spree_api 2.4.10 → 3.0.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/LICENSE +1 -2
- data/app/controllers/spree/api/base_controller.rb +9 -3
- data/app/controllers/spree/api/checkouts_controller.rb +4 -4
- data/app/controllers/spree/api/countries_controller.rb +3 -3
- data/app/controllers/spree/api/images_controller.rb +2 -2
- data/app/controllers/spree/api/inventory_units_controller.rb +1 -1
- data/app/controllers/spree/api/option_values_controller.rb +1 -1
- data/app/controllers/spree/api/orders_controller.rb +6 -14
- data/app/controllers/spree/api/payments_controller.rb +5 -5
- data/app/controllers/spree/api/product_properties_controller.rb +1 -1
- data/app/controllers/spree/api/products_controller.rb +5 -5
- data/app/controllers/spree/api/properties_controller.rb +2 -2
- data/app/controllers/spree/api/return_authorizations_controller.rb +4 -4
- data/app/controllers/spree/api/shipments_controller.rb +4 -4
- data/app/controllers/spree/api/states_controller.rb +2 -2
- data/app/controllers/spree/api/stock_items_controller.rb +4 -4
- data/app/controllers/spree/api/stock_locations_controller.rb +5 -5
- data/app/controllers/spree/api/stock_movements_controller.rb +3 -3
- data/app/controllers/spree/api/stores_controller.rb +5 -5
- data/app/controllers/spree/api/taxonomies_controller.rb +4 -4
- data/app/controllers/spree/api/taxons_controller.rb +3 -3
- data/app/controllers/spree/api/users_controller.rb +3 -3
- data/app/controllers/spree/api/variants_controller.rb +3 -3
- data/app/controllers/spree/api/zones_controller.rb +7 -4
- data/app/helpers/spree/api/api_helpers.rb +1 -1
- data/app/views/spree/api/config/money.v1.rabl +0 -4
- data/app/views/spree/api/orders/payment.v1.rabl +1 -1
- data/app/views/spree/api/orders/show.v1.rabl +5 -1
- data/app/views/spree/api/products/show.v1.rabl +1 -0
- data/app/views/spree/api/taxonomies/show.v1.rabl +2 -2
- data/app/views/spree/api/variants/big.v1.rabl +6 -0
- data/app/views/spree/api/variants/small.v1.rabl +0 -1
- data/config/routes.rb +5 -1
- data/lib/spree/api/responders/rabl_template.rb +3 -4
- data/lib/spree/api/testing_support/helpers.rb +1 -1
- data/spec/controllers/spree/api/base_controller_spec.rb +16 -2
- data/spec/controllers/spree/api/config_controller_spec.rb +1 -5
- data/spec/controllers/spree/api/line_items_controller_spec.rb +3 -4
- data/spec/controllers/spree/api/orders_controller_spec.rb +1 -28
- data/spec/controllers/spree/api/payments_controller_spec.rb +21 -26
- data/spec/controllers/spree/api/product_properties_controller_spec.rb +1 -1
- data/spec/controllers/spree/api/products_controller_spec.rb +54 -7
- data/spec/controllers/spree/api/return_authorizations_controller_spec.rb +2 -2
- data/spec/controllers/spree/api/stock_items_controller_spec.rb +4 -2
- data/spec/controllers/spree/api/stock_movements_controller_spec.rb +0 -6
- data/spec/controllers/spree/api/users_controller_spec.rb +17 -17
- data/spec/controllers/spree/api/variants_controller_spec.rb +2 -5
- data/spec/controllers/spree/api/zones_controller_spec.rb +26 -0
- data/spec/spec_helper.rb +3 -4
- data/spec/support/controller_hacks.rb +7 -5
- data/spree_api.gemspec +2 -1
- metadata +9 -10
- data/spec/requests/ransackable_attributes_spec.rb +0 -79
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 918a64814abd45ead2005fbface150d6703b4038
|
|
4
|
+
data.tar.gz: b51dc9c832ad061af1e1b7d54095df7ad9648471
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c2bcc152d0e4d1db8f0c60c706d53c35192c5875ddef8d4c5dbb24ee1b35fbe6a4a0b0943d4addb35f71c2d46df492705ff61f1c60fe943f3e20681b4dcfa4b5
|
|
7
|
+
data.tar.gz: e2385d91a7c65706135ea244d3920fa0ede5a6f60204a5f9e1072a2468f756ef6f4ca841e959a040aa222afd57029a27bd01f06d1a6a0969b3c92dd76a7508aa
|
data/LICENSE
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
Copyright (c) 2007-
|
|
1
|
+
Copyright (c) 2007-2015, Spree Commerce, Inc. and other contributors
|
|
2
2
|
All rights reserved.
