spree_api 1.3.4 → 1.3.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 288706a5a4c81fc84a82d1f1aa91dcd8ce546fb6
-  data.tar.gz: 75057c9776f7ecbe0374da3d4c155aa3bf61130d
+  metadata.gz: f36fa5b9ac229e7e973c1c724fda3cf3e9cd50ad
+  data.tar.gz: 78a1596cc6c1ed5014fc22c65319c431cb6a08de
 SHA512:
-  metadata.gz: 83df37343d301ff95eb8f78144c36d6a0b88703f704400510dedf050b511482339e731b1396d3312012cbbcaeb843451bed73f3a8e257b6305d61859c9665c83
-  data.tar.gz: e88252e0d65aeee9ffcefab0b9c18bc088068881f7f42787615e1094c26fa076c3377cf4bb4c4f591edaf987b325b5b1321d3993ce82d2a4e5d69593c01077df
+  metadata.gz: ab336cf7a3b2b2c56070dd047fd1844c3abf8051431c8171d078534289f8274e323a9c6f85eae06132bf6427effc5fa67762b4c071660da4e7d02b552a2fc916
+  data.tar.gz: ec3c418cb4b1b6351d8cc879d27acab755e8c45f62900150203c8a6d7d8854507cc3199c63c210c47ee400553354556050c4aca371db63b3087f9f52a3d4aca7

data/app/controllers/spree/api/orders_controller.rb

@@ -56,6 +56,8 @@ module Spree
       def sanitize_line_items(line_item_attributes)
         return {} if line_item_attributes.blank?
         line_item_attributes = line_item_attributes.map do |id, attributes|
+          attributes ||= id
+
           # Faux Strong-Parameters code to strip price if user isn't an admin
           if current_api_user.has_spree_role?("admin")
             [id, attributes.slice(*Spree::LineItem.attr_accessible[:api])]

data/app/controllers/spree/api/products_controller.rb

@@ -19,9 +19,27 @@ module Spree
       def create
         authorize! :create, Product
         params[:product][:available_on] ||= Time.now
+
+        variants_attributes = params[:product].delete(:variants_attributes) || []
+        option_type_attributes = params[:product].delete(:option_types) || []
+
         @product = Product.new(params[:product])
         begin
           if @product.save
+            variants_attributes.each do |variant_attribute|
+              variant = @product.variants.new
+              variant.update_attributes(variant_attribute)
+            end
+
+            option_type_attributes.each do |name|
+              option_type = OptionType.where(name: name).first_or_initialize do |option_type|
+                option_type.presentation = name
+                option_type.save!
+              end
+
+              @product.option_types << option_type unless @product.option_types.include?(option_type)
+            end
+
             respond_with(@product, :status => 201, :default_template => :show)
           else
             invalid_resource!(@product)

data/app/helpers/spree/api/api_helpers.rb

@@ -33,7 +33,7 @@ module Spree
       end
 
       def order_attributes
-        [:id, :number, :item_total, :total, :state, :adjustment_total, :user_id, :created_at, :updated_at, :completed_at, :payment_total, :shipment_state, :payment_state, :email, :special_instructions]
+        [:id, :number, :item_total, :total, :state, :adjustment_total, :user_id, :created_at, :updated_at, :completed_at, :payment_total, :shipment_state, :payment_state, :email, :special_instructions, :channel]
       end
 
       def line_item_attributes

data/app/models/spree/api_configuration.rb

@@ -1,5 +1,6 @@
 module Spree
   class ApiConfiguration < Preferences::Configuration
+    # Make sure the api requires authentication by default to prevent unwanted access
     preference :requires_authentication, :boolean, :default => true
   end
 end

data/app/models/spree/line_item_decorator.rb

@@ -1,3 +1,3 @@
 Spree::LineItem.class_eval do
-  attr_accessible :quantity, :variant_id, :as => :api
+  attr_accessible :quantity, :variant_id, :sku, :as => :api
 end

data/app/models/spree/order_decorator.rb

@@ -1,4 +1,6 @@
 Spree::Order.class_eval do
+  attr_accessible :channel, :as => :api_admin
+
   def self.build_from_api(user, params)
     begin
       ensure_country_id_from_api params[:ship_address_attributes]
@@ -15,7 +17,12 @@ Spree::Order.class_eval do
       order.complete_from_api params.delete(:completed_at)
 
