spree_backend 3.0.5 → 3.0.6

Sign up to get free protection for your applications and to get access to all the features.
Files changed (98) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +1 -0
  3. data/Gemfile +6 -0
  4. data/Rakefile +29 -0
  5. data/app/assets/javascripts/spree/backend/admin.js +26 -0
  6. data/app/controllers/spree/admin/resource_controller.rb +4 -2
  7. data/app/helpers/spree/admin/navigation_helper.rb +10 -1
  8. data/app/views/spree/admin/images/new.html.erb +1 -1
  9. data/app/views/spree/admin/payments/_list.html.erb +1 -1
  10. data/app/views/spree/admin/products/_form.html.erb +1 -1
  11. data/app/views/spree/admin/shared/_index_table_options.html.erb +1 -11
  12. data/app/views/spree/admin/shared/sub_menu/_product.html.erb +1 -1
  13. data/script/rails +9 -0
  14. data/spec/controllers/spree/admin/base_controller_spec.rb +46 -0
  15. data/spec/controllers/spree/admin/customer_returns_controller_spec.rb +185 -0
  16. data/spec/controllers/spree/admin/general_settings_controller_spec.rb +41 -0
  17. data/spec/controllers/spree/admin/missing_products_controller_spec.rb +18 -0
  18. data/spec/controllers/spree/admin/orders/customer_details_controller_spec.rb +42 -0
  19. data/spec/controllers/spree/admin/orders_controller_spec.rb +247 -0
  20. data/spec/controllers/spree/admin/payment_methods_controller_spec.rb +49 -0
  21. data/spec/controllers/spree/admin/payments_controller_spec.rb +97 -0
  22. data/spec/controllers/spree/admin/products_controller_spec.rb +53 -0
  23. data/spec/controllers/spree/admin/promotion_actions_controller_spec.rb +21 -0
  24. data/spec/controllers/spree/admin/promotion_rules_controller_spec.rb +21 -0
  25. data/spec/controllers/spree/admin/promotions_controller_spec.rb +44 -0
  26. data/spec/controllers/spree/admin/refunds_controller_spec.rb +32 -0
  27. data/spec/controllers/spree/admin/reimbursements_controller_spec.rb +74 -0
  28. data/spec/controllers/spree/admin/reports_controller_spec.rb +42 -0
  29. data/spec/controllers/spree/admin/resource_controller_spec.rb +276 -0
  30. data/spec/controllers/spree/admin/return_authorizations_controller_spec.rb +225 -0
  31. data/spec/controllers/spree/admin/return_items_controller_spec.rb +27 -0
  32. data/spec/controllers/spree/admin/root_controller_spec.rb +35 -0
  33. data/spec/controllers/spree/admin/search_controller_spec.rb +56 -0
  34. data/spec/controllers/spree/admin/shipping_methods_controller_spec.rb +14 -0
  35. data/spec/controllers/spree/admin/stock_items_controller_spec.rb +19 -0
  36. data/spec/controllers/spree/admin/stock_locations_controller_spec.rb +41 -0
  37. data/spec/controllers/spree/admin/stock_transfers_controller_spec.rb +41 -0
  38. data/spec/controllers/spree/admin/tax_categories_controller_spec.rb +34 -0
  39. data/spec/controllers/spree/admin/users_controller_spec.rb +161 -0
  40. data/spec/controllers/spree/admin/variants_controller_spec.rb +32 -0
  41. data/spec/features/admin/configuration/analytics_tracker_spec.rb +46 -0
  42. data/spec/features/admin/configuration/countries_spec.rb +24 -0
  43. data/spec/features/admin/configuration/general_settings_spec.rb +43 -0
  44. data/spec/features/admin/configuration/payment_methods_spec.rb +63 -0
  45. data/spec/features/admin/configuration/roles_spec.rb +47 -0
  46. data/spec/features/admin/configuration/shipping_methods_spec.rb +62 -0
  47. data/spec/features/admin/configuration/states_spec.rb +68 -0
  48. data/spec/features/admin/configuration/stock_locations_spec.rb +48 -0
  49. data/spec/features/admin/configuration/tax_categories_spec.rb +56 -0