|
|
3
3
|
|
|
4
4
|
Redistribution and use in source and binary forms, with or without modification,
|
|
@@ -24,4 +24,3 @@ PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
|
|
24
24
|
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
|
25
25
|
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
26
26
|
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
27
|
-
|
|
@@ -4,7 +4,6 @@ module Spree
|
|
|
4
4
|
module Api
|
|
5
5
|
class BaseController < ActionController::Base
|
|
6
6
|
include Spree::Api::ControllerSetup
|
|
7
|
-
include Spree::Core::ControllerHelpers::SSL
|
|
8
7
|
include Spree::Core::ControllerHelpers::Store
|
|
9
8
|
include Spree::Core::ControllerHelpers::StrongParameters
|
|
10
9
|
|
|
@@ -18,6 +17,8 @@ module Spree
|
|
|
18
17
|
before_action :authenticate_user
|
|
19
18
|
before_action :load_user_roles
|
|
20
19
|
|
|
20
|
+
after_filter :set_jsonp_format
|
|
21
|
+
|
|
21
22
|
rescue_from Exception, with: :error_during_processing
|
|
22
23
|
rescue_from ActiveRecord::RecordNotFound, with: :not_found
|
|
23
24
|
rescue_from CanCan::AccessDenied, with: :unauthorized
|
|
@@ -25,7 +26,12 @@ module Spree
|
|
|
25
26
|
|
|
26
27
|
helper Spree::Api::ApiHelpers
|
|
27
28
|
|
|
28
|
-
|
|
29
|
+
def set_jsonp_format
|
|
30
|
+
if params[:callback] && request.get?
|
|
31
|
+
self.response_body = "#{params[:callback]}(#{response.body})"
|
|
32
|
+
headers["Content-Type"] = 'application/javascript'
|
|
33
|
+
end
|
|
34
|
+
end
|
|
29
35
|
|
|
30
36
|
def map_nested_attributes_keys(klass, attributes)
|
|
31
37
|
nested_keys = klass.nested_attributes_options.keys
|
|
@@ -58,7 +64,7 @@ module Spree
|
|
|
58
64
|
end
|
|
59
65
|
|
|
60
66
|
def load_user
|
|
61
|
-
@current_api_user = Spree.user_class.find_by(spree_api_key: api_key.to_s)
|
|
67
|
+
@current_api_user = (try_spree_current_user || Spree.user_class.find_by(spree_api_key: api_key.to_s))
|
|
62
68
|
end
|
|
63
69
|
|
|
64
70
|
def authenticate_user
|
|
@@ -13,7 +13,7 @@ module Spree
|
|
|
13
13
|
authorize! :update, @order, order_token
|
|
14
14
|
@order.next!
|
|
15
15
|
respond_with(@order, default_template: 'spree/api/orders/show', status: 200)
|
|
16
|
-
rescue
|
|
16
|
+
rescue StateMachines::InvalidTransition
|
|
17
17
|
respond_with(@order, default_template: 'spree/api/orders/could_not_transition', status: 422)
|
|
18
18
|
end
|
|
19
19
|
|
|
@@ -35,7 +35,7 @@ module Spree
|
|
|
35
35
|
|
|
36
36
|
return if after_update_attributes
|
|
37
37
|
|
|
38
|
-
if @order.
|
|
38
|
+
if @order.next || @order.completed?
|
|
39
39
|
state_callback(:after)
|
|
40
40
|
respond_with(@order, default_template: 'spree/api/orders/show')
|
|
41
41
|
else
|
|
@@ -52,7 +52,7 @@ module Spree
|
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
def nested_params
|
|
55
|
-
map_nested_attributes_keys
|
|
55
|
+
map_nested_attributes_keys Order, params[:order] || {}
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
# Should be overriden if you have areas of your checkout that don't match
|
|
@@ -79,7 +79,7 @@ module Spree
|
|
|
79
79
|
|
|
80
80
|
def after_update_attributes
|
|
81
81
|
if nested_params && nested_params[:coupon_code].present?
|
|
82
|
-
handler =
|
|
82
|
+
handler = PromotionHandler::Coupon.new(@order).apply
|
|
83
83
|
|
|
84
84
|
if handler.error.present?
