spree_api_v1 4.5.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 6b29a9a688a1080a3a177a72dc79a3d9672b625845bb7d66102f4f538c80a3ef
+  data.tar.gz: 54c30ed9a71decc6747cdee76d4e433e5e7cd176b2b0e4cd3e9949b2c0f35a77
+SHA512:
+  metadata.gz: 01fc7632bbe6e33595f7b538e9a659de81796a87ce6aa6b35a9f1c1ec04d17fcd9ed2cf49515844485b42e10aeebd1848478727dfd17eb269849d3b769c31db0
+  data.tar.gz: a60545d2f100fac0029f0987435c89a38e881d5ae8014a53475edf39fea87dab83eef042f962f950e9e50a7ebb157f40aeee7af1b17b211cf47c1ec25a748259

data/.circleci/config.yml

@@ -0,0 +1,189 @@
+version: 2.1
+
+defaults: &defaults
+  environment: &environment
+    CIRCLE_TEST_REPORTS: /tmp/test-results
+    CIRCLE_ARTIFACTS: /tmp/test-artifacts
+    BUNDLE_JOBS: 4
+    BUNDLE_RETRY: 3
+    BUNDLE_PATH: ~/spree/vendor/bundle
+    RAILS_VERSION: '~> 7.0'
+  working_directory: ~/spree
+  docker:
+    - image: &ruby_2_7_image circleci/ruby:2.7-node-browsers
+    - image: &redis_image circleci/redis:6.2-alpine
+
+defaults_3_0: &defaults_3_0
+  <<: *defaults
+  docker:
+    - image: &ruby_3_0_image circleci/ruby:3.0-node-browsers
+    - image: *redis_image
+
+run_tests_2_7: &run_tests_2_7
+  <<: *defaults
+  parallelism: 2
+  steps:
+    - checkout
+    - restore_cache:
+        keys:
+          - spree-api-v1-bundle-v10-ruby-2-7-{{ .Branch }}
+          - spree-api-v1-bundle-v10-ruby-2-7
+    - run:
+        name: Install libvips
+        command: sudo apt-get install libvips
+    - run:
+        name: Set bundle path
+        command: bundle config --local path vendor/bundle
+    - run:
+        name: Ensure bundle Install
+        command: |
+          bundle check || bundle install
+    - run:
+        name: Create test app
+        command: |
+          bundle exec rake test_app
+    - run:
+        name: Run Rspec
+        command: |
+          TESTFILES=$(circleci tests glob "spec/**/*_spec.rb" | circleci tests split --split-by=timings)
+          bundle exec rspec --format documentation \
+                            --format RspecJunitFormatter \
+                            -o ~/rspec/rspec.xml \
+                            -- ${TESTFILES}
+    - store_test_results:
+        path: ~/rspec
+    - store_artifacts:
+        path: /tmp/test-artifacts
+
+run_tests_3_0: &run_tests_3_0
+  <<: *defaults_3_0
+  parallelism: 2
+  steps:
+    - checkout
+    - restore_cache:
+        keys:
+          - spree-api-v1-bundle-v10-ruby-3-0-{{ .Branch }}
+          - spree-api-v1-bundle-v10-ruby-3-0
+    - run:
+        name: Install libvips
+        command: sudo apt-get install libvips
+    - run:
+        name: Set bundle path
+        command: bundle config --local path vendor/bundle
+    - run:
+        name: Ensure bundle Install
+        command: |
+          bundle check || bundle install
+    - run:
+        name: Create test app
+        command: |
+          bundle exec rake test_app
+    - run:
+        name: Run Rspec
+        command: |
+          TESTFILES=$(circleci tests glob "spec/**/*_spec.rb" | circleci tests split --split-by=timings)
+          bundle exec rspec --format documentation \
