spree_multi_vendor 2.0.2 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f74e64bbf275693c1232604c1e33a99fd6d0ea32ee1ef5ce1f13d6cf9e3e3b47
-  data.tar.gz: 99b385ac825a76281dd754d0b5b0911805614c18a6189713c47373a2d0b9acdd
+  metadata.gz: 3c44adfbeea75e7b5d36a5282b3f73e82a50914e2afdcb3e5d5100f0f1fb7e2f
+  data.tar.gz: e0fc1a00cc1c075944a888257004841199da7a62f85065dc087b0546a9eadf16
 SHA512:
-  metadata.gz: 228371ed8973f3012e6160d7d580f17311c18c9062b82e2c090b6392a608091a5dd5217d48cfb310c2201d8bc2130a5d0c60b11f114b2238da3f8af55390910d
-  data.tar.gz: 0c6dde13714bab1a18c0ad130ed5b5c42ae773c9b53f8a9d3b1058df74b2682e0ccd552df9d3caf0d8eff9307c2d1e0e83055bf190e93a1de23db75c609f0546
+  metadata.gz: 6862e52f1a430fcbe23b6fef685c2c12d30245ce0199d993caae87c7a71dd9278ed73c29d611d325266c9dab107922a5921783f57bf8789c752f81b1f58c78e9
+  data.tar.gz: 310a440feb55b56bc73ec09656f6167a7cbdc2fce296e5793379611ebc066749dc7853721140dc0963498f6dc7eb3116e259f5ca64eeb4c33320158870f3cc02

data/app/controllers/spree/api/v1/vendors_controller.rb

@@ -0,0 +1,61 @@
+module Spree
+  module Api
+    module V1
+      class VendorsController < Spree::Api::BaseController
+        def index
+          @vendors = if params[:ids].present?
+                       scope.where(id: params[:ids].split(','))
+                     else
+                       scope.load.ransack(
+                         params[:q]
+                       ).result
+                     end
+          respond_with(@vendors)
+        end
+
+        def show
+          @vendor = scope.find(params[:id])
+          authorize! :show, @vendor
+          respond_with(@vendor)
+        end
+
+        def create
+          authorize! :create, Spree::Vendor
+          @vendor = Spree::Vendor.new(vendor_params)
+          if @vendor.save
+            render :show, status: 201
+          else
+            invalid_resource!(@vendor)
+          end
+        end
+
+        def update
+          @vendor = scope.find(params[:id])
+          authorize! :update, @vendor
+          if @vendor.update(vendor_params)
+            render :show
+          else
+            invalid_resource!(@vendor)
+          end
+        end
+
+        def destroy
+          @vendor = scope.find(params[:id])
+          authorize! :destroy, @vendor
+          @vendor.destroy
+          render plain: nil, status: 204
+        end
+
+        private
+
+        def scope
+          Spree::Vendor.accessible_by(current_ability)
+        end
+
+        def vendor_params
+          params.require(:vendor).permit(Spree::PermittedAttributes.vendor_attributes)
+        end
+      end
+    end
+  end
+end

data/app/helpers/spree_multi_vendor/spree/api/api_helpers_decorator.rb

@@ -0,0 +1,17 @@
+module SpreeMultiVendor
+  module Spree
+    module Api
+      module ApiHelpersDecorator
+        def self.prepended(base)
+          base::ATTRIBUTES.push(:vendor_attributes)
+
+          base.mattr_reader *base::ATTRIBUTES
+        end
+
+        @@vendor_attributes = [:id, :name, :slug, :state, :about_us, :contact_us]
+      end
+    end
+  end
+end
+
+::Spree::Api::ApiHelpers.prepend(SpreeMultiVendor::Spree::Api::ApiHelpersDecorator)

data/app/models/spree/vendor_ability.rb

@@ -135,7 +135,8 @@ class Spree::VendorAbility
   end
 
   def apply_vendor_permissions
-    can [:admin, :update], Spree::Vendor, id: @vendor_ids
+    can :manage, Spree::Vendor, id: @vendor_ids
+    cannot :create, Spree::Vendor
   end
 
   def apply_vendor_settings_permissions

data/app/models/spree_multi_vendor/configuration.rb

@@ -1,5 +1,5 @@
 module SpreeMultiVendor
-  class Configuration < Spree::Preferences::Configuration
+  class Configuration < ::Spree::Preferences::Configuration
     DEFAULT_VENDORIZED_MODELS ||= %w[product variant stock_location shipping_method].freeze
 
