RubyGems - spree_backend - Versions diffs - 2.2.0 → 2.2.1 - Mend

spree_backend 2.2.0 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0eb4b17ed3a2191a75982b34586811474e257424
-  data.tar.gz: 11d1332518050f7b4cc0d918ed90202876e8fb0c
+  metadata.gz: b64003f2a6519db60fa7c939b19cbb0a0843f46e
+  data.tar.gz: 01aa9c882c54b3b5ea6ddcac76adceb038c2faa9
 SHA512:
-  metadata.gz: 51695cae86f3f9fd40b797749b05c15d78d4d80b7c1e7f995d86e473fe00e1e34c1812a626f6f071999898ee0feec3fd391c8925c65a04fe5132627311380384
-  data.tar.gz: 2956047cd5b1b703bd524c539f3f2b9d2dffe729a100a33119e257fbf3b58b459a5b4aa555eb80bfe6882bec038b51afd1eb2b463b4a39c9f7ff46a0d2c543f1
+  metadata.gz: f327dd06a82084cfe7dcbd14bf1042fc44b881d00263065a6549492ab39076a0c75ac442ebfdc8880e21975170ed876b9810813d694b56fb170438f18fdacaa3
+  data.tar.gz: 7704dc393a526fbc4082cb96f98c6d17f3f30caa180f996d3a700079ea5844061c30526f8b01cff747ee198576bf5ed60cf43e7fc59c1758b577ca4584de25c6

data/app/assets/javascripts/spree/backend/admin.js.erb CHANGED Viewed

@@ -173,7 +173,9 @@ $(document).ready(function(){
         },
         dataType: 'script',
         success: function(response) {
-          el.parents("tr").fadeOut('hide');
+          el.parents("tr").fadeOut('hide', function() {
+            $(this).remove();
+          });
         },
         error: function(response, textStatus, errorThrown) {
           show_flash('error', response.responseText);

data/app/assets/javascripts/spree/backend/checkouts/edit.js CHANGED Viewed

@@ -1,20 +1,9 @@
 //= require_self
-//= require jquery.payment
 $(document).ready(function() {
   if ($('#customer_autocomplete_template').length > 0) {
     window.customerTemplate = Handlebars.compile($('#customer_autocomplete_template').text());
   }
-  if ($("#card_number").is("*")) {
-    $("#card_number").payment('formatCardNumber')
-      $("#card_expiry").payment('formatCardExpiry')
-      $("#card_code").payment('formatCardCVC')
-      $("#card_number").change(function() {
-        $("#cc_type").val($.payment.cardType(this.value))
-      })
-  }
   formatCustomerResult = function(customer) {
     return customerTemplate({
       customer: customer,

data/app/assets/javascripts/spree/backend/option_type_autocomplete.js.erb CHANGED Viewed

@@ -6,7 +6,10 @@ $(document).ready(function () {
       placeholder: Spree.translations.option_type_placeholder,
       multiple: true,
       initSelection: function (element, callback) {
-        return $.getJSON(Spree.routes.option_type_search + '?ids=' + (element.val()), null, function (data) {
+        var url = Spree.url(Spree.routes.option_type_search, {
+          ids: element.val()
+        });
+        return $.getJSON(url, null, function (data) {
           return callback(data);
         });
       },

data/app/assets/javascripts/spree/backend/payments/new.js CHANGED Viewed

@@ -1,16 +1,46 @@
-$(document).ready(function(){
+//= require jquery.payment
+$(document).ready(function() {
+  if ($("#new_payment").is("*")) {
+    $(".cardNumber").payment('formatCardNumber');
+    $(".cardExpiry").payment('formatCardExpiry');
+    $(".cardCode").payment('formatCardCVC');
-  $("#card_new").radioControlsVisibilityOfElement('#card_form');
+    $(".cardNumber").change(function() {
+      $(".ccType").val($.payment.cardType(this.value))
+    })
-  $('select.jump_menu').change(function(){
-    window.location = this.options[this.selectedIndex].value;
-  });
+    $('.payment_methods_radios').click(
+      function() {
+        $('.payment-methods').hide();
+        if (this.checked) {
+          $('#payment_method_' + this.value).show();
+        }
+      }
+    );
-  $('#cvv_link').click(function(event){
-    window_name = 'cvv_info';
-    window_options = 'left=20,top=20,width=500,height=500,toolbar=0,resizable=0,scrollbars=1';
-    window.open($(this).prop('href'), window_name, window_options);
-    event.preventDefault();
-  });
+    $('.payment_methods_radios').each(
+      function() {
+        if (this.checked) {
+          $('#payment_method_' + this.value).show();
+        } else {
+          $('#payment_method_' + this.value).hide();
+        }
-});
+        if ($("#card_new" + this.value).is("*")) {
+          $("#card_new" + this.value).radioControlsVisibilityOfElement('#card_form' + this.value);
+        }
+      }
+    );
+    $('.cvvLink').click(function(event){
+      window_name = 'cvv_info';
+      window_options = 'left=20,top=20,width=500,height=500,toolbar=0,resizable=0,scrollbars=1';
+      window.open($(this).prop('href'), window_name, window_options);
+      event.preventDefault();
+    });
+    $('select.jump_menu').change(function(){
+      window.location = this.options[this.selectedIndex].value;
+    });
+  }
+});

