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
45
|
+
none: false
|
46
|
+
requirements:
|
47
|
+
- - "="
|
48
|
+
- !ruby/object:Gem::Version
|
49
|
+
hash: 11094359
|
50
|
+
segments:
|
51
|
+
- 0
|
52
|
+
- 60
|
53
|
+
- 0
|
54
|
+
- RC
|
55
|
+
- 1
|
56
|
+
version: 0.60.0.RC1
|
57
|
+
type: :runtime
|
58
|
+
version_requirements: *id002
|
36
59
|
description: Required dependancy for Spree
|
37
60
|
email: david@railsdog.com
|
38
61
|
executables: []
|
@@ -53,8 +76,9 @@ files:
|
|
53
76
|
- app/controllers/api/products_controller.rb
|
54
77
|
- app/controllers/api/shipments_controller.rb
|
55
78
|
- app/controllers/api/states_controller.rb
|
56
|
-
- app/helpers/api/shipments_helper.rb
|
57
79
|
- app/models/line_item_decorator.rb
|
80
|
+
- app/models/order_decorator.rb
|
81
|
+
- app/models/shipment_decorator.rb
|
58
82
|
- app/models/user_decorator.rb
|
59
83
|
- app/views/admin/users/_api_fields.html.erb
|
60
84
|
- config/cucumber.yml
|
@@ -64,6 +88,7 @@ files:
|
|
64
88
|
- lib/spree_api_hooks.rb
|
65
89
|
- lib/tasks/install.rake
|
66
90
|
- db/migrate/20100107141738_add_api_key_to_users.rb
|
91
|
+
has_rdoc: true
|
67
92
|
homepage: http://spreecommerce.com
|
68
93
|
licenses: []
|
69
94
|
|
@@ -86,16 +111,18 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
86
111
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
87
112
|
none: false
|
88
113
|
requirements:
|
89
|
-
- - "
|
114
|
+
- - ">"
|
90
115
|
- !ruby/object:Gem::Version
|
91
|
-
hash:
|
116
|
+
hash: 25
|
92
117
|
segments:
|
93
|
-
-
|
94
|
-
|
118
|
+
- 1
|
119
|
+
- 3
|
120
|
+
- 1
|
121
|
+
version: 1.3.1
|
95
122
|
requirements:
|
96
123
|
- none
|
97
124
|
rubyforge_project: spree_api
|
98
|
-
rubygems_version: 1.
|
125
|
+
rubygems_version: 1.4.2
|
99
126
|
signing_key:
|
100
127
|
specification_version: 3
|
101
128
|
summary: Provides RESTful access for Spree.
|