  50. data/spec/features/admin/configuration/tax_rates_spec.rb +18 -0
  51. data/spec/features/admin/configuration/zones_spec.rb +39 -0
  52. data/spec/features/admin/homepage_spec.rb +81 -0
  53. data/spec/features/admin/locale_spec.rb +31 -0
  54. data/spec/features/admin/orders/adjustments_promotions_spec.rb +53 -0
  55. data/spec/features/admin/orders/adjustments_spec.rb +129 -0
  56. data/spec/features/admin/orders/cancelling_and_resuming_spec.rb +47 -0
  57. data/spec/features/admin/orders/customer_details_spec.rb +182 -0
  58. data/spec/features/admin/orders/line_items_spec.rb +51 -0
  59. data/spec/features/admin/orders/listing_spec.rb +225 -0
  60. data/spec/features/admin/orders/log_entries_spec.rb +55 -0
  61. data/spec/features/admin/orders/new_order_spec.rb +161 -0
  62. data/spec/features/admin/orders/order_details_spec.rb +620 -0
  63. data/spec/features/admin/orders/payments_spec.rb +229 -0
  64. data/spec/features/admin/orders/risk_analysis_spec.rb +48 -0
  65. data/spec/features/admin/orders/shipments_spec.rb +64 -0
  66. data/spec/features/admin/orders/state_changes_spec.rb +21 -0
  67. data/spec/features/admin/products/edit/images_spec.rb +86 -0
  68. data/spec/features/admin/products/edit/products_spec.rb +64 -0
  69. data/spec/features/admin/products/edit/taxons_spec.rb +41 -0
  70. data/spec/features/admin/products/edit/variants_spec.rb +56 -0
  71. data/spec/features/admin/products/option_types_spec.rb +113 -0
  72. data/spec/features/admin/products/products_spec.rb +394 -0
  73. data/spec/features/admin/products/properties_spec.rb +140 -0
  74. data/spec/features/admin/products/prototypes_spec.rb +112 -0
  75. data/spec/features/admin/products/stock_management_spec.rb +123 -0
  76. data/spec/features/admin/products/taxonomies_spec.rb +52 -0
  77. data/spec/features/admin/products/variant_spec.rb +50 -0
  78. data/spec/features/admin/promotions/adjustments_spec.rb +255 -0
  79. data/spec/features/admin/promotions/option_value_rule_spec.rb +70 -0
  80. data/spec/features/admin/promotions/tiered_calculator_spec.rb +70 -0
  81. data/spec/features/admin/reports_spec.rb +61 -0
  82. data/spec/features/admin/stock_transfer_spec.rb +75 -0
  83. data/spec/features/admin/taxons_spec.rb +47 -0
  84. data/spec/features/admin/users_spec.rb +284 -0
  85. data/spec/helpers/admin/base_helper_spec.rb +24 -0
  86. data/spec/helpers/admin/navigation_helper_spec.rb +106 -0
  87. data/spec/helpers/admin/stock_movements_helper_spec.rb +30 -0
  88. data/spec/helpers/promotion_rules_helper_spec.rb +12 -0
  89. data/spec/models/spree/resource_spec.rb +48 -0
  90. data/spec/spec_helper.rb +133 -0
  91. data/spec/support/appear_before_matcher.rb +8 -0
  92. data/spec/support/ror_ringer.jpeg +0 -0
  93. data/spec/test_views/spree/admin/submodule/posts/edit.html.erb +1 -0
  94. data/spec/test_views/spree/admin/submodule/posts/new.html.erb +1 -0
  95. data/spec/test_views/spree/admin/widgets/edit.html.erb +1 -0
  96. data/spec/test_views/spree/admin/widgets/new.html.erb +1 -0
  97. data/spree_backend.gemspec +29 -0
  98. metadata +101 -14
@@ -0,0 +1,18 @@
1
+ require 'spec_helper'
2
+ # This test exists in this file because in the standard admin/products_controller spec
3
+ # There is the stub_authorization call. This call is not triggered for this test because
4
+ # the load_resource filter in Spree::Admin::ResourceController is prepended to the filter chain
5
+ # this means this call is triggered before the authorize_admin call and in this case
6
+ # the load_resource filter halts the request meaning authorize_admin is not called at all.