data/app/assets/javascripts/spree/backend/select_payments.js.coffee ADDED Viewed

@@ -0,0 +1,7 @@
+$ ->
+  if $('.new_payment').is('*')
+    $('.payment-method-settings fieldset').addClass('hidden').first().removeClass('hidden')
+    $('input[name="payment[payment_method_id]"]').click ()->
+      $('.payment-method-settings fieldset').addClass('hidden')
+      id = $(this).parents('li').data('id')
+      $("fieldset##{id}").removeClass('hidden')

data/app/assets/javascripts/spree/backend/shipments.js.erb CHANGED Viewed

@@ -219,7 +219,7 @@ startItemSplit = function(event){
     fadeOutTime: 50,
     intentPollInterval: 300
   });
-  $('#item_stock_location').select2({ width: 'resolve', placeholder: 'Choose Location' });
+  $('#item_stock_location').select2({ width: 'resolve', placeholder: Spree.translations.item_stock_placeholder });
 }
 completeItemSplit = function(event) {

data/app/assets/javascripts/spree/backend/taxonomy.js.coffee CHANGED Viewed

@@ -74,7 +74,7 @@ root.setup_taxonomy_tree = (taxonomy_id) ->
     root.base_url = Spree.url(Spree.routes.taxonomy_taxons_path)
     $.ajax
-      url: base_url.path().replace("/taxons", "/jstree"),
+      url: Spree.url(base_url.path().replace("/taxons", "/jstree")).toString(),
       success: (taxonomy) ->
         last_rollback = null
@@ -83,7 +83,7 @@ root.setup_taxonomy_tree = (taxonomy_id) ->
             data: taxonomy,
             ajax:
               url: (e) ->
-                base_url.path() + '/' + e.prop('id') + '/jstree'
+                Spree.url(base_url.path() + '/' + e.prop('id') + '/jstree').toString()
           themes:
             theme: "apple",
             url: Spree.url(Spree.routes.jstree_theme_path)

data/app/assets/stylesheets/spree/backend/sections/_users.scss ADDED Viewed

@@ -0,0 +1,5 @@
+#listing_orders, #listing_items {
+  td.order-state {
+    height: 60px;
+  }
+}

data/app/assets/stylesheets/spree/backend/spree_admin.scss CHANGED Viewed

@@ -36,6 +36,7 @@
 @import 'spree/backend/sections/tax_zones';
 @import 'spree/backend/sections/log_entries';
 @import 'spree/backend/sections/taxons';
+@import 'spree/backend/sections/users';
 @import 'spree/backend/hacks/mozilla';
 @import 'spree/backend/hacks/opera';

data/app/controllers/spree/admin/base_controller.rb CHANGED Viewed

@@ -11,6 +11,7 @@ module Spree
       before_filter :authorize_admin
       protected
         def action
           params[:action].to_sym
         end
@@ -85,6 +86,7 @@ module Spree
         def config_locale
           Spree::Backend::Config[:locale]
         end
     end
   end
 end