|
|
85
85
|
@coupon_message = handler.error
|
|
@@ -5,17 +5,17 @@ module Spree
|
|
|
5
5
|
skip_before_action :authenticate_user
|
|
6
6
|
|
|
7
7
|
def index
|
|
8
|
-
@countries =
|
|
8
|
+
@countries = Country.accessible_by(current_ability, :read).ransack(params[:q]).result.
|
|
9
9
|
includes(:states).order('name ASC').
|
|
10
10
|
page(params[:page]).per(params[:per_page])
|
|
11
|
-
country =
|
|
11
|
+
country = Country.order("updated_at ASC").last
|
|
12
12
|
if stale?(country)
|
|
13
13
|
respond_with(@countries)
|
|
14
14
|
end
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def show
|
|
18
|
-
@country =
|
|
18
|
+
@country = Country.accessible_by(current_ability, :read).find(params[:id])
|
|
19
19
|
respond_with(@country)
|
|
20
20
|
end
|
|
21
21
|
end
|
|
@@ -8,12 +8,12 @@ module Spree
|
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
def show
|
|
11
|
-
@image =
|
|
11
|
+
@image = Image.accessible_by(current_ability, :read).find(params[:id])
|
|
12
12
|
respond_with(@image)
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def create
|
|
16
|
-
authorize! :create,
|
|
16
|
+
authorize! :create, Image
|
|
17
17
|
@image = scope.images.create(image_params)
|
|
18
18
|
respond_with(@image, :status => 201, :default_template => :show)
|
|
19
19
|
end
|
|
@@ -24,7 +24,7 @@ module Spree
|
|
|
24
24
|
private
|
|
25
25
|
|
|
26
26
|
def inventory_unit
|
|
27
|
-
@inventory_unit ||=
|
|
27
|
+
@inventory_unit ||= InventoryUnit.accessible_by(current_ability, :read).find(params[:id])
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def prepare_event
|
|
@@ -7,7 +7,7 @@ module Spree
|
|
|
7
7
|
before_action :find_order, except: [:create, :mine, :current, :index, :update]
|
|
8
8
|
|
|
9
9
|
# Dynamically defines our stores checkout steps to ensure we check authorization on each step.
|
|
10
|
-
|
|
10
|
+
Order.checkout_steps.keys.each do |step|
|
|
11
11
|
define_method step do
|
|
12
12
|
find_order
|
|
13
13
|
authorize! :update, @order, params[:token]
|
|
@@ -21,7 +21,7 @@ module Spree
|
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
def create
|
|
24
|
-
authorize! :create,
|
|
24
|
+
authorize! :create, Order
|
|
25
25
|
order_user = if @current_user_roles.include?('admin') && order_params[:user_id]
|
|
26
26
|
Spree.user_class.find(order_params[:user_id])
|
|
27
27
|
else
|
|
@@ -46,7 +46,7 @@ module Spree
|
|
|
46
46
|
|
|
47
47
|
def index
|
|
48
48
|
authorize! :index, Order
|
|
49
|
-
@orders =
|
|
49
|
+
@orders = Order.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
|
|
50
50
|
respond_with(@orders)
|
|
51
51
|
end
|
|
52
52
|
|
|
@@ -59,15 +59,7 @@ module Spree
|
|
|
59
59
|
find_order(true)
|
|
60
60
|
authorize! :update, @order, order_token
|
|
61
61
|
|
|
62
|
-
|
|
63
|
-
# This will update the order without a checkout reset.
|
|
64
|
-
@order.update_attributes(order_params)
|
|
65
|
-
else
|
|
66
|
-
# This will reset checkout back to address and delete all shipments.
|
|
67
|
-
@order.contents.update_cart(order_params)
|
|
68
|
-
end
|
|
69
|
-
|
|
70
|
-
if result
|
|
62
|
+
if @order.contents.update_cart(order_params)
|
|
71
63
|
user_id = params[:order][:user_id]
|
|
72
64
|
if current_api_user.has_spree_role?('admin') && user_id
|
|
73
65
|
@order.associate_user!(Spree.user_class.find(user_id))
|
|
@@ -99,7 +91,7 @@ module Spree
|
|
|
99
91
|
find_order
|
|
100
92
|
authorize! :update, @order, order_token
|
|
101
93
|
@order.coupon_code = params[:coupon_code]
|
|
102
|
-
@handler =
|
|
94
|
+
@handler = PromotionHandler::Coupon.new(@order).apply
|
|
103
95
|
status = @handler.successful? ? 200 : 422
|
|
104
96
|
render "spree/api/promotions/handler", :status => status
|
|
105
97
|
end
|
|
@@ -123,7 +115,7 @@ module Spree
|
|
|
123
115
|
end
|
|
124
116
|
|
|
125
117
|
def find_order(lock = false)
|
|
126
|
-
@order = Spree::Order.lock(lock).