    # Some example preferences are shown below, for more information visit:

data/app/models/spree_multi_vendor/spree/order_decorator.rb

@@ -66,7 +66,7 @@ module SpreeMultiVendor::Spree::OrderDecorator
   end
 
   # money methods
-  METHOD_NAMES = %w[
+  METHOD_NAMES ||= %w[
     total ship_total subtotal included_tax_total additional_tax_total promo_total
     pre_tax_item_amount pre_tax_ship_amount pre_tax_total commission
   ].freeze

data/app/views/spree/api/v1/vendors/index.rabl

@@ -0,0 +1,3 @@
+collection @vendors
+
+extends 'spree/api/v1/vendors/show'

data/app/views/spree/api/v1/vendors/show.rabl

@@ -0,0 +1,2 @@
+object @vendor
+attributes *vendor_attributes

data/config/routes.rb

@@ -15,5 +15,8 @@ Spree::Core::Engine.routes.draw do
         resources :vendors, only: [:show]
       end
     end
+    namespace :v1 do
+      resources :vendors
+    end
   end
 end

data/lib/spree_multi_vendor/factories.rb

@@ -1,4 +1,4 @@
-FactoryGirl.define do
+FactoryBot.define do
   GEM_ROOT = File.dirname(File.dirname(File.dirname(__FILE__)))
 
   Dir[File.join(GEM_ROOT, 'spec', 'factories', '**', '*.rb')].each do |factory|

data/lib/spree_multi_vendor/version.rb

@@ -1,5 +1,5 @@
 module SpreeMultiVendor
-  VERSION = '2.0.2'
+  VERSION = '2.1.0'
 
   module_function
 

data/spec/requests/spree/api/v1/vendors_spec.rb

@@ -0,0 +1,210 @@
+require 'spec_helper'
+
+module Spree
+  describe 'API V1 Vendors Spec', type: :request do
+    let(:params) { {} }
+    let(:selected_vendor) { vendor }
+
+    let!(:vendor) { create(:vendor, state: :active) }
+    let!(:another_vendor) { create(:vendor, state: :active) }
+
+    before { stub_authentication! }
+
+    describe 'vendors#index' do
+      before { get '/api/v1/vendors', params: params }
+
+      context 'as a regular user' do
+        it 'gets an empty list' do
+          expect(response.status).to eq(200)
+          expect(json_response.size).to eq(0)
+        end
+      end
+
+      context 'as an admin' do
+        sign_in_as_admin!
+
+        it 'gets a list of all vendors' do
+          expect(response.status).to eq(200)
+          expect(json_response.size).to eq(2)
+        end
+      end
+
+      context 'as a vendor' do
+        let!(:current_api_user) do
+          user = create(:user, vendors: [vendor])
+          user
+        end
+
+        it 'gets a list of assigned vendors' do
+          expect(response.status).to eq(200)
+          expect(json_response.size).to eq(1)
+          expect(json_response[0]['id']).to eq(vendor.id)
+        end
+      end
+    end
+
+    describe 'vendors#show' do
+      before { get "/api/v1/vendors/#{selected_vendor.id}" }
+
+      context 'as a regular user' do
+        it 'cannot view a vendor' do
+          expect(response.status).to eq(404)
+        end
+      end
+
+      context 'as an admin' do
+        sign_in_as_admin!
+        it 'can view a vendor' do
+          expect(response.status).to eq(200)
+        end
+      end
+
+      context 'as a vendor' do
+        let!(:current_api_user) do
+          user = create(:user, vendors: [vendor])
+          user
+        end
+
+        describe 'can view a assigned vendor' do
+          it do
+            expect(response.status).to eq(200)
+          end
+        end
+
+        describe 'cannot view an another vendor' do
+          let(:selected_vendor) { another_vendor }
+
+          it do
+            expect(response.status).to eq(404)
+          end
+        end
+      end
+    end
+
+    describe 'vendors#create' do
+      let(:params) do
+        {
+          vendor: {
+            name: 'name'
+          }
+        }
+      end
+
+      before { post '/api/v1/vendors', params: params }
+
+      context 'as regular user' do
+        it 'cannot create a new vendor' do
+          expect(response.status).to eq(401)
+        end
+      end
+
+      context 'as an admin' do
+        sign_in_as_admin!
+
+        it 'can create a new vendor' do
+          expect(response.status).to eq(201)
+          expect(json_response['name']).to eq(params[:vendor][:name])
+        end
+      end
+
+      context 'as a vendor' do
+        let!(:current_api_user) do
+          user = create(:user, vendors: [vendor], email: FFaker::Internet.email)
+          user
+        end
+
+        it 'cannot create a new vendor' do
+          expect(response.status).to eq(401)
+        end
+      end
+    end
+
+    describe 'vendors#update' do
+      let(:params) do
+        {
+          vendor: {
+            name: 'updated name'
+          }
+        }
+      end
+
+      before { put "/api/v1/vendors/#{selected_vendor.id}", params: params }
+
+      context 'as regular user' do
+        it 'cannot update vendor' do
+          expect(response.status).to eq(404)
+        end
+      end
+
+      context 'as an admin' do
+        sign_in_as_admin!
+
+        it 'can update vendor' do
+          expect(response.status).to eq(200)
+          expect(json_response['name']).to eq(params[:vendor][:name])
+        end
+      end
+
+      context 'as a vendor' do
+        let!(:current_api_user) do
+          user = create(:user, vendors: [vendor])
+          user
+        end
+
+        describe 'can update as assigned vendor' do
+          it do
+            expect(response.status).to eq(200)
+          end
+        end
+
+        describe 'cannot update an another vendor' do
+          let(:selected_vendor) { another_vendor }
+
+          it do
+            expect(response.status).to eq(404)
+          end
+        end
+      end
+    end
+
+    describe 'vendors#destroy' do
+      before { delete "/api/v1/vendors/#{selected_vendor.id}" }
+
+      context 'as regular user' do
+        it 'cannot delete vendor' do
+          expect(response.status).to eq(404)
+        end
+      end
+
+      context 'as an admin' do
+        sign_in_as_admin!
+
+        it 'can delete vendor' do
+          expect(response.status).to eq(204)
+          expect(vendor.reload.deleted_at).to_not eq(nil)
+        end
+      end
+
+      context 'as a vendor' do
+        let!(:current_api_user) do
+          user = create(:user, vendors: [vendor])
+          user
+        end
+
+        describe 'can delete an assigned vendor' do
+          it do
+            expect(response.status).to eq(204)
+          end
+        end
+
+        describe 'cannot delete an another vendor' do
+          let(:selected_vendor) { another_vendor }
+
+          it do
+            expect(response.status).to eq(404)
+          end
+        end
+      end
+    end
+  end
+end

