spree_core 5.4.0.beta → 5.4.0.beta2

data/app/models/spree/credit_card.rb

@@ -2,7 +2,6 @@ module Spree
   class CreditCard < Spree.base_class
     has_prefix_id :card  # Stripe: card_
 
-    include ActiveMerchant::Billing::CreditCardMethods
     include Spree::Metafields
     include Spree::Metadata
     include Spree::PaymentSourceConcern
@@ -48,7 +47,6 @@ module Spree
     }
     scope :not_removed, -> { where(deleted_at: nil) }
 
-    # needed for some of the ActiveMerchant gateways (eg. SagePay)
     alias_attribute :brand, :cc_type
 
     store_accessor :private_metadata, :wallet
@@ -59,14 +57,6 @@ module Spree
       wallet&.[]('type')
     end
 
-    # ActiveMerchant::Billing::CreditCard added this accessor used by some gateways.
-    # More info: https://github.com/spree/spree/issues/6209
-    #
-    # Returns or sets the track data for the card
-    #
-    # @return [String]
-    attr_accessor :track_data
-
     CARD_TYPES = {
       visa: /^4\d{12}(\d{3})?(\d{3})?$/,
       master: /^(5[1-5]\d{4}|677189|222[1-9]\d{2}|22[3-9]\d{3}|2[3-6]\d{4}|27[01]\d{3}|2720\d{2})\d{10}$/,
@@ -151,10 +141,6 @@ module Spree
       brand.present? ? brand.upcase : Spree.t(:no_cc_type)
     end
 
-    # ActiveMerchant needs first_name/last_name because we pass it a Spree::CreditCard and it calls those methods on it.
-    # Looking at the ActiveMerchant source code we should probably be calling #to_active_merchant before passing
-    # the object to ActiveMerchant but this should do for now.
-    #
     # Returns the first name of the cardholder.
     # @return [String]
     def first_name
@@ -167,19 +153,6 @@ module Spree
       name.to_s.split(/[[:space:]]/, 2)[1]
     end
 
-    # Returns an ActiveMerchant::Billing::CreditCard object.
-    # @return [ActiveMerchant::Billing::CreditCard]
-    def to_active_merchant
-      ActiveMerchant::Billing::CreditCard.new(
-        number: number,
-        month: month,
-        year: year,
-        verification_value: verification_value,
-        first_name: first_name,
-        last_name: last_name
-      )
-    end
-
     def self.json_api_permitted_attributes
       [
         'number', 'month', 'year', 'expiry', 'verification_value', 'first_name', 'last_name',

data/app/models/spree/current.rb

@@ -1,23 +1,57 @@
 module Spree
+  # Thread-safe, per-request attributes for the current store context.
+  #
+  # All attributes are automatically reset between requests by Rails.
+  # Fallback chains ensure sensible defaults when attributes are not explicitly set.
   class Current < ::ActiveSupport::CurrentAttributes
-    attribute :store, :market, :currency, :zone, :price_lists, :global_pricing_context
+    attribute :store, :market, :currency, :locale, :zone, :default_tax_zone, :price_lists, :global_pricing_context
 
+    resets { @default_tax_zone_loaded = false }
+
+    # Returns the current store, falling back to the default store.
+    # @return [Spree::Store]
     def store
       super || Spree::Store.default
     end
 
+    # Returns the current market, falling back to the store's default market.
+    # @return [Spree::Market, nil]
     def market
       super || store&.default_market
     end
 
+    # Returns the current currency.
+    # Fallback: market currency -> store default currency.
+    # @return [String] currency ISO code, e.g. +"USD"+
     def currency
       super || market&.currency || store&.default_currency
     end
 
+    # Returns the current locale.
+    # Fallback: market default locale -> store default locale.
+    # @return [String] locale code, e.g. +"en"+, +"de"+
+    def locale
+      super || market&.default_locale || store&.default_locale
+    end
+
+    # Returns the current tax zone, falling back to the default tax zone.
+    # @return [Spree::Zone, nil]
     def zone
-      super || Spree::Zone.default_tax
+      super || default_tax_zone
+    end
+
+    # Returns the default tax zone (memoized per request).
+    # @return [Spree::Zone, nil]
+    def default_tax_zone
+      result = super
+      return result if result || @default_tax_zone_loaded
+
+      @default_tax_zone_loaded = true
+      self.default_tax_zone = Spree::Zone.find_by(default_tax: true)
     end
 