|
|
118
|
+
@order = Spree::Order.lock(lock).friendly.find(params[:id])
|
|
127
119
|
end
|
|
128
120
|
|
|
129
121
|
def find_current_order
|
|
@@ -12,7 +12,7 @@ module Spree
|
|
|
12
12
|
|
|
13
13
|
def new
|
|
14
14
|
@payment_methods = Spree::PaymentMethod.available
|
|
15
|
-
respond_with(@
|
|
15
|
+
respond_with(@payment_methods)
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def create
|
|
@@ -26,7 +26,7 @@ module Spree
|
|
|
26
26
|
|
|
27
27
|
def update
|
|
28
28
|
authorize! params[:action], @payment
|
|
29
|
-
if
|
|
29
|
+
if ! @payment.pending?
|
|
30
30
|
render 'update_forbidden', status: 403
|
|
31
31
|
elsif @payment.update_attributes(payment_params)
|
|
32
32
|
respond_with(@payment, default_template: :show)
|
|
@@ -58,16 +58,16 @@ module Spree
|
|
|
58
58
|
private
|
|
59
59
|
|
|
60
60
|
def find_order
|
|
61
|
-
@order = Spree::Order.
|
|
61
|
+
@order = Spree::Order.friendly.find(order_id)
|
|
62
62
|
authorize! :read, @order, order_token
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
def find_payment
|
|
66
|
-
@payment = @order.payments.find(params[:id])
|
|
66
|
+
@payment = @order.payments.friendly.find(params[:id])
|
|
67
67
|
end
|
|
68
68
|
|
|
69
69
|
def perform_payment_action(action, *args)
|
|
70
|
-
authorize! action,
|
|
70
|
+
authorize! action, Payment
|
|
71
71
|
@payment.send("#{action}!", *args)
|
|
72
72
|
respond_with(@payment, default_template: :show)
|
|
73
73
|
end
|
|
@@ -20,7 +20,7 @@ module Spree
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def create
|
|
23
|
-
authorize! :create,
|
|
23
|
+
authorize! :create, ProductProperty
|
|
24
24
|
@product_property = @product.product_properties.new(product_property_params)
|
|
25
25
|
if @product_property.save
|
|
26
26
|
respond_with(@product_property, status: 201, default_template: :show)
|
|
@@ -4,7 +4,7 @@ module Spree
|
|
|
4
4
|
|
|
5
5
|
def index
|
|
6
6
|
if params[:ids]
|
|
7
|
-
@products = product_scope.where(:
|
|
7
|
+
@products = product_scope.where(id: params[:ids].split(",").flatten)
|
|
8
8
|
else
|
|
9
9
|
@products = product_scope.ransack(params[:q]).result
|
|
10
10
|
end
|
|
@@ -57,12 +57,12 @@ module Spree
|
|
|
57
57
|
# }
|
|
58
58
|
#
|
|
59
59
|
def create
|
|
60
|
-
authorize! :create,
|
|
60
|
+
authorize! :create, Product
|
|
61
61
|
params[:product][:available_on] ||= Time.now
|
|
62
62
|
set_up_shipping_category
|
|
63
63
|
|
|
64
64
|
options = { variants_attrs: variants_params, options_attrs: option_types_params }
|
|
65
|
-
@product =
|
|
65
|
+
@product = Core::Importer::Product.new(nil, product_params, options).create
|
|
66
66
|
|
|
67
67
|
if @product.persisted?
|
|
68
68
|
respond_with(@product, :status => 201, :default_template => :show)
|
|
@@ -76,7 +76,7 @@ module Spree
|
|
|
76
76
|
authorize! :update, @product
|
|
77
77
|
|
|
78
78
|
options = { variants_attrs: variants_params, options_attrs: option_types_params }
|
|
79
|
-
@product =
|
|
79
|
+
@product = Core::Importer::Product.new(@product, product_params, options).update
|
|
80
80
|
|
|
81
81
|
if @product.errors.empty?
