spree_frontend 3.2.9 → 3.3.0.rc1

data/spec/controllers/spree/orders_controller_ability_spec.rb

@@ -0,0 +1,96 @@
+require 'spec_helper'
+
+module Spree
+  describe OrdersController, type: :controller do
+    let(:user) { create(:user) }
+    let(:guest_user) { create(:user) }
+    let(:order) { Spree::Order.create }
+
+    context 'when an order exists in the cookies.signed' do
+      let(:token) { 'some_token' }
+      let(:specified_order) { create(:order) }
+
+      before do
+        cookies.signed[:guest_token] = token
+        allow(controller).to receive_messages current_order: order
+        allow(controller).to receive_messages spree_current_user: user
+      end
+
+      context '#populate' do
+        it 'should check if user is authorized for :edit' do
+          expect(controller).to receive(:authorize!).with(:edit, order, token)
+          spree_post :populate
+        end
+        it "should check against the specified order" do
+          expect(controller).to receive(:authorize!).with(:edit, specified_order, token)
+          spree_post :populate, id: specified_order.number
+        end
+      end
+
+      context '#edit' do
+        it 'should check if user is authorized for :edit' do
+          expect(controller).to receive(:authorize!).with(:edit, order, token)
+          spree_get :edit
+        end
+        it "should check against the specified order" do
+          expect(controller).to receive(:authorize!).with(:edit, specified_order, token)
+          spree_get :edit, id: specified_order.number
+        end
+      end
+
+      context '#update' do
+        it 'should check if user is authorized for :edit' do
+          allow(order).to receive :update_attributes
+          expect(controller).to receive(:authorize!).with(:edit, order, token)
+          spree_post :update, order: { email: "foo@bar.com" }
+        end
+        it "should check against the specified order" do
+          allow(order).to receive :update_attributes
+          expect(controller).to receive(:authorize!).with(:edit, specified_order, token)
+          spree_post :update, order: { email: "foo@bar.com" }, id: specified_order.number
+        end
+      end
+
+      context '#empty' do
+        it 'should check if user is authorized for :edit' do
+          expect(controller).to receive(:authorize!).with(:edit, order, token)
+          spree_post :empty
+        end
+        it "should check against the specified order" do
+          expect(controller).to receive(:authorize!).with(:edit, specified_order, token)
+          spree_post :empty, id: specified_order.number
+        end
+      end
+
+      context "#show" do
+        it "should check against the specified order" do
+          expect(controller).to receive(:authorize!).with(:edit, specified_order, token)
+          spree_get :show, id: specified_order.number
+        end
+      end
+    end
+
+    context 'when no authenticated user' do
+      let(:order) { create(:order, number: 'R123') }
+
+      context '#show' do
+        context 'when guest_token correct' do
+          before { cookies.signed[:guest_token] = order.guest_token }
+
+          it 'displays the page' do
+            expect(controller).to receive(:authorize!).with(:edit, order, order.guest_token)
+            spree_get :show, { id: 'R123' }
+            expect(response.code).to eq('200')
+          end
+        end
+
+        context 'when guest_token not present' do
+          it 'should respond with 404' do
+            spree_get :show, { id: 'R123'}
+            expect(response.code).to eq('404')
+          end
+        end
+      end
+    end
+  end
+end