       destroy_automatic_taxes_on_import(order, params)
-      order.update_attributes!(params)
+
+      if user.has_spree_role? "admin"
+        order.update_attributes!(params, without_protection: true)
+      else
+        order.update_attributes!(params)
+      end
 
       order.reload
     rescue Exception => e
@@ -59,7 +66,7 @@ Spree::Order.class_eval do
         shipment.adjustment.amount = s[:cost].to_f
         shipment.adjustment.save
       rescue Exception => e
-        raise "#{e.message} #{s}"
+        raise "Order import shipments: #{e.message} #{s}"
       end
     end
   end
@@ -73,7 +80,7 @@ Spree::Order.class_eval do
         payment.payment_method = Spree::PaymentMethod.find_by_name!(p[:payment_method])
         payment.save!
       rescue Exception => e
-        raise "#{e.message} #{p}"
+        raise "Order import payments: #{e.message} #{p}"
       end
     end
   end
@@ -84,14 +91,14 @@ Spree::Order.class_eval do
         line_item = line_items_hash[k]
         self.class.ensure_variant_id_from_api(line_item)
 
-        item  = self.add_variant(Spree::Variant.find(line_item[:variant_id]), line_item[:quantity])
+        item = self.add_variant(Spree::Variant.find(line_item[:variant_id]), line_item[:quantity].to_i)
 
         if line_item.key? :price
           item.price = line_item[:price]
           item.save!
         end
       rescue Exception => e
-        raise "#{e.message} #{line_item}"
+        raise "Order import line items: #{e.message} #{line_item}"
       end
     end
   end
@@ -104,7 +111,7 @@ Spree::Order.class_eval do
         adjustment.locked = true
         adjustment.save!
       rescue Exception => e
-        raise "#{e.message} #{a}"
+        raise "Order import adjustments: #{e.message} #{a}"
       end
     end
   end
@@ -116,7 +123,7 @@ Spree::Order.class_eval do
         hash.delete(:sku)
       end
     rescue Exception => e
-      raise "#{e.message} #{hash}"
+      raise "Ensure order import variant: #{e.message} #{hash}"
     end
   end
 
@@ -139,7 +146,7 @@ Spree::Order.class_eval do
       address[:country_id] = Spree::Country.where(search).first!.id
 
     rescue Exception => e
-      raise "#{e.message} #{search}"
+      raise "Ensure order import address country: #{e.message} #{search}"
     end
   end
 
@@ -155,9 +162,15 @@ Spree::Order.class_eval do
       end
 
       address.delete(:state)
-      address[:state_id] = Spree::State.where(search).first!.id
+      search[:country_id] = address[:country_id]
+
+      if state = Spree::State.where(search).first
+        address[:state_id] = state.id
+      else
+        address[:state_name] = search[:name] || search[:abbr]
+      end
     rescue Exception => e
-      raise "#{e.message} #{search}"
+      raise "Ensure order import address state: #{e.message} #{search}"
     end
   end
 end

data/db/migrate/20131017162334_add_index_to_user_spree_api_key.rb

@@ -0,0 +1,7 @@
+class AddIndexToUserSpreeApiKey < ActiveRecord::Migration
+  def change
+    unless defined?(User)
+      add_index :spree_users, :spree_api_key
+    end
+  end
+end

data/spec/controllers/spree/api/orders_controller_spec.rb

@@ -11,10 +11,9 @@ module Spree
                         :completed_at, :payment_total, :shipment_state,
                         :payment_state, :email, :special_instructions] }
 
+    let(:variant) { create(:variant) }
 
-    before do
-      stub_authentication!
-    end
+    before { stub_authentication! }
 
     it "cannot view all orders" do
       api_get :index
@@ -64,6 +63,50 @@ module Spree
       json_response["state"].should == "cart"
     end
 