+    # Returns the current price lists for the global pricing context.
+    # @return [ActiveRecord::Relation<Spree::PriceList>]
     def price_lists
       super || begin
         context = global_pricing_context
@@ -25,6 +59,8 @@ module Spree
       end
     end
 
+    # Returns the current global pricing context, built from store, currency, zone, and market.
+    # @return [Spree::Pricing::Context]
     def global_pricing_context
       super || begin
         self.global_pricing_context = Spree::Pricing::Context.new(

data/app/models/spree/exports/products.rb

@@ -4,7 +4,6 @@ module Spree
       # to avoid N+1 queries
       def scope_includes
         includes = [:tax_category, :master, :option_types, { taxons: :taxonomy }, { variants_including_master: variant_includes }]
-        includes << { product_properties: [:property] } if Spree::Config[:product_properties_enabled]
         includes << { metafields: :metafield_definition }
         includes
       end
@@ -28,14 +27,9 @@ module Spree
 
       def csv_headers
         headers = Spree::CSV::ProductVariantPresenter::CSV_HEADERS.dup
-        headers += properties_headers if Spree::Config[:product_properties_enabled]
         headers += metafields_headers
         @csv_headers ||= headers
       end
-
-      def properties_headers
-        @properties_headers ||= Spree::Property.order(:position).count.times.flat_map { |n| ["property#{n + 1}_name", "property#{n + 1}_value"] }
-      end
     end
   end
 end

data/app/models/spree/gateway/bogus.rb

@@ -32,39 +32,39 @@ module Spree
     def authorize(_money, credit_card, _options = {})
       profile_id = credit_card.gateway_customer_profile_id
       if VALID_CCS.include?(credit_card.number) || (profile_id&.starts_with?('BGS-'))
-        ActiveMerchant::Billing::Response.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: '12345', avs_result: { code: 'D' })
+        Spree::PaymentResponse.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: '12345', avs_result: { code: 'D' })
       else
-        ActiveMerchant::Billing::Response.new(false, 'Bogus Gateway: Forced failure', { message: 'Bogus Gateway: Forced failure' }, test: true)
+        Spree::PaymentResponse.new(false, 'Bogus Gateway: Forced failure', { message: 'Bogus Gateway: Forced failure' }, test: true)
       end
     end
 
     def purchase(_money, credit_card, _options = {})
       profile_id = credit_card.gateway_customer_profile_id
       if VALID_CCS.include?(credit_card.number) || (profile_id&.starts_with?('BGS-'))
-        ActiveMerchant::Billing::Response.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: '12345', avs_result: { code: 'M' })
+        Spree::PaymentResponse.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: '12345', avs_result: { code: 'M' })
       else
-        ActiveMerchant::Billing::Response.new(false, 'Bogus Gateway: Forced failure', message: 'Bogus Gateway: Forced failure', test: true)
+        Spree::PaymentResponse.new(false, 'Bogus Gateway: Forced failure', message: 'Bogus Gateway: Forced failure', test: true)
       end
     end
 
     def credit(_money, _credit_card, _response_code, _options = {})
-      ActiveMerchant::Billing::Response.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: '12345')
+      Spree::PaymentResponse.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: '12345')
     end
 
     def capture(_money, authorization, _gateway_options)
       if authorization == '12345'
-        ActiveMerchant::Billing::Response.new(true, 'Bogus Gateway: Forced success', {}, test: true)
+        Spree::PaymentResponse.new(true, 'Bogus Gateway: Forced success', {}, test: true)
       else
-        ActiveMerchant::Billing::Response.new(false, 'Bogus Gateway: Forced failure', error: 'Bogus Gateway: Forced failure', test: true)
+        Spree::PaymentResponse.new(false, 'Bogus Gateway: Forced failure', error: 'Bogus Gateway: Forced failure', test: true)
       end
     end
 
     def void(_response_code, _credit_card, _options = {})
-      ActiveMerchant::Billing::Response.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: 'void-12345')
+      Spree::PaymentResponse.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: 'void-12345')
     end
 
     def cancel(_response_code, _payment = nil)
-      ActiveMerchant::Billing::Response.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: '12345')
+      Spree::PaymentResponse.new(true, 'Bogus Gateway: Forced success', {}, test: true, authorization: '12345')
     end
 
     def test?