7
+ describe Spree::Admin::ProductsController, :type => :controller do
8
+ stub_authorization!
9
+
10
+ # Regression test for GH #538
11
+ it "cannot find a non-existent product" do
12
+ spree_get :edit, :id => "non-existent-product"
13
+ expect(response).to redirect_to(spree.admin_products_path)
14
+ expect(flash[:error]).to eql("Product is not found")
15
+ end
16
+ end
17
+
18
+
@@ -0,0 +1,42 @@
1
+ require "spec_helper"
2
+ require "cancan"
3
+ require "spree/testing_support/bar_ability"
4
+
5
+ describe Spree::Admin::Orders::CustomerDetailsController, type: :controller do
6
+
7
+ context "with authorization" do
8
+ stub_authorization!
9
+
10
+ let(:order) do
11
+ mock_model(
12
+ Spree::Order,
13
+ total: 100,
14
+ number: "R123456789",
15
+ billing_address: mock_model(Spree::Address)
16
+ )
17
+ end
18
+
19
+ before do
20
+ allow(Spree::Order).to receive_message_chain(:friendly, :find).and_return(order)
21
+ end
22
+
23
+ context "#update" do
24
+ it "does refresh the shipment rates with all shipping methods" do
25
+ allow(order).to receive_messages(update_attributes: true)
26
+ allow(order).to receive_messages(next: false)
27
+ expect(order).to receive(:refresh_shipment_rates)
28
+ .with(Spree::ShippingMethod::DISPLAY_ON_FRONT_AND_BACK_END)
29
+ attributes = {
30
+ order_id: order.number,
31
+ order: {
32
+ email: "",
33
+ use_billing: "",
34
+ bill_address_attributes: {},
35
+ ship_address_attributes: {}
36
+ }
37
+ }
38
+ spree_put :update, attributes
39
+ end
40
+ end
41
+ end
42
+ end
@@ -0,0 +1,247 @@
1
+ require 'spec_helper'
2
+ require 'cancan'
3
+ require 'spree/testing_support/bar_ability'
4
+
5
+ # Ability to test access to specific model instances
6
+ class OrderSpecificAbility
7
+ include CanCan::Ability
8
+
9
+ def initialize(user)
10
+ can [:admin, :manage], Spree::Order, number: 'R987654321'
11
+ end
12
+ end
13
+
14
+ describe Spree::Admin::OrdersController, type: :controller do
15
+
16
+ context "with authorization" do
17
+ stub_authorization!
18
+
19
+ before do
20
+ request.env["HTTP_REFERER"] = "http://localhost:3000"
21
+
22
+ # ensure no respond_overrides are in effect
23
+ if Spree::BaseController.spree_responders[:OrdersController].present?
24
+ Spree::BaseController.spree_responders[:OrdersController].clear
25
+ end
26
+ end
27
+
28
+ let(:order) do
29
+ mock_model(
30
+ Spree::Order,
31
+ completed?: true,
32
+ total: 100,
33
+ number: 'R123456789',
34
+ all_adjustments: adjustments,
35
+ billing_address: mock_model(Spree::Address)
36
+ )
37
+ end
38
+
39
+ let(:adjustments) { double('adjustments') }
40
+
41
+ before do
42
+ allow(Spree::Order).to receive_message_chain(:friendly, :find).and_return(order)
43
+ end
44
+
45
+ context "#approve" do
46
+ it "approves an order" do
47
+ expect(order).to receive(:approved_by).with(controller.try_spree_current_user)
48
+ spree_put :approve, id: order.number
49
+ expect(flash[:success]).to eq Spree.t(:order_approved)
50
+ end
51
+ end
52
+
53
+ context "#cancel" do
54
+ it "cancels an order" do
55
+ expect(order).to receive(:canceled_by).with(controller.try_spree_current_user)
56
+ spree_put :cancel, id: order.number
57
+ expect(flash[:success]).to eq Spree.t(:order_canceled)
58
+ end
59
+ end
60
+
61
+ context "#resume" do
62
+ it "resumes an order" do
63
+ expect(order).to receive(:resume!)
