spree_api 3.7.14.1 → 4.0.0.beta
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of spree_api might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/app/controllers/spree/api/base_controller.rb +3 -3
- data/app/controllers/spree/api/v1/addresses_controller.rb +2 -2
- data/app/controllers/spree/api/v1/countries_controller.rb +2 -2
- data/app/controllers/spree/api/v1/credit_cards_controller.rb +2 -2
- data/app/controllers/spree/api/v1/images_controller.rb +3 -3
- data/app/controllers/spree/api/v1/inventory_units_controller.rb +2 -2
- data/app/controllers/spree/api/v1/option_types_controller.rb +4 -4
- data/app/controllers/spree/api/v1/option_values_controller.rb +3 -3
- data/app/controllers/spree/api/v1/payments_controller.rb +2 -2
- data/app/controllers/spree/api/v1/product_properties_controller.rb +4 -4
- data/app/controllers/spree/api/v1/properties_controller.rb +4 -4
- data/app/controllers/spree/api/v1/return_authorizations_controller.rb +4 -4
- data/app/controllers/spree/api/v1/shipments_controller.rb +3 -3
- data/app/controllers/spree/api/v1/states_controller.rb +3 -3
- data/app/controllers/spree/api/v1/stock_items_controller.rb +2 -2
- data/app/controllers/spree/api/v1/stock_locations_controller.rb +5 -4
- data/app/controllers/spree/api/v1/stock_movements_controller.rb +3 -3
- data/app/controllers/spree/api/v1/stores_controller.rb +4 -4
- data/app/controllers/spree/api/v1/taxonomies_controller.rb +3 -3
- data/app/controllers/spree/api/v1/taxons_controller.rb +5 -5
- data/app/controllers/spree/api/v1/users_controller.rb +3 -3
- data/app/controllers/spree/api/v1/variants_controller.rb +3 -3
- data/app/controllers/spree/api/v1/zones_controller.rb +3 -3
- data/app/controllers/spree/api/v2/base_controller.rb +1 -6
- data/app/controllers/spree/api/v2/storefront/account/credit_cards_controller.rb +1 -1
- data/app/controllers/spree/api/v2/storefront/countries_controller.rb +2 -1
- data/app/controllers/spree/api/v2/storefront/order_status_controller.rb +0 -6
- data/app/controllers/spree/api/v2/storefront/products_controller.rb +1 -1
- data/app/controllers/spree/api/v2/storefront/taxons_controller.rb +1 -1
- data/app/views/spree/api/errors/{gateway_error.v1.rabl → gateway_error.rabl} +0 -0
- data/app/views/spree/api/errors/{invalid_api_key.v1.rabl → invalid_api_key.rabl} +0 -0
- data/app/views/spree/api/errors/{invalid_resource.v1.rabl → invalid_resource.rabl} +0 -0
- data/app/views/spree/api/errors/{must_specify_api_key.v1.rabl → must_specify_api_key.rabl} +0 -0
- data/app/views/spree/api/errors/{not_found.v1.rabl → not_found.rabl} +0 -0
- data/app/views/spree/api/errors/{unauthorized.v1.rabl → unauthorized.rabl} +0 -0
- data/app/views/spree/api/v1/addresses/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/adjustments/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/countries/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/countries/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/credit_cards/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/credit_cards/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/customer_returns/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/images/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/images/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/images/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/line_items/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/line_items/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/option_types/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/option_types/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/option_types/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/option_values/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/option_values/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/option_values/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{address.v1.rabl → address.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{canceled.v1.rabl → canceled.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{cart.v1.rabl → cart.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{complete.v1.rabl → complete.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{could_not_apply_coupon.v1.rabl → could_not_apply_coupon.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{could_not_transition.v1.rabl → could_not_transition.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{insufficient_quantity.v1.rabl → insufficient_quantity.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{invalid_shipping_method.v1.rabl → invalid_shipping_method.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{mine.v1.rabl → mine.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{order.v1.rabl → order.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{payment.v1.rabl → payment.rabl} +0 -0
- data/app/views/spree/api/v1/orders/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/payments/{credit_over_limit.v1.rabl → credit_over_limit.rabl} +0 -0
- data/app/views/spree/api/v1/payments/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/payments/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/payments/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/payments/{update_forbidden.v1.rabl → update_forbidden.rabl} +0 -0
- data/app/views/spree/api/v1/product_properties/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/product_properties/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/product_properties/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/products/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/products/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/products/{product.v1.rabl → product.rabl} +0 -0