data/app/models/spree/gateway.rb

@@ -20,9 +20,6 @@ module Spree
     def provider
       gateway_options = options
       gateway_options.delete :login if gateway_options.key?(:login) && gateway_options[:login].nil?
-      if gateway_options[:server]
-        ActiveMerchant::Billing::Base.mode = gateway_options[:server].to_sym
-      end
       @provider ||= provider_class.new(gateway_options)
     end
 

data/app/models/spree/gift_card_batch.rb

@@ -32,6 +32,10 @@ module Spree
 
     money_methods :amount
 
+    def amount=(amount)
+      self[:amount] = Spree::LocalizedNumber.parse(amount)
+    end
+
     self.whitelisted_ransackable_attributes = %w[prefix]
 
     def generate_gift_cards

data/app/models/spree/image/configuration/active_storage.rb

@@ -5,8 +5,6 @@ module Spree
         extend ActiveSupport::Concern
 
         included do
-          validates :attachment, attached: true, content_type: Rails.application.config.active_storage.web_image_content_types
-
           # Returns image styles derived from Spree::Config.product_image_variant_sizes
           # Format: { variant_name: 'WxH>' } for API compatibility
           def self.styles

data/app/models/spree/image.rb

@@ -1,8 +1,10 @@
 module Spree
   class Image < Asset
-    include Spree::Image::Configuration::ActiveStorage
+    include Spree::Image::Configuration::ActiveStorage # legacy to be removed in Spree 6
     include Rails.application.routes.url_helpers
-    include Spree::ImageMethods
+    include Spree::ImageMethods # legacy, will be removed in Spree 6
+
+    validates :attachment, attached: true, content_type: Rails.application.config.active_storage.web_image_content_types
 
     after_commit :touch_product_variants, if: :should_touch_product_variants?, on: :update
     after_commit :update_variant_thumbnail, on: [:create, :destroy]
@@ -19,7 +21,10 @@ module Spree
     # The line below prevents the error.
     self.inheritance_column = nil
 
+    # @deprecated
     def styles
+      Spree::Deprecation.warn("Image#styles is deprecated and will be removed in Spree 6.0. Please use active storage variants with cdn_image_url")
+
       self.class.styles.map do |_, size|
         width, height = size.chop.split('x').map(&:to_i)
 
@@ -32,35 +37,6 @@ module Spree
       end
     end
 
-    def style(name)
-      size = self.class.styles[name]
-      return unless size
-
-      width, height = size.chop.split('x').map(&:to_i)
-
-      {
-        url: generate_url(size: size),
-        size: size,
-        width: width,
-        height: height
-      }
-    end
-
-    def style_dimensions(name)
-      size = self.class.styles[name]
-      width, height = size.chop.split('x').map(&:to_i)
-
-      {
-        width: width,
-        height: height
-      }
-    end
-
-    def plp_url
-      Spree::Deprecation.warn "Image#plp_url is deprecated. Use variant(:large) instead."
-      generate_url(size: self.class.styles[:large])
-    end
-
     private
 
     def touch_product_variants

data/app/models/spree/log_entry.rb

@@ -17,11 +17,14 @@ module Spree
     end
 
     def parsed_details
-      @details ||= if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('3.1.0')
-                     YAML.safe_load(details, permitted_classes: [ActiveMerchant::Billing::Response])
-                   else
-                     YAML.safe_load(details, [ActiveMerchant::Billing::Response])
-                   end
+      @details ||= YAML.safe_load(
+        details,
+        permitted_classes: [
+          Spree::PaymentResponse,
+          ActiveSupport::HashWithIndifferentAccess,
+          (ActiveMerchant::Billing::Response if defined?(ActiveMerchant::Billing::Response))
+        ].compact
+      )
     end
   end
 end

data/app/models/spree/order/checkout.rb

@@ -89,7 +89,6 @@ module Spree
                 end
 
                 after_transition to: :complete, do: :create_user_record
-                after_transition to: :complete, do: :persist_user_credit_card
                 before_transition to: :payment, do: :set_shipments_cost
                 before_transition to: :payment, do: :create_tax_charge!
                 before_transition to: :payment, do: :recalculate_store_credit_payment
@@ -293,23 +292,6 @@ module Spree
             Spree::Orders::CreateUserAccount.call(order: self, accepts_email_marketing: accept_marketing?)
           end
 