data/spec/controllers/spree/orders_controller_spec.rb

@@ -0,0 +1,134 @@
+require 'spec_helper'
+
+describe Spree::OrdersController, type: :controller do
+  let(:user) { create(:user) }
+
+  context "Order model mock" do
+    let(:order) do
+      Spree::Order.create!
+    end
+    let(:variant) { create(:variant) }
+
+    before do
+      allow(controller).to receive_messages(try_spree_current_user: user)
+    end
+
+    context "#populate" do
+      it "should create a new order when none specified" do
+        spree_post :populate, {}, {}
+        expect(cookies.signed[:guest_token]).not_to be_blank
+        expect(Spree::Order.find_by_guest_token(cookies.signed[:guest_token])).to be_persisted
+      end
+
+      context "with Variant" do
+        it "should handle population" do
+          expect do
+            spree_post :populate, variant_id: variant.id, quantity: 5
+          end.to change { user.orders.count }.by(1)
+          order = user.orders.last
+          expect(response).to redirect_to spree.cart_path
+          expect(order.line_items.size).to eq(1)
+          line_item = order.line_items.first
+          expect(line_item.variant_id).to eq(variant.id)
+          expect(line_item.quantity).to eq(5)
+        end
+
+        it "shows an error when population fails" do
+          request.env["HTTP_REFERER"] = '/dummy_redirect'
+          allow_any_instance_of(Spree::LineItem).to(
+            receive(:valid?).and_return(false)
+          )
+          allow_any_instance_of(Spree::LineItem).to(
+            receive_message_chain(:errors, :full_messages).
+              and_return(["Order population failed"])
+          )
+
+          spree_post :populate, variant_id: variant.id, quantity: 5
+
+          expect(response).to redirect_to('/dummy_redirect')
+          expect(flash[:error]).to eq("Order population failed")
+        end
+
+        it "shows an error when quantity is invalid" do
+          request.env["HTTP_REFERER"] = '/dummy_redirect'
+
+          spree_post(
+            :populate,
+            variant_id: variant.id, quantity: -1
+          )
+
+          expect(response).to redirect_to('/dummy_redirect')
+          expect(flash[:error]).to eq(
+            Spree.t(:please_enter_reasonable_quantity)
+          )
+        end
+      end
+    end
+
+    context "#update" do
+      context "with authorization" do
+        before do
+          allow(controller).to receive :check_authorization
+          allow(controller).to receive_messages current_order: order
+        end
+
+        it "should render the edit view (on failure)" do
+          # email validation is only after address state
+          order.update_column(:state, "delivery")
+          spree_put :update, { order: { email: "" } }, { order_id: order.id }
+          expect(response).to render_template :edit
+        end
+
+        it "should redirect to cart path (on success)" do
+          allow(order).to receive(:update_attributes).and_return true
+          spree_put :update, {}, {order_id: 1}
+          expect(response).to redirect_to(spree.cart_path)
+        end
+      end
+    end
+
+    context "#empty" do
+      before do
+        allow(controller).to receive :check_authorization
+      end
+
+      it "should destroy line items in the current order" do
+        allow(controller).to receive(:current_order).and_return(order)
+        expect(order).to receive(:empty!)
+        spree_put :empty
+        expect(response).to redirect_to(spree.cart_path)
+      end
+    end
+
+    # Regression test for #2750
+    context "#update" do
+      before do
+        allow(user).to receive :last_incomplete_spree_order
+        allow(controller).to receive :set_current_order
+      end
+
+      it "cannot update a blank order" do
+        spree_put :update, order: { email: "foo" }
+        expect(flash[:error]).to eq(Spree.t(:order_not_found))
+        expect(response).to redirect_to(spree.root_path)
+      end
+    end
+  end
+
+  context "line items quantity is 0" do
+    let(:order) { Spree::Order.create }
+    let(:variant) { create(:variant) }
+    let!(:line_item) { order.contents.add(variant, 1) }
+
+    before do
+      allow(controller).to receive(:check_authorization)
+      allow(controller).to receive_messages(current_order: order)
+    end
+
+    it "removes line items on update" do
+      expect(order.line_items.count).to eq 1
+      spree_put :update, order: { line_items_attributes: { "0" => { id: line_item.id, quantity: 0 } } }
+      expect(order.reload.line_items.count).to eq 0
+    end
+  end
+end

data/spec/controllers/spree/orders_controller_transitions_spec.rb

@@ -0,0 +1,31 @@
+require 'spec_helper'
+
+Spree::Order.class_eval do
+  attr_accessor :did_transition
+end
+
+module Spree
+  describe OrdersController, type: :controller do
+    # Regression test for #2004
+    context "with a transition callback on first state" do
+      let(:order) { Spree::Order.new }
+
+      before do
+        allow(controller).to receive_messages current_order: order
+        expect(controller).to receive(:authorize!).at_least(:once).and_return(true)
+
+        first_state, _ = Spree::Order.checkout_steps.first
+        Spree::Order.state_machine.after_transition to: first_state do |order|
+          order.did_transition = true
+        end
+      end
+
+      it "correctly calls the transition callback" do
+        expect(order.did_transition).to be_nil
+        order.line_items << FactoryGirl.create(:line_item)
+        spree_put :update, { checkout: "checkout" }, { order_id: 1}
+        expect(order.did_transition).to be true
+      end
+    end
+  end
+end