|
|
82
82
|
respond_with(@product.reload, :status => 200, :default_template => :show)
|
|
@@ -119,7 +119,7 @@ module Spree
|
|
|
119
119
|
|
|
120
120
|
def set_up_shipping_category
|
|
121
121
|
if shipping_category = params[:product].delete(:shipping_category)
|
|
122
|
-
id =
|
|
122
|
+
id = ShippingCategory.find_or_create_by(name: shipping_category).id
|
|
123
123
|
params[:product][:shipping_category_id] = id
|
|
124
124
|
end
|
|
125
125
|
end
|
|
@@ -8,7 +8,7 @@ module Spree
|
|
|
8
8
|
@properties = Spree::Property.accessible_by(current_ability, :read)
|
|
9
9
|
|
|
10
10
|
if params[:ids]
|
|
11
|
-
@properties = @properties.where(:
|
|
11
|
+
@properties = @properties.where(id: params[:ids].split(",").flatten)
|
|
12
12
|
else
|
|
13
13
|
@properties = @properties.ransack(params[:q]).result
|
|
14
14
|
end
|
|
@@ -25,7 +25,7 @@ module Spree
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def create
|
|
28
|
-
authorize! :create,
|
|
28
|
+
authorize! :create, Property
|
|
29
29
|
@property = Spree::Property.new(property_params)
|
|
30
30
|
if @property.save
|
|
31
31
|
respond_with(@property, status: 201, default_template: :show)
|
|
@@ -3,7 +3,7 @@ module Spree
|
|
|
3
3
|
class ReturnAuthorizationsController < Spree::Api::BaseController
|
|
4
4
|
|
|
5
5
|
def create
|
|
6
|
-
authorize! :create,
|
|
6
|
+
authorize! :create, ReturnAuthorization
|
|
7
7
|
@return_authorization = order.return_authorizations.build(return_authorization_params)
|
|
8
8
|
if @return_authorization.save
|
|
9
9
|
respond_with(@return_authorization, status: 201, default_template: :show)
|
|
@@ -19,7 +19,7 @@ module Spree
|
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def index
|
|
22
|
-
authorize! :admin,
|
|
22
|
+
authorize! :admin, ReturnAuthorization
|
|
23
23
|
@return_authorizations = order.return_authorizations.accessible_by(current_ability, :read).
|
|
24
24
|
ransack(params[:q]).result.
|
|
25
25
|
page(params[:page]).per(params[:per_page])
|
|
@@ -27,11 +27,11 @@ module Spree
|
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
def new
|
|
30
|
-
authorize! :admin,
|
|
30
|
+
authorize! :admin, ReturnAuthorization
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def show
|
|
34
|
-
authorize! :admin,
|
|
34
|
+
authorize! :admin, ReturnAuthorization
|
|
35
35
|
@return_authorization = order.return_authorizations.accessible_by(current_ability, :read).find(params[:id])
|
|
36
36
|
respond_with(@return_authorization)
|
|
37
37
|
end
|
|
@@ -32,7 +32,7 @@ module Spree
|
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
def update
|
|
35
|
-
@shipment = Spree::Shipment.accessible_by(current_ability, :update).readonly(false).
|
|
35
|
+
@shipment = Spree::Shipment.accessible_by(current_ability, :update).readonly(false).friendly.find(params[:id])
|
|
36
36
|
@shipment.update_attributes_and_order(shipment_params)
|
|
37
37
|
|
|
38
38
|
respond_with(@shipment.reload, default_template: :show)
|
|
@@ -79,7 +79,7 @@ module Spree
|
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
def transfer_to_shipment
|
|
82
|
-
@target_shipment = Spree::Shipment.
|
|
82
|
+
@target_shipment = Spree::Shipment.friendly.find(params[:target_shipment_number])
|
|
83
83
|
@original_shipment.transfer_to_shipment(@variant, @quantity, @target_shipment)
|
|
84
84
|
render json: {success: true, message: Spree.t(:shipment_transfer_success)}, status: 201
|
|
85
85
|
end
|
|
@@ -87,7 +87,7 @@ module Spree
|
|
|
87
87
|
private
|
|
88
88
|
|
|
89
89
|
def load_transfer_params
|
|
90
|
-
@original_shipment = Spree::Shipment.