+                            --format RspecJunitFormatter \
+                            -o ~/rspec/rspec.xml \
+                            -- ${TESTFILES}
+    - store_test_results:
+        path: ~/rspec
+    - store_artifacts:
+        path: /tmp/test-artifacts
+
+jobs:
+  bundle_ruby_2_7:
+    <<: *defaults
+    steps:
+      - checkout
+      - restore_cache:
+          keys:
+            - spree-api-v1-bundle-v10-ruby-2-7-{{ .Branch }}
+            - spree-api-v1-bundle-v10-ruby-2-7
+      - run:
+          name: Install libvips
+          command: sudo apt-get install libvips
+      - run:
+          name: Set bundle path
+          command: bundle config --local path vendor/bundle
+      - run:
+          name: Bundle Install
+          command: |
+            bundle check || bundle install
+      - save_cache:
+          paths:
+            - vendor/bundle
+          key: spree-api-v1-bundle-v10-ruby-2-7-{{ checksum "Gemfile.lock" }}
+
+  bundle_ruby_3_0:
+    <<: *defaults_3_0
+    steps:
+      - checkout
+      - restore_cache:
+          keys:
+            - spree-api-v1-bundle-v10-ruby-3-0-{{ .Branch }}
+            - spree-api-v1-bundle-v10-ruby-3-0
+      - run:
+          name: Install libvips
+          command: sudo apt-get install libvips
+      - run:
+          name: Set bundle path
+          command: bundle config --local path vendor/bundle
+      - run:
+          name: Bundle Install
+          command: |
+            bundle check || bundle install
+      - save_cache:
+          paths:
+            - vendor/bundle
+          key: spree-api-v1-bundle-v10-ruby-3-0-{{ checksum "Gemfile.lock" }}
+
+  tests_ruby_2_7_rails_7_0_postgres:
+    <<: *run_tests_2_7
+    environment: &postgres_environment
+      <<: *environment
+      DB: postgres
+      DB_HOST: localhost
+      DB_USERNAME: postgres
+    docker:
+      - image: *ruby_2_7_image
+      - image: *redis_image
+      - image: &postgres_image circleci/postgres:12-alpine
+        environment:
+          POSTGRES_USER: postgres
+
+  tests_ruby_3_0_rails_7_0_postgres:
+    <<: *run_tests_3_0
+    environment:
+      <<: *postgres_environment
+    docker:
+      - image: *ruby_3_0_image
+      - image: *postgres_image
+      - image: *redis_image
+
+  tests_ruby_2_7_rails_7_0_mysql:
+    <<: *run_tests_2_7
+    environment:
+      <<: *environment
+      DB: mysql
+      DB_HOST: 127.0.0.1
+      DB_USERNAME: root
+      COVERAGE: true
+      COVERAGE_DIR: /tmp/workspace/simplecov
+    docker:
+      - image: *ruby_2_7_image
+      - image: *redis_image
+      - image: &mysql_image circleci/mysql:8-ram
+
+workflows:
+  version: 2
+  main:
+    jobs:
+      - bundle_ruby_2_7
+      - bundle_ruby_3_0
+      - tests_ruby_3_0_rails_7_0_postgres:
+          requires:
+            - bundle_ruby_3_0
+      - tests_ruby_2_7_rails_7_0_mysql:
+          requires:
+            - bundle_ruby_2_7

data/.gitignore

@@ -0,0 +1,23 @@
+\#*
+*~
+.#*
+.DS_Store
+.idea
+.localeapp/locales
+.project
+.vscode
+coverage
+default
+Gemfile.lock
+tmp
+nbproject
+pkg
+*.sw?
+spec/dummy
+.rvmrc
+.sass-cache
+public/spree
+.ruby-version
+.ruby-gemset
+*.gem
+*/*.gem