64
+ spree_put :resume, id: order.number
65
+ expect(flash[:success]).to eq Spree.t(:order_resumed)
66
+ end
67
+ end
68
+
69
+ context "pagination" do
70
+ it "can page through the orders" do
71
+ spree_get :index, page: 2, per_page: 10
72
+ expect(assigns[:orders].offset_value).to eq(10)
73
+ expect(assigns[:orders].limit_value).to eq(10)
74
+ end
75
+ end
76
+
77
+ # Test for #3346
78
+ context "#new" do
79
+ it "a new order has the current user assigned as a creator" do
80
+ spree_get :new
81
+ expect(assigns[:order].created_by).to eq(controller.try_spree_current_user)
82
+ end
83
+ end
84
+
85
+ # Regression test for #3684
86
+ context "#edit" do
87
+ it "does not refresh rates if the order is completed" do
88
+ allow(order).to receive_messages completed?: true
89
+ expect(order).not_to receive :refresh_shipment_rates
90
+ spree_get :edit, id: order.number
91
+ end
92
+
93
+ it "does refresh the rates if the order is incomplete" do
94
+ allow(order).to receive_messages completed?: false
95
+ expect(order).to receive :refresh_shipment_rates
96
+ spree_get :edit, id: order.number
97
+ end
98
+ end
99
+
100
+ # Test for #3919
101
+ context "search" do
102
+ let(:user) { create(:user) }
103
+
104
+ before do
105
+ allow(controller).to receive_messages spree_current_user: user
106
+ user.spree_roles << Spree::Role.find_or_create_by(name: 'admin')
107
+
108
+ create(:completed_order_with_totals)
109
+ expect(Spree::Order.count).to eq 1
110
+ end
111
+
112
+ it "does not display duplicated results" do
113
+ spree_get :index, q: {
114
+ line_items_variant_id_in: Spree::Order.first.variants.map(&:id)
115
+ }
116
+ expect(assigns[:orders].map { |o| o.number }.count).to eq 1
117
+ end
118
+ end
119
+
120
+ context "#open_adjustments" do
121
+ let(:closed) { double('closed_adjustments') }
122
+
123
+ before do
124
+ allow(adjustments).to receive(:where).and_return(closed)
125
+ allow(closed).to receive(:update_all)
126
+ end
127
+
128
+ it "changes all the closed adjustments to open" do
129
+ expect(adjustments).to receive(:where).with(state: 'closed')
130
+ .and_return(closed)
131
+ expect(closed).to receive(:update_all).with(state: 'open')
132
+ spree_post :open_adjustments, id: order.number
133
+ end
134
+
135
+ it "sets the flash success message" do
136
+ spree_post :open_adjustments, id: order.number
137
+ expect(flash[:success]).to eql('All adjustments successfully opened!')
138
+ end
139
+
140
+ it "redirects back" do
141
+ spree_post :open_adjustments, id: order.number
142
+ expect(response).to redirect_to(:back)
143
+ end
144
+ end
145
+
146
+ context "#close_adjustments" do
147
+ let(:open) { double('open_adjustments') }
148
+
149
+ before do
150
+ allow(adjustments).to receive(:where).and_return(open)
151
+ allow(open).to receive(:update_all)
152
+ end
153
+
154
+ it "changes all the open adjustments to closed" do
155
+ expect(adjustments).to receive(:where).with(state: 'open')
156
+ .and_return(open)
157
+ expect(open).to receive(:update_all).with(state: 'closed')
158
+ spree_post :close_adjustments, id: order.number
159
+ end
160
+
161
+ it "sets the flash success message" do
162
+ spree_post :close_adjustments, id: order.number
163
+ expect(flash[:success]).to eql('All adjustments successfully closed!')