- data/app/views/spree/api/v1/products/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/promotions/{handler.v1.rabl → handler.rabl} +0 -0
- data/app/views/spree/api/v1/promotions/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/properties/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/properties/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/properties/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/reimbursements/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/return_authorizations/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/return_authorizations/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/return_authorizations/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/shared/{stock_location_required.v1.rabl → stock_location_required.rabl} +0 -0
- data/app/views/spree/api/v1/shipments/{big.v1.rabl → big.rabl} +0 -0
- data/app/views/spree/api/v1/shipments/{cannot_ready_shipment.v1.rabl → cannot_ready_shipment.rabl} +0 -0
- data/app/views/spree/api/v1/shipments/{mine.v1.rabl → mine.rabl} +0 -0
- data/app/views/spree/api/v1/shipments/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/shipments/{small.v1.rabl → small.rabl} +0 -0
- data/app/views/spree/api/v1/shipping_rates/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/states/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/states/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/stock_items/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/stock_items/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/stock_locations/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/stock_locations/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/stock_movements/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/stock_movements/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/stores/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/stores/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/tags/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/taxonomies/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/taxonomies/{nested.v1.rabl → nested.rabl} +0 -0
- data/app/views/spree/api/v1/taxonomies/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/taxonomies/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/taxons/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/taxons/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/taxons/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/taxons/{taxons.v1.rabl → taxons.rabl} +0 -0
- data/app/views/spree/api/v1/users/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/users/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/users/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/variants/{big.v1.rabl → big.rabl} +0 -0
- data/app/views/spree/api/v1/variants/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/variants/{new.v1.rabl → new.rabl} +0 -0
- data/app/views/spree/api/v1/variants/{show.v1.rabl → show.rabl} +0 -0
- data/app/views/spree/api/v1/variants/{small.v1.rabl → small.rabl} +0 -0
- data/app/views/spree/api/v1/zones/{index.v1.rabl → index.rabl} +0 -0
- data/app/views/spree/api/v1/zones/{show.v1.rabl → show.rabl} +0 -0
- data/config/initializers/doorkeeper.rb +12 -0
- data/config/initializers/rabl_rails6_fix.rb +16 -0
- data/config/routes.rb +0 -2
- data/docs/v2/storefront/index.yaml +36 -31
- data/lib/spree/api/engine.rb +0 -19
- data/lib/spree/api/testing_support/v2/base.rb +1 -1
- data/lib/spree_api.rb +0 -1
- data/spree_api.gemspec +2 -3
- metadata +108 -126
- data/app/controllers/spree/api/v1/tags_controller.rb +0 -28
- data/app/models/doorkeeper/access_grant_decorator.rb +0 -3
- data/app/models/doorkeeper/access_token_decorator.rb +0 -3
- data/app/models/doorkeeper/application_decorator.rb +0 -3
- data/config/initializers/metal_load_paths.rb +0 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 72f06e43e51c1833d120d602a9558aad7f5ccf2e21bfc2d98bb72a34f1dfd86d
|
|
4
|
+
data.tar.gz: a81013706d6a7e712cc183bffb7d2222bf94e07da568c943daad27e5d3fd7a59
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 93248446a291211f90371a8f6f1355193497e0bae48fa2e9c91e45273d2385d38dbbf108b0b554ac805d993e207d14056a6d0b4962fef56242b9c793755d3e05
|
|
7
|
+
data.tar.gz: 69a6cbd99a6faf0a3e4f7ae450027d99c02ddb7454400f29587d7f866540fff57e3ddb257fe7479c85d67299b06743f67af5b40f4b5ebce583e1ae2fe0476364
|
data/Gemfile
CHANGED
|
@@ -133,12 +133,12 @@ module Spree
|
|
|
133
133
|
|
|
134
134
|
def product_scope
|
|
135
135
|
if @current_user_roles.include?('admin')
|
|
136
|
-
scope = Product.with_deleted.accessible_by(current_ability, :
|
|
136
|
+
scope = Product.with_deleted.accessible_by(current_ability, :show).includes(*product_includes)
|
|
137
137
|
|
|
138
138
|
scope = scope.not_deleted unless params[:show_deleted]
|
|
139
139
|
scope = scope.not_discontinued unless params[:show_discontinued]
|
|
140
140
|
else
|
|
141
|
-
scope = Product.accessible_by(current_ability, :
|
|
141
|
+
scope = Product.accessible_by(current_ability, :show).active.includes(*product_includes)
|
|
142
142
|
end
|
|
143
143
|
|
|
144
144
|
scope
|
|
@@ -158,7 +158,7 @@ module Spree
|
|
|
158
158
|
|
|
159
159
|
def authorize_for_order
|
|
160
160
|
@order = Spree::Order.find_by(number: order_id)
|
|
161
|
-
authorize! :
|
|
161
|
+
authorize! :show, @order, order_token
|
|
162
162
|
end
|
|
163
163
|
end
|
|
164
164
|
end
|
|
@@ -5,7 +5,7 @@ module Spree
|
|
|
5
5
|
before_action :find_order
|
|
6
6
|
|
|
7
7
|
def show
|
|
8
|
-
authorize! :
|
|
8
|
+
authorize! :show, @order, order_token
|
|
9
9
|
@address = find_address
|
|
10
10
|
respond_with(@address)
|
|
11
11
|
end
|
|
@@ -14,7 +14,7 @@ module Spree
|
|
|
14
14
|
authorize! :update, @order, order_token
|
|
15
15
|
@address = find_address
|
|
16
16
|
|
|
17
|
-
if @address.