+    context "import" do
+      let(:tax_rate) { create(:tax_rate, amount: 0.05, calculator: Calculator::DefaultTax.create) }
+      let(:other_variant) { create(:variant) }
+
+      # line items come in as an array when importing orders or when
+      # creating both an order an a line item at once
+      let(:order_params) do
+        {
+          :line_items => [
+            { :variant_id => variant.to_param, :quantity => 5 },
+            { :variant_id => other_variant.to_param, :quantity => 5 }
+          ]
+        }
+      end
+
+      before do
+        Zone.stub default_tax: tax_rate.zone
+        current_api_user.stub has_spree_role?: true
+      end
+
+      it "sets channel" do
+        api_post :create, :order => { channel: "amazon" }
+        expect(json_response['channel']).to eq "amazon"
+      end
+
+      it "doesnt persist any automatic tax adjustment" do
+        expect {
+          api_post :create, :order => order_params.merge(:import => true)
+        }.not_to change { Adjustment.count }
+        expect(response.status).to eq 201
+      end
+
+      context "provides sku rather than variant id" do
+        let(:order_params) do
+          { :line_items => [{ :sku => variant.sku, :quantity => 1 }] }
+        end
+
+        it "still finds the variant by sku and persist order" do
+          api_post :create, :order => order_params
+          expect(json_response['line_items'].count).to eq 1
+        end
+      end
+    end
+
     it "can create an order without any parameters" do
       lambda { api_post :create }.should_not raise_error(NoMethodError)
       response.status.should == 201
@@ -210,6 +253,14 @@ module Spree
         end
       end
 
+      it "responds with orders updated_at with miliseconds precision" do
+        api_get :index
+        milisecond = order.updated_at.strftime("%L")
+        updated_at = json_response["orders"].first["updated_at"]
+
+        expect(updated_at.split("T").last).to have_content(milisecond)
+      end
+
       context "with two orders" do
         before { create(:order) }
 

data/spec/controllers/spree/api/products_controller_spec.rb

@@ -8,6 +8,10 @@ module Spree
     let!(:product) { create(:product) }
     let!(:inactive_product) { create(:product, :available_on => Time.now.tomorrow, :name => "inactive") }
     let(:attributes) { [:id, :name, :description, :price, :available_on, :permalink, :count_on_hand, :meta_description, :meta_keywords, :taxon_ids] }
+    let(:product_hash) do
+      { :name => "The Other Product",
+        :price => 19.99 }
+    end
 
     before do
       stub_authentication!
@@ -157,12 +161,79 @@ module Spree
       end
 
       it "can create a new product" do
-        api_post :create, :product => { :name => "The Other Product",
-                                        :price => 19.99 }
+        api_post :create, :product => product_hash
         json_response.should have_attributes(attributes)
         response.status.should == 201
       end
 
+      describe "creating products with" do
+        it "embedded variants" do
+          def attributes_for_variant
+            h = attributes_for(:variant).except(:is_master, :product)
+            h.delete(:option_values)
+            h.merge({
+              options: [
+                { name: "size", value: "small" },
+                { name: "color", value: "black" }
+              ]
+            })
+          end
+
+          attributes = product_hash
+
+          attributes.merge!({
+            shipping_category_id: 1,
+
+            option_types: ['size', 'color'],
+
+            variants_attributes: [
+              attributes_for_variant,
+              attributes_for_variant
+            ]
+          })
+
+          api_post :create, :product => attributes
+
+          expect(json_response['variants'].count).to eq(3) # 1 master + 2 variants
+          expect(json_response['variants'][1]['option_values'][0]['name']).to eq('small')
+          expect(json_response['variants'][1]['option_values'][0]['option_type_name']).to eq('size')
+
+          expect(json_response['option_types'].count).to eq(2) # size, color
+        end
+
+        it "embedded product_properties" do
+          attributes = product_hash
+
+          attributes.merge!({
+            shipping_category_id: 1,
+
+            product_properties_attributes: [{
+              property_name: "fabric",
+              value: "cotton"
+            }]
+          })
+
+          api_post :create, :product => attributes
+
+          expect(json_response['product_properties'][0]['property_name']).to eq('fabric')
+          expect(json_response['product_properties'][0]['value']).to eq('cotton')
+        end
+
+        it "option_types even if without variants" do
+          attributes = product_hash
+
+          attributes.merge!({
+            shipping_category_id: 1,
+
+            option_types: ['size', 'color']
+          })
+
+          api_post :create, :product => attributes
+
+          expect(json_response['option_types'].count).to eq(2)
+        end
+      end
+
       # Regression test for #2140
       context "with authentication_required set to false" do
         before do