data/.rspec

@@ -0,0 +1,3 @@
+--color
+-r spec_helper
+-f documentation

data/.rubocop.yml

@@ -0,0 +1,24 @@
+AllCops:
+  DisplayCopNames: true
+  TargetRubyVersion: 2.5
+  Include:
+    - '**/Gemfile'
+    - '**/Rakefile'
+    - '**/Appraisals'
+  Exclude:
+    - 'spec/dummy/**/*'
+    - 'lib/generators/**/*'
+
+Rails:
+  Enabled: true
+
+Metrics/LineLength:
+  Max: 150
+
+# DISABLED
+
+Style/Documentation:
+  Enabled: false
+
+Style/FrozenStringLiteralComment:
+  Enabled: false

data/CHANGELOG.md

@@ -0,0 +1,3 @@
+## [4.5.0] - 2022-08-05
+
+- Extract Spree Api V1 from Spree Api

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,22 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of fostering an open and welcoming community, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information, such as physical or electronic addresses, without explicit permission
+* Other unethical or unprofessional conduct.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. By adopting this Code of Conduct, project maintainers commit themselves to fairly and consistently applying these principles to every aspect of managing this project. Project maintainers who do not follow or enforce the Code of Conduct may be permanently removed from the project team.
+
+This code of conduct applies both within project spaces and in public spaces when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening an issue or contacting one or more of the project maintainers.
+
+This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.2.0, available at [http://contributor-covenant.org/version/1/2/0/](http://contributor-covenant.org/version/1/2/0/)

data/Gemfile

@@ -0,0 +1,59 @@
+source 'https://rubygems.org'
+
+gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw]
+
+%w[
+  actionmailer actionpack actionview activejob activemodel activerecord
+  activestorage activesupport railties
+].each do |rails_gem|
+  gem rails_gem, ENV.fetch('RAILS_VERSION', '~> 7.0.0'), require: false
+end
+
+platforms :jruby do
+  gem 'jruby-openssl'
+end
+
+platforms :ruby do
+  if ENV['DB'] == 'mysql'
+    gem 'mysql2'
+  else
+    gem 'pg', '~> 1.1'
+  end
+end
+
+gem 'sprockets-rails', '>= 2.0.0'
+
+group :test do
+  gem 'database_cleaner', '~> 2.0'
+  gem 'factory_bot_rails', '~> 6.0'
+  gem 'multi_json'
+  gem 'rspec-activemodel-mocks', '~> 1.0'
+  gem 'rspec-rails', '~> 5.0'
+  gem 'rspec-retry'
+  gem 'rspec_junit_formatter'
+  gem 'simplecov', '0.17.1'
+  gem 'webmock', '~> 3.7'
+  gem 'timecop'
+  gem 'rails-controller-testing'
+end
+
+group :test, :development do
+  gem 'awesome_print'
+  gem 'gem-release'
+  gem 'redis'
+  gem 'rubocop', '~> 1.22.3', require: false # bumped
+  gem 'rubocop-rails', require: false
+  gem 'rubocop-rspec', require: false
+  gem 'pry-byebug'
+  gem 'ffaker'
+end
+
+group :development do
+  gem 'github_fast_changelog'
+  gem 'solargraph'
+end
+
+spree_opts = { github: 'spree/spree', branch: 'main' }
+gem 'spree_core', spree_opts
+gem 'spree_api', spree_opts
+gemspec

data/LICENSE

@@ -0,0 +1,26 @@
+Copyright (c) 2007-2015, Spree Commerce, Inc. and other contributors
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name Spree nor the names of its contributors may be used to
+      endorse or promote products derived from this software without specific
+      prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md