|
|
17
|
+
if @address.update(address_params)
|
|
18
18
|
respond_with(@address, default_template: :show)
|
|
19
19
|
else
|
|
20
20
|
invalid_resource!(@address)
|
|
@@ -5,7 +5,7 @@ module Spree
|
|
|
5
5
|
skip_before_action :authenticate_user
|
|
6
6
|
|
|
7
7
|
def index
|
|
8
|
-
@countries = Country.accessible_by(current_ability
|
|
8
|
+
@countries = Country.accessible_by(current_ability).ransack(params[:q]).result.
|
|
9
9
|
order('name ASC').
|
|
10
10
|
page(params[:page]).per(params[:per_page])
|
|
11
11
|
country = Country.order('updated_at ASC').last
|
|
@@ -13,7 +13,7 @@ module Spree
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def show
|
|
16
|
-
@country = Country.accessible_by(current_ability, :
|
|
16
|
+
@country = Country.accessible_by(current_ability, :show).find(params[:id])
|
|
17
17
|
respond_with(@country)
|
|
18
18
|
end
|
|
19
19
|
end
|
|
@@ -7,7 +7,7 @@ module Spree
|
|
|
7
7
|
def index
|
|
8
8
|
@credit_cards = user.
|
|
9
9
|
credit_cards.
|
|
10
|
-
accessible_by(current_ability
|
|
10
|
+
accessible_by(current_ability).
|
|
11
11
|
with_payment_profile.
|
|
12
12
|
ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
|
|
13
13
|
respond_with(@credit_cards)
|
|
@@ -17,7 +17,7 @@ module Spree
|
|
|
17
17
|
|
|
18
18
|
def user
|
|
19
19
|
if params[:user_id].present?
|
|
20
|
-
@user ||= Spree.user_class.accessible_by(current_ability, :
|
|
20
|
+
@user ||= Spree.user_class.accessible_by(current_ability, :show).find(params[:user_id])
|
|
21
21
|
end
|
|
22
22
|
end
|
|
23
23
|
end
|
|
@@ -3,12 +3,12 @@ module Spree
|
|
|
3
3
|
module V1
|
|
4
4
|
class ImagesController < Spree::Api::BaseController
|
|
5
5
|
def index
|
|
6
|
-
@images = scope.images.accessible_by(current_ability
|
|
6
|
+
@images = scope.images.accessible_by(current_ability)
|
|
7
7
|
respond_with(@images)
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
def show
|
|
11
|
-
@image = Image.accessible_by(current_ability, :
|
|
11
|
+
@image = Image.accessible_by(current_ability, :show).find(params[:id])
|
|
12
12
|
respond_with(@image)
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -26,7 +26,7 @@ module Spree
|
|
|
26
26
|
|
|
27
27
|
def update
|
|
28
28
|
@image = scope.images.accessible_by(current_ability, :update).find(params[:id])
|
|
29
|
-
if @image.
|
|
29
|
+
if @image.update(image_params)
|
|
30
30
|
respond_with(@image, default_template: :show)
|
|
31
31
|
else
|
|
32
32
|
invalid_resource!(@image)
|
|
@@ -13,7 +13,7 @@ module Spree
|
|
|
13
13
|
authorize! :update, inventory_unit.order
|
|
14
14
|
|
|
15
15
|
inventory_unit.transaction do
|
|
16
|
-
if inventory_unit.
|
|
16
|
+
if inventory_unit.update(inventory_unit_params)
|
|
17
17
|
fire
|
|
18
18
|
render :show, status: 200
|
|
19
19
|
else
|
|
@@ -25,7 +25,7 @@ module Spree
|
|
|
25
25
|
private
|
|
26
26
|
|
|
27
27
|
def inventory_unit
|
|
28
|
-
@inventory_unit ||= InventoryUnit.accessible_by(current_ability, :
|
|
28
|
+
@inventory_unit ||= InventoryUnit.accessible_by(current_ability, :show).find(params[:id])
|
|
29
29
|
end
|
|
30
30
|
|
|
31
31
|
def prepare_event
|
|
@@ -6,19 +6,19 @@ module Spree
|
|
|
6
6
|
@option_types = if params[:ids]
|
|
7
7
|
Spree::OptionType.
|
|
8
8
|
includes(:option_values).
|
|
9
|
-
accessible_by(current_ability
|
|
9
|
+
accessible_by(current_ability).
|
|
10
10
|
where(id: params[:ids].split(','))
|
|
11
11
|
else
|
|
12
12
|
Spree::OptionType.
|
|
13
13
|
includes(:option_values).
|
|
14
|
-
accessible_by(current_ability
|
|
14
|
+
accessible_by(current_ability).