data/app/controllers/spree/admin/payments_controller.rb CHANGED Viewed

@@ -1,6 +1,8 @@
 module Spree
   module Admin
     class PaymentsController < Spree::Admin::BaseController
+      include Spree::Backend::Callbacks
       before_filter :load_order, :only => [:create, :new, :index, :fire]
       before_filter :load_payment, :except => [:create, :new, :index]
       before_filter :load_data
@@ -18,23 +20,27 @@ module Spree
       end
       def create
-        @payment = @order.payments.build(object_params)
-        if @payment.payment_method.is_a?(Spree::Gateway) && @payment.payment_method.payment_profiles_supported? && params[:card].present? and params[:card] != 'new'
-          @payment.source = CreditCard.find_by_id(params[:card])
+        invoke_callbacks(:create, :before)
+        @payment ||= @order.payments.build(object_params)
+        if params[:card].present? and params[:card] != 'new'
+          @payment.source = @payment.payment_method.payment_source_class.find_by_id(params[:card])
         end
         begin
           if @payment.save
+            invoke_callbacks(:create, :after)
             # Transition order as far as it will go.
             while @order.next; end
             @payment.process! if @order.completed?
             flash[:success] = flash_message_for(@payment, :successfully_created)
             redirect_to admin_order_payments_path(@order)
           else
+            invoke_callbacks(:create, :fails)
             flash[:error] = Spree.t(:payment_could_not_be_created)
             render :new
           end
         rescue Spree::Core::GatewayError => e
+          invoke_callbacks(:create, :fails)
           flash[:error] = "#{e.message}"
           redirect_to new_admin_order_payment_path(@order)
         end
@@ -74,7 +80,6 @@ module Spree
         else
           @payment_method = @payment_methods.first
         end
-        @previous_cards = @order.credit_cards.with_payment_profile
       end
       def can_transition_to_payment

data/app/controllers/spree/admin/promotions_controller.rb CHANGED Viewed

@@ -13,6 +13,24 @@ module Spree
         def load_data
           @calculators = Rails.application.config.spree.calculators.promotion_actions_create_adjustments
         end
+        def collection
+          return @collection if @collection.present?
+          params[:q] ||= HashWithIndifferentAccess.new
+          @collection = super
+          @search = @collection.ransack(params[:q])
+          @collection = @search.result(distinct: true).
+            includes(promotion_includes).
+            page(params[:page]).
+            per(params[:per_page] || Spree::Config[:promotions_per_page])
+          @collection
+        end
+        def promotion_includes
+          [:promotion_actions]
+        end
     end
   end
 end

data/app/controllers/spree/admin/resource_controller.rb CHANGED Viewed

@@ -1,6 +1,6 @@
-require 'spree/backend/action_callbacks'
 class Spree::Admin::ResourceController < Spree::Admin::BaseController
+  include Spree::Backend::Callbacks
   helper_method :new_object_url, :edit_object_url, :object_url, :collection_url
   before_filter :load_resource, :except => [:update_positions]
   rescue_from ActiveRecord::RecordNotFound, :with => :resource_not_found
@@ -86,14 +86,8 @@ class Spree::Admin::ResourceController < Spree::Admin::BaseController
   protected
-    def resource_not_found
-      flash[:error] = flash_message_for(model_class.new, :not_found)
-      redirect_to collection_url
-    end
     class << self
       attr_accessor :parent_data
-      attr_accessor :callbacks
       def belongs_to(model_name, options = {})
         @parent_data ||= {}
@@ -101,26 +95,11 @@ class Spree::Admin::ResourceController < Spree::Admin::BaseController
         @parent_data[:model_class] = model_name.to_s.classify.constantize
         @parent_data[:find_by] = options[:find_by] || :id
       end
+    end
-      def new_action
-        @callbacks ||= {}
-        @callbacks[:new_action] ||= Spree::ActionCallbacks.new
-      end
-      def create
-        @callbacks ||= {}
-        @callbacks[:create] ||= Spree::ActionCallbacks.new
-      end
-      def update
-        @callbacks ||= {}
-        @callbacks[:update] ||= Spree::ActionCallbacks.new
-      end
-      def destroy
-        @callbacks ||= {}
-        @callbacks[:destroy] ||= Spree::ActionCallbacks.new
-      end
+    def resource_not_found
+      flash[:error] = flash_message_for(model_class.new, :not_found)
+      redirect_to collection_url
     end
     def model_class
@@ -209,16 +188,6 @@ class Spree::Admin::ResourceController < Spree::Admin::BaseController
       collection_url
     end
-    def invoke_callbacks(action, callback_type)
-      callbacks = self.class.callbacks || {}
-      return if callbacks[action].nil?
-      case callback_type.to_sym
-        when :before then callbacks[action].before_methods.each {|method| send method }
-        when :after  then callbacks[action].after_methods.each  {|method| send method }
-        when :fails  then callbacks[action].fails_methods.each  {|method| send method }
-      end
-    end
     # URL helpers
     def new_object_url(options = {})

data/app/controllers/spree/admin/shipping_methods_controller.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module Spree
       before_filter :set_zones, :only => [:create, :update]
       def destroy
-        @object.touch :deleted_at
+        @object.destroy
         flash[:success] = flash_message_for(@object, :successfully_removed)