164
+ end
165
+
166
+ it "redirects back" do
167
+ spree_post :close_adjustments, id: order.number
168
+ expect(response).to redirect_to(:back)
169
+ end
170
+ end
171
+ end
172
+
173
+ context '#authorize_admin' do
174
+ let(:user) { create(:user) }
175
+ let(:order) { create(:completed_order_with_totals, number: 'R987654321') }
176
+
177
+ def with_ability(ability)
178
+ Spree::Ability.register_ability(ability)
179
+ yield
180
+ ensure
181
+ Spree::Ability.remove_ability(ability)
182
+ end
183
+
184
+ before do
185
+ allow(Spree::Order).to receive_messages find: order
186
+ allow(controller).to receive_messages spree_current_user: user
187
+ end
188
+
189
+ it 'should grant access to users with an admin role' do
190
+ user.spree_roles << Spree::Role.find_or_create_by(name: 'admin')
191
+ spree_post :index
192
+ expect(response).to render_template :index
193
+ end
194
+
195
+ it 'should grant access to users with an bar role' do
196
+ with_ability(BarAbility) do
197
+ user.spree_roles << Spree::Role.find_or_create_by(name: 'bar')
198
+ spree_post :index
199
+ expect(response).to render_template :index
200
+ end
201
+ end
202
+
203
+ it 'should deny access to users with an bar role' do
204
+ with_ability(BarAbility) do
205
+ allow(order).to receive(:update_attributes).and_return true
206
+ allow(order).to receive(:user).and_return Spree.user_class.new
207
+ allow(order).to receive(:token).and_return nil
208
+ user.spree_roles.clear
209
+ user.spree_roles << Spree::Role.find_or_create_by(name: 'bar')
210
+ spree_put :update, id: order.number
211
+ expect(response).to redirect_to('/unauthorized')
212
+ end
213
+ end
214
+
215
+ it 'should deny access to users without an admin role' do
216
+ allow(user).to receive_messages has_spree_role?: false
217
+ spree_post :index
218
+ expect(response).to redirect_to('/unauthorized')
219
+ end
220
+
221
+ it 'should restrict returned order(s) on index when using OrderSpecificAbility' do
222
+ number = order.number
223
+
224
+ 3.times { create(:completed_order_with_totals) }
225
+ expect(Spree::Order.complete.count).to eq 4
226
+
227
+ with_ability(OrderSpecificAbility) do
228
+ allow(user).to receive_messages has_spree_role?: false
229
+ spree_get :index
230
+ expect(response).to render_template :index
231
+ expect(assigns['orders'].size).to eq 1
232
+ expect(assigns['orders'].first.number).to eq number
233
+ expect(Spree::Order.accessible_by(Spree::Ability.new(user), :index).pluck(:number)).to eq [number]
234
+ end
235
+ end
236
+ end
237
+
238
+ context "order number not given" do
239
+ stub_authorization!
240
+
241
+ it "raise active record not found" do
242
+ expect {
243
+ spree_get :edit, id: 99999999
244
+ }.to raise_error ActiveRecord::RecordNotFound
245
+ end
246
+ end
247
+ end
@@ -0,0 +1,49 @@
1
+ require 'spec_helper'
2
+
3
+ module Spree
4
+ class GatewayWithPassword < PaymentMethod
5
+ preference :password, :string, :default => "password"
6
+ end
7
+
8
+ describe Admin::PaymentMethodsController, :type => :controller do
9
+ stub_authorization!