|
|
90
|
+
@original_shipment = Spree::Shipment.friendly.find(params[:original_shipment_number])
|
|
91
91
|
@variant = Spree::Variant.find(params[:variant_id])
|
|
92
92
|
@quantity = params[:quantity].to_i
|
|
93
93
|
authorize! :read, @original_shipment
|
|
@@ -95,7 +95,7 @@ module Spree
|
|
|
95
95
|
end
|
|
96
96
|
|
|
97
97
|
def find_and_update_shipment
|
|
98
|
-
@shipment = Spree::Shipment.accessible_by(current_ability, :update).readonly(false).
|
|
98
|
+
@shipment = Spree::Shipment.accessible_by(current_ability, :update).readonly(false).friendly.find(params[:id])
|
|
99
99
|
@shipment.update_attributes(shipment_params)
|
|
100
100
|
@shipment.reload
|
|
101
101
|
end
|
|
@@ -27,10 +27,10 @@ module Spree
|
|
|
27
27
|
private
|
|
28
28
|
def scope
|
|
29
29
|
if params[:country_id]
|
|
30
|
-
@country =
|
|
30
|
+
@country = Country.accessible_by(current_ability, :read).find(params[:country_id])
|
|
31
31
|
return @country.states.accessible_by(current_ability, :read)
|
|
32
32
|
else
|
|
33
|
-
return
|
|
33
|
+
return State.accessible_by(current_ability, :read)
|
|
34
34
|
end
|
|
35
35
|
end
|
|
36
36
|
end
|
|
@@ -14,7 +14,7 @@ module Spree
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def create
|
|
17
|
-
authorize! :create,
|
|
17
|
+
authorize! :create, StockItem
|
|
18
18
|
|
|
19
19
|
count_on_hand = 0
|
|
20
20
|
if params[:stock_item].has_key?(:count_on_hand)
|
|
@@ -31,7 +31,7 @@ module Spree
|
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def update
|
|
34
|
-
@stock_item =
|
|
34
|
+
@stock_item = StockItem.accessible_by(current_ability, :update).find(params[:id])
|
|
35
35
|
|
|
36
36
|
count_on_hand = 0
|
|
37
37
|
if params[:stock_item].has_key?(:count_on_hand)
|
|
@@ -50,7 +50,7 @@ module Spree
|
|
|
50
50
|
end
|
|
51
51
|
|
|
52
52
|
def destroy
|
|
53
|
-
@stock_item =
|
|
53
|
+
@stock_item = StockItem.accessible_by(current_ability, :destroy).find(params[:id])
|
|
54
54
|
@stock_item.destroy
|
|
55
55
|
respond_with(@stock_item, status: 204)
|
|
56
56
|
end
|
|
@@ -59,7 +59,7 @@ module Spree
|
|
|
59
59
|
|
|
60
60
|
def stock_location
|
|
61
61
|
render 'spree/api/shared/stock_location_required', status: 422 and return unless params[:stock_location_id]
|
|
62
|
-
@stock_location ||=
|
|
62
|
+
@stock_location ||= StockLocation.accessible_by(current_ability, :read).find(params[:stock_location_id])
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
def scope
|
|
@@ -2,8 +2,8 @@ module Spree
|
|
|
2
2
|
module Api
|
|
3
3
|
class StockLocationsController < Spree::Api::BaseController
|
|
4
4
|
def index
|
|
5
|
-
authorize! :read,
|
|
6
|
-
@stock_locations =
|
|
5
|
+
authorize! :read, StockLocation
|
|
6
|
+
@stock_locations = StockLocation.accessible_by(current_ability, :read).order('name ASC').ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
|
|
7
7
|
respond_with(@stock_locations)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -12,8 +12,8 @@ module Spree
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def create
|
|
15
|
-
authorize! :create,
|
|
16
|
-
@stock_location =
|
|
15
|
+
authorize! :create, StockLocation
|
|
16
|
+
@stock_location = StockLocation.new(stock_location_params)
|
|
17
17
|
if @stock_location.save
|
|
18
18
|
respond_with(@stock_location, status: 201, default_template: :show)
|
|
19
19
|
else
|
|
@@ -39,7 +39,7 @@ module Spree
|
|
|
39
39
|
private
|
|
40
40
|
|
|
41
41
|
def stock_location
|
|
42
|
-
@stock_location ||=
|
|
42
|
+
@stock_location ||= StockLocation.accessible_by(current_ability, :read).find(params[:id])
|
|
43
43
|
end
|
|
44
44
|
|
|
45
45
|
def stock_location_params
|