|
|
15
15
|
load.ransack(params[:q]).result
|
|
16
16
|
end
|
|
17
17
|
respond_with(@option_types)
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def show
|
|
21
|
-
@option_type = Spree::OptionType.accessible_by(current_ability, :
|
|
21
|
+
@option_type = Spree::OptionType.accessible_by(current_ability, :show).find(params[:id])
|
|
22
22
|
respond_with(@option_type)
|
|
23
23
|
end
|
|
24
24
|
|
|
@@ -36,7 +36,7 @@ module Spree
|
|
|
36
36
|
|
|
37
37
|
def update
|
|
38
38
|
@option_type = Spree::OptionType.accessible_by(current_ability, :update).find(params[:id])
|
|
39
|
-
if @option_type.
|
|
39
|
+
if @option_type.update(option_type_params)
|
|
40
40
|
render :show
|
|
41
41
|
else
|
|
42
42
|
invalid_resource!(@option_type)
|
|
@@ -30,7 +30,7 @@ module Spree
|
|
|
30
30
|
|
|
31
31
|
def update
|
|
32
32
|
@option_value = scope.accessible_by(current_ability, :update).find(params[:id])
|
|
33
|
-
if @option_value.
|
|
33
|
+
if @option_value.update(option_value_params)
|
|
34
34
|
render :show
|
|
35
35
|
else
|
|
36
36
|
invalid_resource!(@option_value)
|
|
@@ -47,9 +47,9 @@ module Spree
|
|
|
47
47
|
|
|
48
48
|
def scope
|
|
49
49
|
@scope ||= if params[:option_type_id]
|
|
50
|
-
Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability, :
|
|
50
|
+
Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability, :show)
|
|
51
51
|
else
|
|
52
|
-
Spree::OptionValue.accessible_by(current_ability, :
|
|
52
|
+
Spree::OptionValue.accessible_by(current_ability, :show).load
|
|
53
53
|
end
|
|
54
54
|
end
|
|
55
55
|
|
|
@@ -29,7 +29,7 @@ module Spree
|
|
|
29
29
|
authorize! params[:action], @payment
|
|
30
30
|
if !@payment.editable?
|
|
31
31
|
render 'update_forbidden', status: 403
|
|
32
|
-
elsif @payment.
|
|
32
|
+
elsif @payment.update(payment_params)
|
|
33
33
|
respond_with(@payment, default_template: :show)
|
|
34
34
|
else
|
|
35
35
|
invalid_resource!(@payment)
|
|
@@ -60,7 +60,7 @@ module Spree
|
|
|
60
60
|
|
|
61
61
|
def find_order
|
|
62
62
|
@order = Spree::Order.find_by!(number: order_id)
|
|
63
|
-
authorize! :
|
|
63
|
+
authorize! :show, @order, order_token
|
|
64
64
|
end
|
|
65
65
|
|
|
66
66
|
def find_payment
|
|
@@ -6,7 +6,7 @@ module Spree
|
|
|
6
6
|
before_action :product_property, only: [:show, :update, :destroy]
|
|
7
7
|
|
|
8
8
|
def index
|
|
9
|
-
@product_properties = @product.product_properties.accessible_by(current_ability
|
|
9
|
+
@product_properties = @product.product_properties.accessible_by(current_ability).
|
|
10
10
|
ransack(params[:q]).result.
|
|
11
11
|
page(params[:page]).per(params[:per_page])
|
|
12
12
|
respond_with(@product_properties)
|
|
@@ -31,7 +31,7 @@ module Spree
|
|
|
31
31
|
def update
|
|
32
32
|
authorize! :update, @product_property
|
|
33
33
|
|
|
34
|
-
if @product_property.
|
|
34
|
+
if @product_property.update(product_property_params)
|
|
35
35
|
respond_with(@product_property, status: 200, default_template: :show)
|
|
36
36
|
else
|
|
37
37
|
invalid_resource!(@product_property)
|
|
@@ -51,7 +51,7 @@ module Spree
|
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
def authorize_product!
|
|
54
|
-
authorize! :
|
|
54
|
+
authorize! :show, @product
|
|
55
55
|
end
|
|
56
56
|
|
|
57
57
|
def product_property
|
|
@@ -60,7 +60,7 @@ module Spree
|
|
|
60
60
|
@product_property ||= @product.product_properties.includes(:property).where(spree_properties: { name: params[:id] }).first
|
|
61
61
|
raise ActiveRecord::RecordNotFound unless @product_property
|
|
62
62
|
|
|
63
|
-
authorize! :
|
|
63
|
+
authorize! :show, @product_property
|
|
64
64
|
end
|
|
65
65
|
end
|
|
66
66
|
|
|
@@ -5,7 +5,7 @@ module Spree
|
|
|
5
5
|
before_action :find_property, only: [:show, :update, :destroy]
|
|
6
6
|
|
|
7
7
|
def index
|
|
8
|
-
@properties = Spree::Property.accessible_by(current_ability
|
|
8
|
+
@properties = Spree::Property.accessible_by(current_ability)
|
|
9
9
|
|
|
10
10
|
@properties = if params[:ids]
|
|
11
11
|
@properties.where(id: params[:ids].split(',').flatten)
|
|
@@ -36,7 +36,7 @@ module Spree
|
|
|
36
36
|
def update
|
|
37
37
|
if @property
|
|
38
38
|
authorize! :update, @property
|
|
39
|
-
@property.