10
+
11
+ let(:payment_method) { GatewayWithPassword.create!(:name => "Bogus", :preferred_password => "haxme") }
12
+
13
+ # regression test for #2094
14
+ it "does not clear password on update" do
15
+ expect(payment_method.preferred_password).to eq("haxme")
16
+ spree_put :update, :id => payment_method.id, :payment_method => { :type => payment_method.class.to_s, :preferred_password => "" }
17
+ expect(response).to redirect_to(spree.edit_admin_payment_method_path(payment_method))
18
+
19
+ payment_method.reload
20
+ expect(payment_method.preferred_password).to eq("haxme")
21
+ end
22
+
23
+ context "tries to save invalid payment" do
24
+ it "doesn't break, responds nicely" do
25
+ expect {
26
+ spree_post :create, :payment_method => { :name => "", :type => "Spree::Gateway::Bogus" }
27
+ }.not_to raise_error
28
+ end
29
+ end
30
+
31
+ it "can create a payment method of a valid type" do
32
+ expect {
33
+ spree_post :create, :payment_method => { :name => "Test Method", :type => "Spree::Gateway::Bogus" }
34
+ }.to change(Spree::PaymentMethod, :count).by(1)
35
+
36
+ expect(response).to be_redirect
37
+ expect(response).to redirect_to spree.edit_admin_payment_method_path(assigns(:payment_method))
38
+ end
39
+
40
+ it "can not create a payment method of an invalid type" do
41
+ expect {
42
+ spree_post :create, :payment_method => { :name => "Invalid Payment Method", :type => "Spree::InvalidType" }
43
+ }.to change(Spree::PaymentMethod, :count).by(0)
44
+
45
+ expect(response).to be_redirect
46
+ expect(response).to redirect_to spree.new_admin_payment_method_path
47
+ end
48
+ end
49
+ end
@@ -0,0 +1,97 @@
1
+ require 'spec_helper'
2
+
3
+ module Spree
4
+ module Admin
5
+ describe PaymentsController, :type => :controller do
6
+ stub_authorization!
7
+
8
+ let(:order) { create(:order) }
9
+
10
+ context "with a valid credit card" do
11
+ let(:order) { create(:order_with_line_items, :state => "payment") }
12
+ let(:payment_method) { create(:credit_card_payment_method, :display_on => "back_end") }
13
+
14
+ before do
15
+ attributes = {
16
+ :order_id => order.number,
17
+ :card => "new",
18
+ :payment => {
19
+ :amount => order.total,
20
+ :payment_method_id => payment_method.id.to_s,
21
+ :source_attributes => {
22
+ :name => "Test User",
23
+ :number => "4111 1111 1111 1111",
24
+ :expiry => "09 / #{Time.now.year + 1}",
25
+ :verification_value => "123"
26
+ }
27
+ }
28
+ }
29
+ spree_post :create, attributes
30
+ end
31
+
32
+ it "should process payment correctly" do
33
+ expect(order.payments.count).to eq(1)
34
+ expect(response).to redirect_to(spree.admin_order_payments_path(order))
35
+ expect(order.reload.state).to eq('complete')
36
+ end
37
+
38
+ # Regression for #4768
39
+ it "doesnt process the same payment twice" do
40
+ expect(Spree::LogEntry.where(source: order.payments.first).count).to eq(1)
41
+ end
42
+ end
43
+
44
+ # Regression test for #3233
45
+ context "with a backend payment method" do
46
+ before do
47
+ @payment_method = create(:check_payment_method, :display_on => "back_end")
48
+ end
49
+
50
+ it "loads backend payment methods" do
51
+ spree_get :new, :order_id => order.number
52
+ expect(response.status).to eq(200)
53
+ expect(assigns[:payment_methods]).to include(@payment_method)
54
+ end
55
+ end
56
+
57
+ context "order has billing address" do
58
+ before do
59
+ order.bill_address = create(:address)
60
+ order.save!
61
+ end
62
+
63
+ context "order does not have payments" do
64
+ it "redirect to new payments page" do
65
+ spree_get :index, { amount: 100, order_id: order.number }
66
+ expect(response).to redirect_to(spree.new_admin_order_payment_path(order))
67
+ end
68
+ end
69
+
70
+ context "order has payments" do
71
+ before do
72
+ order.payments << create(:payment, amount: order.total, order: order, state: 'completed')
73
+ end
74
+
75
+ it "shows the payments page" do
76
+ spree_get :index, { amount: 100, order_id: order.number }
77
+ expect(response.code).to eq "200"
78
+ end
79
+ end
80
+
81
+ end
82
+
83
+ context "order does not have a billing address" do
84
+ before do
85
+ order.bill_address = nil
86
+ order.save
87
+ end
88
+
89
+ it "should redirect to the customer details page" do
90
+ spree_get :index, { amount: 100, order_id: order.number }
91
+ expect(response).to redirect_to(spree.edit_admin_order_customer_path(order))
92
+ end
93
+ end
94
+
95
+ end
96
+ end
97
+ end