data/spec/models/spree/order_spec.rb

@@ -62,6 +62,18 @@ module Spree
         expect(line_item.variant_id).to eq attributes[:variant_id]
         expect(line_item.price).to eq attributes[:price]
       end
+
+      it "ensures quantity values are converted to integer" do
+        params = {
+          :line_items_attributes => {
+            "0" => { :variant_id => variant.id, :quantity => "5" },
+            "1" => { :variant_id => variant.id, :quantity => "5" }
+          }
+        }
+
+        order = Order.build_from_api(user, params)
+        expect(order.line_items.first.quantity).to eq 10
+      end
     end
 
     it 'uses line item price if present' do
@@ -133,7 +145,7 @@ module Spree
 
     it 'can build an order from API with state attributes' do
       ship_address.delete(:state_id)
-      ship_address[:state] = { 'name' => 'Alabama' }
+      ship_address[:state] = { 'name' => state.name }
       params = { :ship_address_attributes => ship_address,
                  :line_items_attributes => line_items }
 
@@ -141,15 +153,37 @@ module Spree
       order.ship_address.state.name.should eq 'Alabama'
     end
 
-    it 'handles state lookup exceptions' do
+    context "state passed is not associated with country" do
+      let(:params) do
+        params = { :ship_address_attributes => ship_address,
+                   :line_items_attributes => line_items }
+      end
+
+      let(:other_state) { create(:state, name: "Uhuhuh", country: create(:country)) }
+
+      before do
+        country.states.destroy_all
+
+        ship_address.delete(:state_id)
+        ship_address[:state] = { 'name' => other_state.name }
+      end
+
+      it 'sets states name instead of state id' do
+        order = Order.build_from_api(user, params)
+        expect(order.ship_address.state_name).to eq other_state.name
+      end
+    end
+
+    it 'sets state name if state record not found' do
+      country.states.destroy_all
+
       ship_address.delete(:state_id)
       ship_address[:state] = { 'name' => 'XXX' }
       params = { :ship_address_attributes => ship_address,
                  :line_items_attributes => line_items }
 
-      expect {
-        order = Order.build_from_api(user, params)
-      }.to raise_error /XXX/
+      order = Order.build_from_api(user, params)
+      expect(order.ship_address.state_name).to eq 'XXX'
     end
 
     context 'variant not deleted' do
@@ -187,19 +221,12 @@ module Spree
 
     it 'ensures_state_id for state fields' do
       [:name, :abbr].each do |field|
-        address = { :state => { field => state.send(field) }}
+        address = { country_id: country.id, :state => { field => state.send(field) }}
         Order.ensure_state_id_from_api(address)
         address[:state_id].should eq state.id
       end
     end
 
-    it "raises with proper message when cant find state" do
-      address = { :state => { "name" => "NoNoState" } }
-      expect {
-        Order.ensure_state_id_from_api(address)
-      }.to raise_error /NoNoState/
-    end
-
     context "shippments" do
       let(:params) do
         { :shipments_attributes => [

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spree_api
 version: !ruby/object:Gem::Version
-  version: 1.3.4
+  version: 1.3.5
 platform: ruby
 authors:
 - Ryan Bigg
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-10-15 00:00:00.000000000 Z
+date: 2014-01-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: spree_core
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.3.4
+        version: 1.3.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.3.4
+        version: 1.3.5
 - !ruby/object:Gem::Dependency
   name: versioncake
   requirement: !ruby/object:Gem::Requirement
@@ -45,8 +45,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rspec
+- ".gitignore"
+- ".rspec"
 - Gemfile
 - LICENSE
 - Rakefile
@@ -141,6 +141,7 @@ files:
 - db/migrate/20100107141738_add_api_key_to_spree_users.rb
 - db/migrate/20120411123334_resize_api_key_field.rb
 - db/migrate/20120530054546_rename_api_key_to_spree_api_key.rb
+- db/migrate/20131017162334_add_index_to_user_spree_api_key.rb
 - lib/spree/api.rb
 - lib/spree/api/controller_setup.rb
 - lib/spree/api/engine.rb
@@ -188,17 +189,17 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.1.0
+rubygems_version: 2.2.0
 signing_key: 
 specification_version: 4
 summary: Spree's API