@@ -0,0 +1,62 @@
+# Spree Api V1
+
+This repository contains the deprecated V1 API, that was extracted from spree_api gem in Spree 4.5.
+
+## Installation
+
+1. Add this extension to your Gemfile with this line:
+
+    ```ruby
+    gem 'spree_api_v1'
+    ```
+
+2. Install the gem using Bundler
+
+    ```ruby
+    bundle install
+    ```
+
+3. Copy & run migrations
+
+    ```ruby
+    bundle exec rails g spree_api_v1:install
+    ```
+
+4. Restart your server
+
+  If your server was running, restart it so that it can find the assets properly.
+
+
+## Contributing
+
+In the spirit of [free software][1], **everyone** is encouraged to help improve this project.
+
+Here are some ways *you* can contribute:
+
+* by using prerelease versions
+* by reporting [bugs][2]
+* by suggesting new features
+* by writing or editing documentation
+* by writing specifications
+* by writing code (*no patch is too small*: fix typos, add comments, clean up inconsistent whitespace)
+* by refactoring code
+* by resolving [issues][2]
+* by reviewing patches
+
+Starting point:
+
+* Fork the repo
+* Clone your repo
+* (You will need to `brew install mysql postgres` if you don't already have them installed)
+* Run `bundle`
+* (You may need to `bundle update` if bundler gets stuck)
+* Run `bundle exec rake test_app` to create the test application in `spec/test_app`
+* Make your changes
+* Ensure specs pass by running `bundle exec rspec spec`
+* Submit your pull request
+
+
+License
+----------------------
+
+Spree is released under the [New BSD License][3].

data/Rakefile

@@ -0,0 +1,15 @@
+require 'rubygems'
+require 'rake'
+require 'rake/testtask'
+require 'rspec/core/rake_task'
+require 'spree/testing_support/common_rake'
+
+RSpec::Core::RakeTask.new
+
+task default: :spec
+
+desc "Generates a dummy app for testing"
+task :test_app do
+  ENV['LIB_NAME'] = 'spree/api_v1'
+  Rake::Task['common:test_app'].invoke
+end

data/app/controllers/spree/api/v1/addresses_controller.rb

@@ -0,0 +1,46 @@
+module Spree
+  module Api
+    module V1
+      class AddressesController < Spree::Api::V1::BaseController
+        before_action :find_order
+
+        def show
+          authorize! :show, @order, order_token
+          @address = find_address
+          respond_with(@address)
+        end
+
+        def update
+          authorize! :update, @order, order_token
+          @address = find_address
+
+          if @address.update(address_params)
+            respond_with(@address, default_template: :show)
+          else
+            invalid_resource!(@address)
+          end
+        end
+
+        private
+
+        def address_params
+          params.require(:address).permit(permitted_address_attributes)
+        end
+
+        def find_order
+          @order = Spree::Order.find_by!(number: order_id)
+        end
+
+        def find_address
+          if @order.bill_address_id == params[:id].to_i
+            @order.bill_address
+          elsif @order.ship_address_id == params[:id].to_i
+            @order.ship_address
+          else
+            raise CanCan::AccessDenied
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v1/base_controller.rb