|
|
39
|
+
@property.update(property_params)
|
|
40
40
|
respond_with(@property, status: 200, default_template: :show)
|
|
41
41
|
else
|
|
42
42
|
invalid_resource!(@property)
|
|
@@ -56,9 +56,9 @@ module Spree
|
|
|
56
56
|
private
|
|
57
57
|
|
|
58
58
|
def find_property
|
|
59
|
-
@property = Spree::Property.accessible_by(current_ability, :
|
|
59
|
+
@property = Spree::Property.accessible_by(current_ability, :show).find(params[:id])
|
|
60
60
|
rescue ActiveRecord::RecordNotFound
|
|
61
|
-
@property = Spree::Property.accessible_by(current_ability, :
|
|
61
|
+
@property = Spree::Property.accessible_by(current_ability, :show).find_by!(name: params[:id])
|
|
62
62
|
end
|
|
63
63
|
|
|
64
64
|
def property_params
|
|
@@ -20,7 +20,7 @@ module Spree
|
|
|
20
20
|
|
|
21
21
|
def index
|
|
22
22
|
authorize! :admin, ReturnAuthorization
|
|
23
|
-
@return_authorizations = order.return_authorizations.accessible_by(current_ability
|
|
23
|
+
@return_authorizations = order.return_authorizations.accessible_by(current_ability).
|
|
24
24
|
ransack(params[:q]).result.
|
|
25
25
|
page(params[:page]).per(params[:per_page])
|
|
26
26
|
respond_with(@return_authorizations)
|
|
@@ -32,13 +32,13 @@ module Spree
|
|
|
32
32
|
|
|
33
33
|
def show
|
|
34
34
|
authorize! :admin, ReturnAuthorization
|
|
35
|
-
@return_authorization = order.return_authorizations.accessible_by(current_ability, :
|
|
35
|
+
@return_authorization = order.return_authorizations.accessible_by(current_ability, :show).find(params[:id])
|
|
36
36
|
respond_with(@return_authorization)
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
def update
|
|
40
40
|
@return_authorization = order.return_authorizations.accessible_by(current_ability, :update).find(params[:id])
|
|
41
|
-
if @return_authorization.
|
|
41
|
+
if @return_authorization.update(return_authorization_params)
|
|
42
42
|
respond_with(@return_authorization, default_template: :show)
|
|
43
43
|
else
|
|
44
44
|
invalid_resource!(@return_authorization)
|
|
@@ -58,7 +58,7 @@ module Spree
|
|
|
58
58
|
|
|
59
59
|
def order
|
|
60
60
|
@order ||= Spree::Order.find_by!(number: order_id)
|
|
61
|
-
authorize! :
|
|
61
|
+
authorize! :show, @order
|
|
62
62
|
end
|
|
63
63
|
|
|
64
64
|
def return_authorization_params
|
|
@@ -20,7 +20,7 @@ module Spree
|
|
|
20
20
|
|
|
21
21
|
def create
|
|
22
22
|
@order = Spree::Order.find_by!(number: params.fetch(:shipment).fetch(:order_id))
|
|
23
|
-
authorize! :
|
|
23
|
+
authorize! :show, @order
|
|
24
24
|
authorize! :create, Shipment
|
|
25
25
|
quantity = params[:quantity].to_i
|
|
26
26
|
@shipment = @order.shipments.create(stock_location_id: params.fetch(:stock_location_id))
|
|
@@ -126,13 +126,13 @@ module Spree
|
|
|
126
126
|
@original_shipment = Spree::Shipment.find_by!(number: params[:original_shipment_number])
|
|
127
127
|
@variant = Spree::Variant.find(params[:variant_id])
|
|
128
128
|
@quantity = params[:quantity].to_i
|
|
129
|
-
authorize! :
|
|
129
|
+
authorize! :show, @original_shipment
|
|
130
130
|
authorize! :create, Shipment
|
|
131
131
|
end
|
|
132
132
|
|
|
133
133
|
def find_and_update_shipment
|
|
134
134
|
@shipment = Spree::Shipment.accessible_by(current_ability, :update).readonly(false).find_by!(number: params[:id])
|
|
135
|
-
@shipment.