data/app/controllers/spree/admin/stock_locations_controller.rb CHANGED Viewed

@@ -2,15 +2,21 @@ module Spree
   module Admin
     class StockLocationsController < ResourceController
-      new_action.before :set_country
+      before_filter :set_country, :only => :new
       private
       def set_country
-        if Spree::Config[:default_country_id].present?
-          @stock_location.country = Spree::Country.find(Spree::Config[:default_country_id])
-        else
-          @stock_location.country = Spree::Country.find_by_iso('US')
+        begin
+          if Spree::Config[:default_country_id].present?
+            @stock_location.country = Spree::Country.find(Spree::Config[:default_country_id])
+          else
+            @stock_location.country = Spree::Country.find_by!(iso: 'US')
+          end
+        rescue ActiveRecord::RecordNotFound
+          flash[:error] = Spree.t(:stock_locations_need_a_default_country)
+          redirect_to admin_stock_locations_path and return
         end
       end

data/app/controllers/spree/admin/users_controller.rb ADDED Viewed

@@ -0,0 +1,159 @@
+module Spree
+  module Admin
+    class UsersController < ResourceController
+      rescue_from Spree::Core::DestroyWithOrdersError, :with => :user_destroy_with_orders_error
+      after_filter :sign_in_if_change_own_password, :only => :update
+      # http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/
+      before_filter :check_json_authenticity, :only => :index
+      before_filter :load_roles
+      def index
+        respond_with(@collection) do |format|
+          format.html
+          format.json { render :json => json_data }
+        end
+      end
+      def show
+        redirect_to edit_admin_user_path(@user)
+      end
+      def create
+        if params[:user]
+          roles = params[:user].delete("spree_role_ids")
+        end
+        @user = Spree.user_class.new(user_params)
+        if @user.save
+          if roles
+            @user.spree_roles = roles.reject(&:blank?).collect{|r| Spree::Role.find(r)}
+          end
+          flash.now[:success] = Spree.t(:created_successfully)
+          render :edit
+        else
+          render :new
+        end
+      end
+      def update
+        if params[:user]
+          roles = params[:user].delete("spree_role_ids")
+        end
+        if @user.update_attributes(user_params)
+          if roles
+            @user.spree_roles = roles.reject(&:blank?).collect{|r| Spree::Role.find(r)}
+          end
+          flash.now[:success] = Spree.t(:account_updated)
+        end
+        render :edit
+      end
+      def addresses
+        if request.put?
+          if @user.update_attributes(user_params)
+            flash.now[:success] = Spree.t(:account_updated)
+          end
+          render :addresses
+        end
+      end
+      def orders
+        params[:q] ||= {}
+        @search = Spree::Order.ransack(params[:q].merge(user_id_eq: @user.id))
+        @orders = @search.result.page(params[:page]).per(Spree::Config[:admin_products_per_page])
+      end
+      def items
+        params[:q] ||= {}
+        @search = Spree::Order.includes(
+          line_items: {
+            variant: [:product, { option_values: :option_type }]
+          }).ransack(params[:q].merge(user_id_eq: @user.id))
+        @orders = @search.result.page(params[:page]).per(Spree::Config[:admin_products_per_page])
+      end
+      def generate_api_key
+        if @user.generate_spree_api_key!
+          flash[:success] = Spree.t('api.key_generated')
+        end
+        redirect_to edit_admin_user_path(@user)
+      end
+      def clear_api_key
+        if @user.clear_spree_api_key!
+          flash[:success] = Spree.t('api.key_cleared')
+        end
+        redirect_to edit_admin_user_path(@user)
+      end
+      def model_class
+        Spree.user_class
+      end
+      protected
+        def collection
+          return @collection if @collection.present?
+          if request.xhr? && params[:q].present?
+            @collection = Spree.user_class.includes(:bill_address, :ship_address)
+                              .where("spree_users.email #{LIKE} :search
+                                     OR (spree_addresses.firstname #{LIKE} :search AND spree_addresses.id = spree_users.bill_address_id)
+                                     OR (spree_addresses.lastname  #{LIKE} :search AND spree_addresses.id = spree_users.bill_address_id)
+                                     OR (spree_addresses.firstname #{LIKE} :search AND spree_addresses.id = spree_users.ship_address_id)
+                                     OR (spree_addresses.lastname  #{LIKE} :search AND spree_addresses.id = spree_users.ship_address_id)",
+                                    { :search => "#{params[:q].strip}%" })
+                              .limit(params[:limit] || 100)
+          else
+            @search = Spree.user_class.ransack(params[:q])
+            @collection = @search.result.page(params[:page]).per(Spree::Config[:admin_products_per_page])
+          end
+        end
+      private
+        def user_params
+          params.require(:user).permit(PermittedAttributes.user_attributes |
+                                       [:spree_role_ids,
+                                        ship_address_attributes: PermittedAttributes.address_attributes,
+                                        bill_address_attributes: PermittedAttributes.address_attributes])
+        end
+        # handling raise from Spree::Admin::ResourceController#destroy
+        def user_destroy_with_orders_error
+          invoke_callbacks(:destroy, :fails)
+          render :status => :forbidden, :text => Spree.t(:error_user_destroy_with_orders)
+        end
+        # Allow different formats of json data to suit different ajax calls
+        def json_data
+          json_format = params[:json_format] or 'default'
+          case json_format
+          when 'basic'
+            collection.map { |u| { 'id' => u.id, 'name' => u.email } }.to_json
+          else
+            address_fields = [:firstname, :lastname, :address1, :address2, :city, :zipcode, :phone, :state_name, :state_id, :country_id]
+            includes = { :only => address_fields , :include => { :state => { :only => :name }, :country => { :only => :name } } }
+            collection.to_json(:only => [:id, :email], :include =>
+                               { :bill_address => includes, :ship_address => includes })
+          end
+        end
+        def sign_in_if_change_own_password
+          if try_spree_current_user == @user && @user.password.present?
+            sign_in(@user, :event => :authentication, :bypass => true)
+          end
+        end
+        def load_roles
+          @roles = Spree::Role.all
+        end
+    end
+  end
+end