@@ -0,0 +1,174 @@
+
+require_dependency 'spree/api_v1/controller_setup'
+
+module Spree
+  module Api
+    module V1
+      class BaseController < ActionController::API
+        include Spree::ApiV1::ControllerSetup
+        include Spree::Core::ControllerHelpers::Store
+        include Spree::Core::ControllerHelpers::StrongParameters
+        include Spree::Core::ControllerHelpers::Locale
+        include Spree::Core::ControllerHelpers::Currency
+
+        attr_accessor :current_api_user
+
+        before_action :set_content_type
+        before_action :load_user
+        before_action :authorize_for_order, if: proc { order_token.present? }
+        before_action :authenticate_user
+        before_action :load_user_roles
+
+        rescue_from ActionController::ParameterMissing, with: :error_during_processing
+        rescue_from ActiveRecord::RecordInvalid, with: :error_during_processing
+        rescue_from ActiveRecord::RecordNotFound, with: :not_found
+        rescue_from CanCan::AccessDenied, with: :unauthorized
+        rescue_from Spree::Core::GatewayError, with: :gateway_error
+
+        helper Spree::Api::ApiHelpers
+
+        # users should be able to set price when importing orders via api
+        def permitted_line_item_attributes
+          if @current_user_roles.include?('admin')
+            super + [:price, :variant_id, :sku]
+          else
+            super
+          end
+        end
+
+        def content_type
+          case params[:format]
+          when 'json'
+            'application/json; charset=utf-8'
+          when 'xml'
+            'text/xml; charset=utf-8'
+          end
+        end
+
+        private
+
+        def set_content_type
+          headers['Content-Type'] = content_type
+        end
+
+        def load_user
+          @current_api_user = Spree.user_class.find_by(spree_api_key: api_key.to_s)
+        end
+
+        def authenticate_user
+          return if @current_api_user
+
+          if requires_authentication? && api_key.blank? && order_token.blank?
+            must_specify_api_key and return
+          elsif order_token.blank? && (requires_authentication? || api_key.present?)
+            invalid_api_key and return
+          else
+            # An anonymous user
+            @current_api_user = Spree.user_class.new
+          end
+        end
+
+        def invalid_api_key
+          render 'spree/api/errors/invalid_api_key', status: 401
+        end
+
+        def must_specify_api_key
+          render 'spree/api/errors/must_specify_api_key', status: 401
+        end
+
+        def load_user_roles
+          @current_user_roles = @current_api_user ? @current_api_user.spree_roles.pluck(:name) : []
+        end
+
+        def unauthorized
+          render 'spree/api/errors/unauthorized', status: 401 and return
+        end
+
+        def error_during_processing(exception)
+          message = if exception.respond_to?(:original_message)
+                      exception.original_message
+                    else
+                      exception.message
+                    end
+
+          Rails.logger.error message
+          Rails.logger.error exception.backtrace.join("\n")
+
+          unprocessable_entity(message)
+        end
+
+        def unprocessable_entity(message)
+          render plain: { exception: message }.to_json, status: 422
+        end
+
+        def gateway_error(exception)
+          @order.errors.add(:base, exception.message)
+          invalid_resource!(@order)
+        end
+
+        def requires_authentication?
+          Spree::ApiV1::Config[:requires_authentication]
+        end
+
+        def not_found
+          render 'spree/api/errors/not_found', status: 404 and return
+        end
+
+        def current_ability
+          Spree::Dependencies.ability_class.constantize.new(current_api_user)
+        end
+
+        def invalid_resource!(resource)
+          @resource = resource
+          render 'spree/api/errors/invalid_resource', status: 422
+        end
+
+        def api_key
+          request.headers['X-Spree-Token'] || params[:token]
+        end
+        helper_method :api_key
+
+        def order_token
+          request.headers['X-Spree-Order-Token'] || params[:order_token]
+        end
+
+        def find_product(id)
+          @product = product_scope.friendly.distinct(false).find(id.to_s)
+        rescue ActiveRecord::RecordNotFound
+          @product = product_scope.find_by(id: id)
+          not_found unless @product
+        end
+
+        def product_scope
+          if @current_user_roles.include?('admin')
+            scope = Product.with_deleted.accessible_by(current_ability, :show).includes(*product_includes)
+
+            scope = scope.not_deleted unless params[:show_deleted]
+            scope = scope.not_discontinued unless params[:show_discontinued]
+          else
+            scope = Product.accessible_by(current_ability, :show).active.includes(*product_includes)
+          end
+
+          scope
+        end
+
+        def variants_associations
+          [{ option_values: :option_type }, :default_price, :images]
+        end
+
+        def product_includes
+          [:option_types, :taxons, product_properties: :property, variants: variants_associations, master: variants_associations]
+        end
+
+        def order_id
+          params[:order_id] || params[:checkout_id] || params[:order_number]
+        end
+
+        def authorize_for_order
+          @order = Spree::Order.find_by(number: order_id)
+          authorize! :show, @order, order_token
+        end
+      end
+    end
+  end
+end