|
|
135
|
+
@shipment.update(shipment_params)
|
|
136
136
|
@shipment.reload
|
|
137
137
|
end
|
|
138
138
|
|
|
@@ -24,10 +24,10 @@ module Spree
|
|
|
24
24
|
|
|
25
25
|
def scope
|
|
26
26
|
if params[:country_id]
|
|
27
|
-
@country = Country.accessible_by(current_ability, :
|
|
28
|
-
@country.states.accessible_by(current_ability
|
|
27
|
+
@country = Country.accessible_by(current_ability, :show).find(params[:country_id])
|
|
28
|
+
@country.states.accessible_by(current_ability).order('name ASC')
|
|
29
29
|
else
|
|
30
|
-
State.accessible_by(current_ability
|
|
30
|
+
State.accessible_by(current_ability).order('name ASC')
|
|
31
31
|
end
|
|
32
32
|
end
|
|
33
33
|
end
|
|
@@ -65,12 +65,12 @@ module Spree
|
|
|
65
65
|
|
|
66
66
|
def stock_location
|
|
67
67
|
render 'spree/api/v1/shared/stock_location_required', status: 422 and return unless params[:stock_location_id]
|
|
68
|
-
@stock_location ||= StockLocation.accessible_by(current_ability, :
|
|
68
|
+
@stock_location ||= StockLocation.accessible_by(current_ability, :show).find(params[:stock_location_id])
|
|
69
69
|
end
|
|
70
70
|
|
|
71
71
|
def scope
|
|
72
72
|
includes = { variant: [{ option_values: :option_type }, :product] }
|
|
73
|
-
@stock_location.stock_items.accessible_by(current_ability, :
|
|
73
|
+
@stock_location.stock_items.accessible_by(current_ability, :show).includes(includes)
|
|
74
74
|
end
|
|
75
75
|
|
|
76
76
|
def stock_item_params
|
|
@@ -3,8 +3,9 @@ module Spree
|
|
|
3
3
|
module V1
|
|
4
4
|
class StockLocationsController < Spree::Api::BaseController
|
|
5
5
|
def index
|
|
6
|
-
authorize! :
|
|
7
|
-
@stock_locations = StockLocation.accessible_by(current_ability
|
|
6
|
+
authorize! :index, StockLocation
|
|
7
|
+
@stock_locations = StockLocation.accessible_by(current_ability).order('name ASC').
|
|
8
|
+
ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
|
|
8
9
|
respond_with(@stock_locations)
|
|
9
10
|
end
|
|
10
11
|
|
|
@@ -24,7 +25,7 @@ module Spree
|
|
|
24
25
|
|
|
25
26
|
def update
|
|
26
27
|
authorize! :update, stock_location
|
|
27
|
-
if stock_location.
|
|
28
|
+
if stock_location.update(stock_location_params)
|
|
28
29
|
respond_with(stock_location, status: 200, default_template: :show)
|
|
29
30
|
else
|
|
30
31
|
invalid_resource!(stock_location)
|
|
@@ -40,7 +41,7 @@ module Spree
|
|
|
40
41
|
private
|
|
41
42
|
|
|
42
43
|
def stock_location
|
|
43
|
-
@stock_location ||= StockLocation.accessible_by(current_ability, :
|
|
44
|
+
@stock_location ||= StockLocation.accessible_by(current_ability, :show).find(params[:id])
|
|
44
45
|
end
|
|
45
46
|
|
|
46
47
|
def stock_location_params
|
|
@@ -5,7 +5,7 @@ module Spree
|
|
|
5
5
|
before_action :stock_location, except: [:update, :destroy]
|
|
6
6
|
|
|
7
7
|
def index
|
|
8
|
-
authorize! :
|
|
8
|
+
authorize! :index, StockMovement
|
|
9
9
|
@stock_movements = scope.ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
|
|
10
10
|
respond_with(@stock_movements)
|
|
11
11
|
end
|
|
@@ -29,11 +29,11 @@ module Spree
|
|
|
29
29
|
|
|
30
30
|
def stock_location
|
|
31
31
|
render 'spree/api/v1/shared/stock_location_required', status: 422 and return unless params[:stock_location_id]
|
|
32
|
-
@stock_location ||= StockLocation.accessible_by(current_ability, :
|
|
32
|
+
@stock_location ||= StockLocation.accessible_by(current_ability, :show).find(params[:stock_location_id])
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def scope
|
|
36
|
-
@stock_location.stock_movements.accessible_by(current_ability, :
|
|
36
|
+
@stock_location.stock_movements.accessible_by(current_ability, :show)
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
def stock_movement_params
|
|
@@ -5,8 +5,8 @@ module Spree
|
|
|
5
5
|
before_action :get_store, except: [:index, :create]
|
|
6
6
|
|
|
7
7
|
def index
|
|
8
|
-
authorize! :
|
|
9
|
-
@stores = Store.accessible_by(current_ability
|
|
8
|
+
authorize! :index, Store
|
|
9
|
+
@stores = Store.accessible_by(current_ability).all
|
|
10
10
|
respond_with(@stores)
|
|
11
11
|
end
|
|
12
12
|
|
|
@@ -23,7 +23,7 @@ module Spree
|
|
|
23
23
|
|
|
24
24
|
def update
|
|
25
25
|
authorize! :update, @store
|
|
26
|
-
if @store.
