spree_api 2.4.9 → 2.4.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5ebfeb30bdead8dacaf7f5f21bd14038c69aecab
-  data.tar.gz: 60bce254502ebca885ca624805910ceeadfff020
+  metadata.gz: 632c3f3af60db8e2033c1fadf69ab81d11aae659
+  data.tar.gz: e80451f21adb1335d2be39bf4ffe33fece0c62ee
 SHA512:
-  metadata.gz: 0083f015c33562559e92d7c51d314457714569d820cadc7e05b68c7c095c8f8eeaa016333715fc283ea03fb6a17abd6b4a19eef43a44b5311e05568cf32da48f
-  data.tar.gz: 23da99e5ac381823b3703415c8096c7b45a9b35fc8ee25cec06106ddd60719e4a91585754cb1e80f6c1c605005014225623cc760d5e143e5921266935eb7acc6
+  metadata.gz: 75341ff16ac40cdb8eb1e2c44e34f27ba3a934bb3ed9a216d99540ae3519d168c52d63d6ba71d25e89cf0bd3f0d91aa9fd46791604b9f94d1cc1e00df1593750
+  data.tar.gz: 2922b722b993fef6bf874d4092a3864794185e8caa90b910e539ae7f3744eacddcba049891dbb0621c37c79c3f7da2ccebea69d69a15832267560172a20f4d64

data/app/helpers/spree/api/api_helpers.rb

@@ -85,7 +85,7 @@ module Spree
 
       @@payment_attributes = [
         :id, :source_type, :source_id, :amount, :display_amount,
-        :payment_method_id, :response_code, :state, :avs_response, :created_at,
+        :payment_method_id, :state, :avs_response, :created_at,
         :updated_at
       ]
 

data/spec/controllers/spree/api/payments_controller_spec.rb

@@ -6,7 +6,7 @@ module Spree
     let!(:order) { create(:order) }
     let!(:payment) { create(:payment, :order => order) }
     let!(:attributes) { [:id, :source_type, :source_id, :amount, :display_amount,
-                         :payment_method_id, :response_code, :state, :avs_response,
+                         :payment_method_id, :state, :avs_response,
                          :created_at, :updated_at] }
 
     let(:resource_scoping) { { :order_id => order.to_param } }
@@ -82,7 +82,7 @@ module Spree
       end
 
       context "multiple payments" do
-        before { @payment = create(:payment, :order => order, :response_code => '99999') }
+        before { @payment = create(:payment, :order => order) }
 
         it "can view all payments on an order" do
           api_get :index
@@ -95,12 +95,6 @@ module Spree
           expect(json_response['current_page']).to eq(1)
           expect(json_response['pages']).to eq(2)
         end
-
-        it 'can query the results through a paramter' do
-          api_get :index, :q => { :response_code_cont => '999' }
-          expect(json_response['count']).to eq(1)
-          expect(json_response['payments'].first['response_code']).to eq @payment.response_code
-        end
       end
 
       context "for a given payment" do

data/spec/requests/ransackable_attributes_spec.rb

@@ -0,0 +1,79 @@
+require 'spec_helper'
+
+describe "Ransackable Attributes" do
+  let(:user) { create(:user).tap(&:generate_spree_api_key!) }
+  let(:order) { create(:order_with_line_items, user: user) }
+  context "filtering by attributes one association away" do
+    it "does not allow the filtering of variants by order attributes" do
+      2.times { create(:variant) }
+
+      get "/api/variants?q[orders_email_start]=#{order.email}", token: user.spree_api_key
+
+      variants_response = JSON.parse(response.body)
+      expect(variants_response['total_count']).to eq(Spree::Variant.count)
+    end
+  end
+
+  context "filtering by attributes two associations away" do
+    it "does not allow the filtering of variants by user attributes" do
+      2.times { create(:variant) }
+
+      get "/api/variants?q[orders_user_email_start]=#{order.user.email}", token: user.spree_api_key
+
+      variants_response = JSON.parse(response.body)
+      expect(variants_response['total_count']).to eq(Spree::Variant.count)
+    end
+  end
+
+  context "it maintains desired association behavior" do
+    it "allows filtering of variants product name" do
+      product = create(:product, name: "Fritos")
+      variant = create(:variant, product: product)
+      other_variant = create(:variant)
+
+      get "/api/variants?q[product_name_or_sku_cont]=fritos", token: user.spree_api_key
+
+      skus = JSON.parse(response.body)['variants'].map { |variant| variant['sku'] }
+      expect(skus).to include variant.sku
+      expect(skus).not_to include other_variant.sku
+    end
+  end
+
+  context "filtering by attributes" do
+    it "most attributes are not filterable by default" do
+      product = create(:product, description: "special product")
+      other_product = create(:product)
+
+      get "/api/products?q[description_cont]=special", token: user.spree_api_key
+
+      products_response = JSON.parse(response.body)
+      expect(products_response['total_count']).to eq(Spree::Product.count)
+    end
+
+    it "id is filterable by default" do
+      product = create(:product)
+      other_product = create(:product)
+
+      get "/api/products?q[id_eq]=#{product.id}", token: user.spree_api_key
+
+      product_names = JSON.parse(response.body)['products'].map { |product| product['name'] }
+      expect(product_names).to include product.name
+      expect(product_names).not_to include other_product.name
+    end
+  end
+
+  context "filtering by whitelisted attributes" do
+    it "filtering is supported for whitelisted attributes" do
+      product = create(:product, name: "Fritos")
+      other_product = create(:product)
+
+      get "/api/products?q[name_cont]=fritos", token: user.spree_api_key
+
+      product_names = JSON.parse(response.body)['products'].map { |product| product['name'] }
+      expect(product_names).to include product.name
+      expect(product_names).not_to include other_product.name
+    end
+  end
+
+
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spree_api
 version: !ruby/object:Gem::Version
-  version: 2.4.9
+  version: 2.4.10
 platform: ruby
 authors:
 - Ryan Bigg
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-07-28 00:00:00.000000000 Z
+date: 2015-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: spree_core
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.4.9
+        version: 2.4.10
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.4.9
+        version: 2.4.10
 - !ruby/object:Gem::Dependency
   name: rabl
   requirement: !ruby/object:Gem::Requirement
@@ -241,6 +241,7 @@ files:
 - spec/fixtures/thinking-cat.jpg
 - spec/models/spree/legacy_user_spec.rb
 - spec/requests/rabl_cache_spec.rb
+- spec/requests/ransackable_attributes_spec.rb
 - spec/shared_examples/protect_product_actions.rb
 - spec/spec_helper.rb
 - spec/support/controller_hacks.rb
@@ -306,6 +307,7 @@ test_files:
 - spec/fixtures/thinking-cat.jpg
 - spec/models/spree/legacy_user_spec.rb
 - spec/requests/rabl_cache_spec.rb
+- spec/requests/ransackable_attributes_spec.rb
 - spec/shared_examples/protect_product_actions.rb
 - spec/spec_helper.rb
 - spec/support/controller_hacks.rb