-          def persist_user_credit_card
-            return unless !temporary_credit_card && user_id && valid_credit_cards.present?
-
-            valid_credit_cards.first.update(user_id: user_id, default: true)
-          end
-
-          def assign_default_credit_card
-            return unless payments.from_credit_card.size.empty? && user_has_valid_default_card? && payment_required?
-
-            cc = user.default_credit_card
-            payments.create!(payment_method_id: cc.payment_method_id, source: cc, amount: total)
-          end
-
-          def user_has_valid_default_card?
-            user && user.default_credit_card.try(:valid?)
-          end
-
           def move_to_next_step_if_address_not_required
             return if requires_ship_address?
 

data/app/models/spree/order.rb

@@ -92,7 +92,7 @@ module Spree
     self.whitelisted_ransackable_scopes = %w[refunded partially_refunded multi_search]
 
     attr_reader :coupon_code
-    attr_accessor :temporary_address, :temporary_credit_card
+    attr_accessor :temporary_address
 
     attribute :state_machine_resumed, :boolean
 
@@ -159,6 +159,7 @@ module Spree
     # Needs to happen before save_permalink is called
     before_validation :ensure_store_presence
     before_validation :ensure_currency_presence
+    before_validation :ensure_locale_presence
 
     before_validation :clone_billing_address, if: :use_billing?
     before_validation :clone_shipping_address, if: :use_shipping?
@@ -174,6 +175,7 @@ module Spree
       validates :item_count, numericality: { greater_than_or_equal_to: 0, less_than: 2**31, only_integer: true, allow_blank: true }
       validates :store
       validates :currency
+      validates :locale
     end
     validates :payment_state,        inclusion:    { in: PAYMENT_STATES, allow_blank: true }
     validates :shipment_state,       inclusion:    { in: SHIPMENT_STATES, allow_blank: true }
@@ -186,6 +188,7 @@ module Spree
     validates :promo_total,          NEGATIVE_MONEY_VALIDATION
     validates :total,                MONEY_VALIDATION
     validate :currency_must_be_supported_by_store
+    validate :locale_must_be_supported_by_store
 
     delegate :update_totals, :persist_totals, to: :updater
     delegate :merge!, to: :merger
@@ -529,16 +532,6 @@ module Spree
       complete? || canceled? || returned?
     end
 
-    def credit_cards
-      credit_card_ids = payments.from_credit_card.pluck(:source_id).uniq
-      CreditCard.where(id: credit_card_ids)
-    end
-
-    def valid_credit_cards
-      credit_card_ids = payments.from_credit_card.valid.pluck(:source_id).uniq
-      CreditCard.where(id: credit_card_ids)
-    end
-
     # Finalizes an in progress order after checkout is complete.
     # Called after transition to complete state when payments will have been processed
     def finalize!
@@ -997,6 +990,12 @@ module Spree
       self.currency ||= store&.default_currency
     end
 
+    # Sets the locale from Spree::Current.locale when not already set.
+    # Called as a before_validation callback, mirroring ensure_currency_presence.
+    def ensure_locale_presence
+      self.locale ||= Spree::Current.locale
+    end
+
     def currency_must_be_supported_by_store
       return if currency.blank? || store.blank?
 
@@ -1006,6 +1005,16 @@ module Spree
       end
     end
 
+    # Validates that the order's locale is within the store's supported locales.
+    # Mirrors currency_must_be_supported_by_store.
+    def locale_must_be_supported_by_store
+      return if locale.blank? || store.blank?
+
+      unless store.supported_locales_list.include?(locale)
+        errors.add(:locale, Spree.t(:locale_not_supported_by_store))
+      end
+    end
+
     def collect_payment_methods
       Spree::Deprecation.warn('`Order#collect_payment_methods` is deprecated and will be removed in Spree 5.5. Use `collect_frontend_payment_methods` instead.')
 