|
|
26
|
+
if @store.update(store_params)
|
|
27
27
|
respond_with(@store, status: 200, default_template: :show)
|
|
28
28
|
else
|
|
29
29
|
invalid_resource!(@store)
|
|
@@ -31,7 +31,7 @@ module Spree
|
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def show
|
|
34
|
-
authorize! :
|
|
34
|
+
authorize! :show, @store
|
|
35
35
|
respond_with(@store)
|
|
36
36
|
end
|
|
37
37
|
|
|
@@ -29,7 +29,7 @@ module Spree
|
|
|
29
29
|
|
|
30
30
|
def update
|
|
31
31
|
authorize! :update, taxonomy
|
|
32
|
-
if taxonomy.
|
|
32
|
+
if taxonomy.update(taxonomy_params)
|
|
33
33
|
respond_with(taxonomy, status: 200, default_template: :show)
|
|
34
34
|
else
|
|
35
35
|
invalid_resource!(taxonomy)
|
|
@@ -45,13 +45,13 @@ module Spree
|
|
|
45
45
|
private
|
|
46
46
|
|
|
47
47
|
def taxonomies
|
|
48
|
-
@taxonomies = Taxonomy.accessible_by(current_ability
|
|
48
|
+
@taxonomies = Taxonomy.accessible_by(current_ability).order('name').includes(root: :children).
|
|
49
49
|
ransack(params[:q]).result.
|
|
50
50
|
page(params[:page]).per(params[:per_page])
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
def taxonomy
|
|
54
|
-
@taxonomy ||= Taxonomy.accessible_by(current_ability, :
|
|
54
|
+
@taxonomy ||= Taxonomy.accessible_by(current_ability, :show).find(params[:id])
|
|
55
55
|
end
|
|
56
56
|
|
|
57
57
|
def taxonomy_params
|
|
@@ -6,9 +6,9 @@ module Spree
|
|
|
6
6
|
@taxons = if taxonomy
|
|
7
7
|
taxonomy.root.children
|
|
8
8
|
elsif params[:ids]
|
|
9
|
-
Spree::Taxon.includes(:children).accessible_by(current_ability
|
|
9
|
+
Spree::Taxon.includes(:children).accessible_by(current_ability).where(id: params[:ids].split(','))
|
|
10
10
|
else
|
|
11
|
-
Spree::Taxon.includes(:children).accessible_by(current_ability
|
|
11
|
+
Spree::Taxon.includes(:children).accessible_by(current_ability).order(:taxonomy_id, :lft)
|
|
12
12
|
end
|
|
13
13
|
@taxons = @taxons.ransack(params[:q]).result
|
|
14
14
|
@taxons = @taxons.page(params[:page]).per(params[:per_page])
|
|
@@ -48,7 +48,7 @@ module Spree
|
|
|
48
48
|
|
|
49
49
|
def update
|
|
50
50
|
authorize! :update, taxon
|
|
51
|
-
if taxon.
|
|
51
|
+
if taxon.update(taxon_params)
|
|
52
52
|
respond_with(taxon, status: 200, default_template: :show)
|
|
53
53
|
else
|
|
54
54
|
invalid_resource!(taxon)
|
|
@@ -74,12 +74,12 @@ module Spree
|
|
|
74
74
|
|
|
75
75
|
def taxonomy
|
|
76
76
|
if params[:taxonomy_id].present?
|
|
77
|
-
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :
|
|
77
|
+
@taxonomy ||= Spree::Taxonomy.accessible_by(current_ability, :show).find(params[:taxonomy_id])
|
|
78
78
|
end
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
def taxon
|
|
82
|
-
@taxon ||= taxonomy.taxons.accessible_by(current_ability, :
|
|
82
|
+
@taxon ||= taxonomy.taxons.accessible_by(current_ability, :show).find(params[:id])
|
|
83
83
|
end
|
|
84
84
|
|
|
85
85
|
def taxon_params
|
|
@@ -5,7 +5,7 @@ module Spree
|
|
|
5
5
|
rescue_from Spree::Core::DestroyWithOrdersError, with: :error_during_processing
|
|
6
6
|
|
|
7
7
|
def index
|
|
8
|
-
@users = Spree.user_class.accessible_by(current_ability, :
|
|
8
|
+
@users = Spree.user_class.accessible_by(current_ability, :show)
|
|
9
9
|
|
|
10
10
|
@users = if params[:ids]
|
|
11
11
|
@users.ransack(id_in: params[:ids].split(','))
|
|
@@ -37,7 +37,7 @@ module Spree
|
|
|
37
37
|
|
|
38
38
|
def update
|
|
39
39
|
authorize! :update, user
|
|
40
|
-
if user.