data/spec/controllers/spree/products_controller_spec.rb

@@ -0,0 +1,87 @@
+require 'spec_helper'
+
+describe Spree::ProductsController, type: :controller do
+  let!(:product) { create(:product, available_on: 1.year.from_now) }
+  let(:taxon) { create(:taxon) }
+
+  # Regression test for #1390
+  it "allows admins to view non-active products" do
+    allow(controller).to receive_messages spree_current_user: mock_model(Spree.user_class, has_spree_role?: true, last_incomplete_spree_order: nil, spree_api_key: 'fake')
+    spree_get :show, id: product.to_param
+    expect(response.status).to eq(200)
+  end
+
+  it "cannot view non-active products" do
+    spree_get :show, id: product.to_param
+    expect(response.status).to eq(404)
+  end
+
+  it "should provide the current user to the searcher class" do
+    user = mock_model(Spree.user_class, last_incomplete_spree_order: nil, spree_api_key: 'fake')
+    allow(controller).to receive_messages spree_current_user: user
+    expect_any_instance_of(Spree::Config.searcher_class).to receive(:current_user=).with(user)
+    spree_get :index
+    expect(response.status).to eq(200)
+  end
+
+  # Regression test for #2249
+  it "doesn't error when given an invalid referer" do
+    current_user = mock_model(Spree.user_class, has_spree_role?: true, last_incomplete_spree_order: nil, generate_spree_api_key!: nil)
+    allow(controller).to receive_messages spree_current_user: current_user
+    request.env['HTTP_REFERER'] = "not|a$url"
+
+    # Previously a URI::InvalidURIError exception was being thrown
+    expect { spree_get :show, id: product.to_param }.not_to raise_error
+  end
+
+  context 'with history slugs present' do
+    let!(:product) { create(:product, available_on: 1.day.ago) }
+
+    it 'will redirect with a 301 with legacy url used' do
+      legacy_params = product.to_param
+      product.name = product.name + " Brand New"
+      product.slug = nil
+      product.save!
+      spree_get :show, id: legacy_params
+      expect(response.status).to eq(301)
+    end
+
+    it 'will redirect with a 301 with id used' do
+      product.name = product.name + " Brand New"
+      product.slug = nil
+      product.save!
+      spree_get :show, id: product.id
+      expect(response.status).to eq(301)
+    end
+
+    it "will keep url params on legacy url redirect" do
+      legacy_params = product.to_param
+      product.name = product.name + " Brand New"
+      product.slug = nil
+      product.save!
+      spree_get :show, id: legacy_params, taxon_id: taxon.id
+      expect(response.status).to eq(301)
+      expect(response.header["Location"]).to include("taxon_id=#{taxon.id}")
+    end
+  end
+
+  context "index products" do
+    it "calls includes when the retrieved_products object responds to it" do
+      searcher = double("Searcher")
+      allow(controller).to receive_messages build_searcher: searcher
+      expect(searcher).to receive_message_chain("retrieve_products.includes")
+
+      spree_get :index
+    end
+
+    it "does not call includes when it's not available" do
+      searcher = double("Searcher")
+      allow(controller).to receive_messages build_searcher: searcher
+      allow(searcher).to receive(:retrieve_products).and_return([])
+
+      spree_get :index
+
+      expect(assigns(:products)).to eq([])
+    end
+  end
+end

data/spec/controllers/spree/taxons_controller_spec.rb

@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+describe Spree::TaxonsController, type: :controller do
+  it "should provide the current user to the searcher class" do
+    taxon = create(:taxon, permalink: "test")
+    user = mock_model(Spree.user_class, last_incomplete_spree_order: nil, spree_api_key: 'fake')
+    allow(controller).to receive_messages spree_current_user: user
+    expect_any_instance_of(Spree::Config.searcher_class).to receive(:current_user=).with(user)
+    spree_get :show, id: taxon.permalink
+    expect(response.status).to eq(200)
+  end
+end