data/app/models/spree/payment/gateway_options.rb

@@ -51,11 +51,11 @@ module Spree
       end
 
       def billing_address
-        order.bill_address.try(:active_merchant_hash)
+        order.bill_address.try(:gateway_hash)
       end
 
       def shipping_address
-        order.ship_address.try(:active_merchant_hash)
+        order.ship_address.try(:gateway_hash)
       end
 
       def hash_methods

data/app/models/spree/payment/processing.rb

@@ -48,7 +48,7 @@ module Spree
         amount ||= money.amount_in_cents
         started_processing!
         protect_from_connection_error do
-          # Standard ActiveMerchant capture usage
+          # Capture the payment amount
           response = payment_method.capture(
             amount,
             response_code,
@@ -71,7 +71,7 @@ module Spree
             # so supply the authorization itself as well as the credit card, rather than just the authorization code
             response = payment_method.void(response_code, source, gateway_options)
           else
-            # Standard ActiveMerchant void usage
+            # Standard void usage
             response = payment_method.void(response_code, gateway_options)
           end
           record_response(response)
@@ -165,15 +165,15 @@ module Spree
 
       def protect_from_connection_error
         yield
-      rescue ActiveMerchant::ConnectionError => e
+      rescue Spree::PaymentConnectionError => e
         failure!
         gateway_error(e)
       end
 
       def gateway_error(error)
-        text = if error.is_a? ActiveMerchant::Billing::Response
+        text = if error.is_a? Spree::PaymentResponse
                  error.params['message'] || error.params['response_reason_text'] || error.message
-               elsif error.is_a? ActiveMerchant::ConnectionError
+               elsif error.is_a? Spree::PaymentConnectionError
                  Spree.t(:unable_to_connect_to_gateway)
                else
                  error.to_s

data/app/models/spree/payment.rb

@@ -348,7 +348,7 @@ module Spree
       return if source.respond_to?(:imported) && source.imported
 
       payment_method.create_profile(self)
-    rescue ActiveMerchant::ConnectionError => e
+    rescue Spree::PaymentConnectionError => e
       gateway_error e
     end
 

data/app/models/spree/payment_connection_error.rb

@@ -0,0 +1,3 @@
+module Spree
+  class PaymentConnectionError < StandardError; end
+end

data/app/models/spree/payment_method/check.rb

@@ -37,7 +37,7 @@ module Spree
     private
 
     def simulated_successful_billing_response
-      ActiveMerchant::Billing::Response.new(true, '', {}, {})
+      Spree::PaymentResponse.new(true, '', {}, {})
     end
   end
 end

data/app/models/spree/payment_method/store_credit.rb

@@ -22,7 +22,7 @@ module Spree
 
     def authorize(amount_in_cents, store_credit, gateway_options = {})
       if store_credit.nil?
-        ActiveMerchant::Billing::Response.new(false, Spree.t('store_credit_payment_method.unable_to_find'), {}, {})
+        Spree::PaymentResponse.new(false, Spree.t('store_credit_payment_method.unable_to_find'), {}, {})
       else
         action = lambda do |store_credit|
           store_credit.authorize(
@@ -58,7 +58,7 @@ module Spree
       end
 
       if event.blank?
-        ActiveMerchant::Billing::Response.new(false, Spree.t('store_credit_payment_method.unable_to_find'), {}, {})
+        Spree::PaymentResponse.new(false, Spree.t('store_credit_payment_method.unable_to_find'), {}, {})
       else
         capture(amount_in_cents, event.authorization_code, gateway_options)
       end
@@ -111,14 +111,14 @@ module Spree
       store_credit.with_lock do
         if response = action.call(store_credit)
           # note that we only need to return the auth code on an 'auth', but it's innocuous to always return
-          ActiveMerchant::Billing::Response.new(
+          Spree::PaymentResponse.new(
             true,
             Spree.t('store_credit_payment_method.successful_action', action: action_name),
             {},
             authorization: auth_code || response
           )
         else
-          ActiveMerchant::Billing::Response.new(false, store_credit.errors.full_messages.to_sentence, {}, {})
+          Spree::PaymentResponse.new(false, store_credit.errors.full_messages.to_sentence, {}, {})
         end
       end
     end
@@ -128,7 +128,7 @@ module Spree
       store_credit = StoreCreditEvent.find_by(authorization_code: auth_code).try(:store_credit)
 
       if store_credit.nil?
-        ActiveMerchant::Billing::Response.new(
+        Spree::PaymentResponse.new(
           false,
           Spree.t('store_credit_payment_method.unable_to_find_for_action', auth_code: auth_code, action: action_name),
           {},