|
|
40
|
+
if user.update(user_params)
|
|
41
41
|
respond_with(user, status: 200, default_template: :show)
|
|
42
42
|
else
|
|
43
43
|
invalid_resource!(user)
|
|
@@ -53,7 +53,7 @@ module Spree
|
|
|
53
53
|
private
|
|
54
54
|
|
|
55
55
|
def user
|
|
56
|
-
@user ||= Spree.user_class.accessible_by(current_ability, :
|
|
56
|
+
@user ||= Spree.user_class.accessible_by(current_ability, :show).find(params[:id])
|
|
57
57
|
end
|
|
58
58
|
|
|
59
59
|
def user_params
|
|
@@ -38,7 +38,7 @@ module Spree
|
|
|
38
38
|
|
|
39
39
|
def update
|
|
40
40
|
@variant = scope.accessible_by(current_ability, :update).find(params[:id])
|
|
41
|
-
if @variant.
|
|
41
|
+
if @variant.update(variant_params)
|
|
42
42
|
respond_with(@variant, status: 200, default_template: :show)
|
|
43
43
|
else
|
|
44
44
|
invalid_resource!(@product)
|
|
@@ -49,7 +49,7 @@ module Spree
|
|
|
49
49
|
|
|
50
50
|
def product
|
|
51
51
|
if params[:product_id]
|
|
52
|
-
@product ||= Spree::Product.accessible_by(current_ability, :
|
|
52
|
+
@product ||= Spree::Product.accessible_by(current_ability, :show).
|
|
53
53
|
friendly.find(params[:product_id])
|
|
54
54
|
end
|
|
55
55
|
end
|
|
@@ -65,7 +65,7 @@ module Spree
|
|
|
65
65
|
variants = variants.with_deleted
|
|
66
66
|
end
|
|
67
67
|
|
|
68
|
-
variants.eligible.accessible_by(current_ability
|
|
68
|
+
variants.eligible.accessible_by(current_ability)
|
|
69
69
|
end
|
|
70
70
|
|
|
71
71
|
def variant_params
|
|
@@ -19,7 +19,7 @@ module Spree
|
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def index
|
|
22
|
-
@zones = Zone.accessible_by(current_ability
|
|
22
|
+
@zones = Zone.accessible_by(current_ability).order('name ASC').ransack(params[:q]).result.page(params[:page]).per(params[:per_page])
|
|
23
23
|
respond_with(@zones)
|
|
24
24
|
end
|
|
25
25
|
|
|
@@ -29,7 +29,7 @@ module Spree
|
|
|
29
29
|
|
|
30
30
|
def update
|
|
31
31
|
authorize! :update, zone
|
|
32
|
-
if zone.
|
|
32
|
+
if zone.update(zone_params)
|
|
33
33
|
respond_with(zone, status: 200, default_template: :show)
|
|
34
34
|
else
|
|
35
35
|
invalid_resource!(zone)
|
|
@@ -47,7 +47,7 @@ module Spree
|
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
def zone
|
|
50
|
-
@zone ||= Spree::Zone.accessible_by(current_ability, :
|
|
50
|
+
@zone ||= Spree::Zone.accessible_by(current_ability, :show).find(params[:id])
|
|
51
51
|
end
|
|
52
52
|
end
|
|
53
53
|
end
|
|
@@ -55,12 +55,7 @@ module Spree
|
|
|
55
55
|
end
|
|
56
56
|
|
|
57
57
|
def spree_current_user
|
|
58
|
-
|
|
59
|
-
return @spree_current_user if @spree_current_user
|
|
60
|
-
|
|
61
|
-
doorkeeper_authorize!
|
|
62
|
-
|
|
63
|
-
@spree_current_user ||= Spree.user_class.find_by(id: doorkeeper_token.resource_owner_id)
|
|
58
|
+
@spree_current_user ||= Spree.user_class.find_by(id: doorkeeper_token.resource_owner_id) if doorkeeper_token
|
|
64
59
|
end
|
|
65
60
|
|
|
66
61
|
def spree_authorize!(action, subject, *args)
|
|
@@ -36,6 +36,7 @@ module Spree
|
|
|
36
36
|
return scope.default if params[:iso] == 'default'
|
|
37
37
|
|
|
38
38
|
scope.find_by(iso: params[:iso]&.upcase) ||
|
|
39
|
+
scope.find_by(id: params[:iso]&.upcase) ||
|
|
39
40
|
scope.find_by(iso3: params[:iso]&.upcase)
|
|
40
41
|
end
|
|
41
42
|
|
|
@@ -52,7 +53,7 @@ module Spree
|
|
|
52
53
|
end
|
|
53
54
|
|
|
54
55
|
def scope
|
|
55
|
-
Spree::Country.accessible_by(current_ability, :
|
|
56
|
+
Spree::Country.accessible_by(current_ability, :show)
|
|
56
57
|
end
|
|
57
58
|
end
|
|
58
59
|
end
|