data/spec/features/address_spec.rb

@@ -0,0 +1,93 @@
+require 'spec_helper'
+
+describe "Address", type: :feature, inaccessible: true do
+  let!(:product) { create(:product, name: "RoR Mug") }
+  let!(:order) { create(:order_with_totals, state: 'cart') }
+
+  stub_authorization!
+
+  after do
+    Capybara.ignore_hidden_elements = true
+  end
+
+  before do
+    Capybara.ignore_hidden_elements = false
+
+    visit spree.root_path
+
+    click_link "RoR Mug"
+    click_button "add-to-cart-button"
+
+    address = "order_bill_address_attributes"
+    @country_css = "#{address}_country_id"
+    @state_select_css = "##{address}_state_id"
+    @state_name_css = "##{address}_state_name"
+  end
+
+  context "country requires state", js: true, focus: true do
+    let!(:canada) { create(:country, name: "Canada", states_required: true, iso: "CA") }
+    let!(:uk) { create(:country, name: "United Kingdom", states_required: true, iso: "UK") }
+
+    before { Spree::Config[:default_country_id] = uk.id }
+
+    context "but has no state" do
+      it "shows the state input field" do
+        click_button "Checkout"
+
+        select canada.name, from: @country_css
+        expect(page).to have_selector(@state_select_css, visible: false)
+        expect(page).to have_selector(@state_name_css, visible: true)
+        expect(find(@state_name_css)['class']).not_to match(/hidden/)
+        expect(find(@state_name_css)['class']).to match(/required/)
+        expect(find(@state_select_css)['class']).not_to match(/required/)
+        expect(page).not_to have_selector("input#{@state_name_css}[disabled]")
+      end
+    end
+
+    context "and has state" do
+      before { create(:state, name: "Ontario", country: canada) }
+
+      it "shows the state collection selection" do
+        click_button "Checkout"
+
+        select canada.name, from: @country_css
+        expect(page).to have_selector(@state_select_css, visible: true)
+        expect(page).to have_selector(@state_name_css, visible: false)
+        expect(find(@state_select_css)['class']).to match(/required/)
+        expect(find(@state_select_css)['class']).not_to match(/hidden/)
+        expect(find(@state_name_css)['class']).not_to match(/required/)
+      end
+    end
+
+    context "user changes to country without states required" do
+      let!(:france) { create(:country, name: "France", states_required: false, iso: "FRA") }
+
+      it "clears the state name" do
+        skip "This is failing on the CI server, but not when you run the tests manually... It also does not fail locally on a machine."
+        click_button "Checkout"
+        select canada.name, from: @country_css
+        page.find(@state_name_css).set("Toscana")
+
+        select france.name, from: @country_css
+        expect(page.find(@state_name_css)).to have_content('')
+        until page.evaluate_script("$.active").to_i == 0
+          expect(find(@state_name_css)['class']).not_to match(/hidden/)
+          expect(find(@state_name_css)['class']).not_to match(/required/)
+          expect(find(@state_select_css)['class']).not_to match(/required/)
+        end
+      end
+    end
+  end
+
+  context "country does not require state", js: true do
+    let!(:france) { create(:country, name: "France", states_required: false, iso: "FRA") }
+
+    it "shows a disabled state input field" do
+       click_button "Checkout"
+
+       select france.name, from: @country_css
+       expect(page).to have_selector(@state_select_css, visible: false)
+       expect(page).to have_selector(@state_name_css, visible: false)
+    end
+  end
+end

data/spec/features/automatic_promotion_adjustments_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe "Automatic promotions", type: :feature, js: true do
+  let!(:country) { create(:country, name: "United States of America", states_required: true) }
+  let!(:state) { create(:state, name: "Alabama", country: country) }
+  let!(:zone) { create(:zone) }
+  let!(:shipping_method) { create(:shipping_method) }
+  let!(:payment_method) { create(:check_payment_method) }
+  let!(:product) { create(:product, name: "RoR Mug", price: 20) }
+
+  let!(:promotion) do
+    promotion = Spree::Promotion.create!(name: "$10 off when you spend more than $100")
+
+   calculator = Spree::Calculator::FlatRate.new
+   calculator.preferred_amount = 10
+
+   rule = Spree::Promotion::Rules::ItemTotal.create
+   rule.preferred_amount_min = 100
+   rule.save
+
+   promotion.rules << rule
+
+   action = Spree::Promotion::Actions::CreateAdjustment.create
+   action.calculator = calculator
+   action.save
+
+   promotion.actions << action
+  end
+
+  context "on the cart page" do
+
+    before do
+      visit spree.root_path
+      click_link product.name
+      click_button "add-to-cart-button"
+    end
+
+    it "automatically applies the promotion once the order crosses the threshold" do
+      fill_in "order_line_items_attributes_0_quantity", with: 10
+      click_button "Update"
+      expect(page).to have_content("Promotion ($10 off when you spend more than $100) -$10.00")
+      fill_in "order_line_items_attributes_0_quantity", with: 1
+      click_button "Update"
+      expect(page).not_to have_content("Promotion ($10 off when you spend more than $100) -$10.00")
+    end
+  end
+end