data/app/models/spree/payment_response.rb

@@ -0,0 +1,70 @@
+module Spree
+  # Lightweight value object representing a payment gateway response.
+  #
+  # This is Spree's native replacement for +ActiveMerchant::Billing::Response+.
+  # It carries the same interface so existing payment method implementations
+  # (Bogus, Check, StoreCredit, and third-party gateways) can return it without
+  # any callers needing to change.
+  #
+  # @example Successful authorization
+  #   Spree::PaymentResponse.new(true, 'Transaction approved', {},
+  #     authorization: 'ch_abc123',
+  #     avs_result:    { code: 'D' },
+  #     cvv_result:    { code: 'M', message: 'Match' },
+  #     test:          true)
+  #
+  # @example Failed charge
+  #   Spree::PaymentResponse.new(false, 'Card declined', { message: 'Insufficient funds' })
+  #
+  class PaymentResponse
+    # @return [HashWithIndifferentAccess] raw gateway params
+    attr_reader :params
+
+    # @return [String] human-readable result message
+    attr_reader :message
+
+    # @return [Boolean] whether the response came from a test/sandbox environment
+    attr_reader :test
+
+    # @return [String, nil] gateway authorization / transaction reference
+    attr_reader :authorization
+
+    # @return [Hash] AVS (Address Verification System) result with +"code"+ key
+    attr_reader :avs_result
+
+    # @return [Hash] CVV result with +"code"+ and +"message"+ keys
+    attr_reader :cvv_result
+
+    # @param success [Boolean] whether the gateway action succeeded
+    # @param message [String]  human-readable result message
+    # @param params  [Hash]    raw key/value pairs returned by the gateway
+    # @param options [Hash]    additional metadata
+    # @option options [String]  :authorization  gateway transaction reference
+    # @option options [Hash]    :avs_result     must contain +:code+
+    # @option options [Hash]    :cvv_result     may contain +:code+ and +:message+
+    # @option options [Boolean] :test           sandbox/test flag
+    def initialize(success, message, params = {}, options = {})
+      @success = success
+      @message = message
+      @params = params.with_indifferent_access
+      @test = options[:test] || false
+      @authorization = options[:authorization]
+      @avs_result = options[:avs_result] ? { 'code' => options[:avs_result][:code] } : { 'code' => nil }
+      @cvv_result = if options[:cvv_result]
+                      { 'code' => options[:cvv_result][:code], 'message' => options[:cvv_result][:message] }
+                    else
+                      { 'code' => nil, 'message' => nil }
+                    end
+    end
+
+    # @return [Boolean] whether the gateway action succeeded
+    def success?
+      @success
+    end
+
+    # @return [Boolean] whether the response came from a test/sandbox environment
+    def test?
+      @test
+    end
+  end
+end

data/app/models/spree/permission_sets/default_customer.rb

@@ -15,8 +15,6 @@ module Spree
         can :read, Spree::OptionType
         can :read, Spree::OptionValue
         can :read, Spree::Product
-        can :read, Spree::ProductProperty
-        can :read, Spree::Property
         can :read, Spree::State
         can :read, Spree::Store
         can :read, Spree::Taxon
@@ -26,9 +24,6 @@ module Spree
 
         # Content pages
         can :read, Spree::Policy
-        can :read, Spree::Page if defined?(Spree::Page)
-        can :read, Spree::Post if defined?(Spree::Post)
-        can :read, Spree::PostCategory if defined?(Spree::PostCategory)
 
         # Order management for the user's own orders
         can :create, Spree::Order

data/app/models/spree/permission_sets/product_display.rb

@@ -14,8 +14,6 @@ module Spree
         can [:read, :admin], Spree::Variant
         can [:read, :admin], Spree::OptionType
         can [:read, :admin], Spree::OptionValue
-        can [:read, :admin], Spree::Property
-        can [:read, :admin], Spree::ProductProperty
         can [:read, :admin], Spree::Metafield
         can [:read, :admin], Spree::Taxon
         can [:read, :admin], Spree::Taxonomy

data/app/models/spree/permission_sets/product_management.rb

@@ -14,8 +14,6 @@ module Spree
         can :manage, Spree::Variant
         can :manage, Spree::OptionType
         can :manage, Spree::OptionValue
-        can :manage, Spree::Property
-        can :manage, Spree::ProductProperty
         can :manage, Spree::Taxon
         can :manage, Spree::Taxonomy
         can :manage, Spree::Classification