data/app/views/spree/admin/orders/_risk_analysis.html.erb CHANGED Viewed

@@ -12,7 +12,7 @@
         </strong></td>
           <td class="align-center">
             <span class="<%= @order.payments.failed.count > 0 ? 'state void' : 'state complete' %>">
-              <%= link_to "#{pluralize(@order.payments.failed.count, Spree.t(:payment))}", spree.admin_order_payments_path(@order) %>
+              <%= link_to "#{Spree.t 'payments_count', count: @order.payments.failed.count, default: pluralize(@order.payments.failed.count, Spree.t(:payment))}", spree.admin_order_payments_path(@order) %>
             </span>
         </td>
       </tr>

data/app/views/spree/admin/orders/_shipment.html.erb CHANGED Viewed

@@ -41,7 +41,7 @@
             <div class="field alpha five columns">
               <%= label_tag 'selected_shipping_rate_id', Spree.t(:shipping_method) %>
               <%= select_tag :selected_shipping_rate_id,
-                    options_for_select(shipment.shipping_rates.with_shipping_method.map {|sr| ["#{sr.name} #{sr.display_price}", sr.id] }, shipment.selected_shipping_rate_id),
+                    options_for_select(shipment.shipping_rates.map {|sr| ["#{sr.name} #{sr.display_price}", sr.id] }, shipment.selected_shipping_rate_id),
                     {:class => 'select2 fullwidth', :data => {'shipment-number' => shipment.number } } %>
             </div>
           </td>

data/app/views/spree/admin/payments/_form.html.erb CHANGED Viewed

@@ -10,19 +10,25 @@
       <label><%= Spree.t(:payment_method) %></label>
       <ul>
         <% @payment_methods.each do |method| %>
-          <li>
+          <li data-id="<%= Spree.t(method.name, :scope => :payment_methods, :default => method.name).parameterize %>">
             <label data-hook="payment_method_field">
-              <%= radio_button_tag 'payment[payment_method_id]', method.id, method == @payment_method %>
+              <%= radio_button_tag 'payment[payment_method_id]', method.id, method == @payment_method, { class: "payment_methods_radios" } %>
               <%= Spree.t(method.name, :scope => :payment_methods, :default => method.name) %>
             </label>
           </li>
         <% end %>
       </ul>
       <div class="payment-method-settings">
         <% @payment_methods.each do |method| %>
-          <% if method.source_required? %>
-            <%= render :partial => "spree/admin/payments/source_forms/#{method.method_type}", :locals => { :payment_method => method } %>
-          <% end %>
+          <div class="payment-methods" id="payment_method_<%= method.id %>">
+            <% if method.source_required? %>
+              <br />
+              <%= render :partial => "spree/admin/payments/source_forms/#{method.method_type}",
+                         :locals => { :payment_method => method, previous_cards: method.sources_with_profile(@order) } %>
+            <% end %>
+          </div>
         <% end %>
       </div>
     </div>