data/spec/features/caching/products_spec.rb

@@ -0,0 +1,59 @@
+require 'spec_helper'
+
+describe 'products', type: :feature, caching: true do
+  let!(:product) { create(:product) }
+  let!(:product2) { create(:product) }
+  let!(:taxonomy) { create(:taxonomy) }
+  let!(:taxon) { create(:taxon, taxonomy: taxonomy) }
+
+  before { Timecop.scale(1000) }
+
+  after { Timecop.return }
+
+  before do
+    product2.update_column(:updated_at, 1.day.ago)
+    # warm up the cache
+    visit spree.root_path
+    assert_written_to_cache("views/en/USD/spree/products/all--#{product.updated_at.utc.to_s(:number)}")
+    assert_written_to_cache("views/en/USD/spree/products/#{product.id}-#{product.updated_at.utc.to_s(:number)}")
+    assert_written_to_cache("views/en/spree/taxonomies/#{taxonomy.id}")
+    assert_written_to_cache("views/en/taxons/#{taxon.updated_at.utc.to_i}")
+
+    clear_cache_events
+  end
+
+  it "reads from cache upon a second viewing" do
+    visit spree.root_path
+    expect(cache_writes.count).to eq(0)
+  end
+
+  it "busts the cache when a product is updated" do
+    product.update_column(:updated_at, 1.day.from_now)
+    visit spree.root_path
+    assert_written_to_cache("views/en/USD/spree/products/all--#{product.updated_at.utc.to_s(:number)}")
+    assert_written_to_cache("views/en/USD/spree/products/#{product.id}-#{product.updated_at.utc.to_s(:number)}")
+    expect(cache_writes.count).to eq(2)
+  end
+
+  it "busts the cache when all products are deleted" do
+    product.destroy
+    product2.destroy
+    visit spree.root_path
+    assert_written_to_cache("views/en/USD/spree/products/all--#{Date.today.to_s(:number)}-0")
+    expect(cache_writes.count).to eq(1)
+  end
+
+  it "busts the cache when the newest product is deleted" do
+    product.destroy
+    visit spree.root_path
+    assert_written_to_cache("views/en/USD/spree/products/all--#{product2.updated_at.utc.to_s(:number)}")
+    expect(cache_writes.count).to eq(1)
+  end
+
+  it "busts the cache when an older product is deleted" do
+    product2.destroy
+    visit spree.root_path
+    assert_written_to_cache("views/en/USD/spree/products/all--#{product.updated_at.utc.to_s(:number)}")
+    expect(cache_writes.count).to eq(1)
+  end
+end

data/spec/features/caching/taxons_spec.rb

@@ -0,0 +1,22 @@
+require 'spec_helper'
+
+describe 'taxons', type: :feature, caching: true do
+  let!(:taxonomy) { create(:taxonomy) }
+  let!(:taxon) { create(:taxon, taxonomy: taxonomy) }
+
+  before do
+    # warm up the cache
+    visit spree.root_path
+    assert_written_to_cache("views/en/spree/taxonomies/#{taxonomy.id}")
+    assert_written_to_cache("views/en/taxons/#{taxon.updated_at.utc.to_i}")
+
+    clear_cache_events
+  end
+
+  it "busts the cache when max_level_in_taxons_menu conf changes" do
+    Spree::Config[:max_level_in_taxons_menu] = 5
+    visit spree.root_path
+    assert_written_to_cache("views/en/spree/taxonomies/#{taxonomy.id}")
+    expect(cache_writes.count).to eq(1)
+  end
+end