data/spec/requests/spree/api/v2/storefront/products_spec.rb

@@ -26,6 +26,8 @@ describe 'API V2 Storefront Products Spec', type: :request do
     end
 
     context 'with specified vendor ids' do
+      before { vendor.products << create(:product) }
+      before { vendor_2.products << create(:product) }
       before { get "/api/v2/storefront/products?filter[vendor_ids]=#{vendor.id}&include=vendor" }
 
       it_behaves_like 'returns 200 HTTP status'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spree_multi_vendor
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 2.1.0
 platform: ruby
 authors:
 - Spark Solutions
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-02-10 00:00:00.000000000 Z
+date: 2021-03-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: spree_core
@@ -142,6 +142,7 @@ files:
 - Rakefile
 - app/controllers/spree/admin/vendor_settings_controller.rb
 - app/controllers/spree/admin/vendors_controller.rb
+- app/controllers/spree/api/v1/vendors_controller.rb
 - app/controllers/spree/api/v2/storefront/vendors_controller.rb
 - app/controllers/spree_multi_vendor/spree/admin/base_controller_decorator.rb
 - app/controllers/spree_multi_vendor/spree/admin/products_controller_decorator.rb
@@ -152,6 +153,7 @@ files:
 - app/controllers/spree_multi_vendor/spree/admin/variants_controller_decorator.rb
 - app/finders/spree_multi_vendor/products_finder_decorator.rb
 - app/helpers/spree/admin/vendor_helper.rb
+- app/helpers/spree_multi_vendor/spree/api/api_helpers_decorator.rb
 - app/mailers/spree/vendor_mailer.rb
 - app/models/concerns/spree/vendor_concern.rb
 - app/models/spree/order_commission.rb
@@ -190,6 +192,8 @@ files:
 - app/views/spree/admin/vendors/edit.html.erb
 - app/views/spree/admin/vendors/index.html.erb
 - app/views/spree/admin/vendors/new.html.erb
+- app/views/spree/api/v1/vendors/index.rabl
+- app/views/spree/api/v1/vendors/show.rabl
 - app/views/spree/vendor_mailer/vendor_notification_email.html.erb
 - app/views/spree/vendor_mailer/vendor_notification_email.text.erb
 - bin/rails
@@ -241,6 +245,7 @@ files:
 - spec/models/spree/vendor_order_totals_spec.rb
 - spec/models/spree/vendor_spec.rb
 - spec/models/spree/vendor_user_spec.rb
+- spec/requests/spree/api/v1/vendors_spec.rb
 - spec/requests/spree/api/v2/storefront/cart_spec.rb
 - spec/requests/spree/api/v2/storefront/products_spec.rb
 - spec/requests/spree/api/v2/storefront/vendors_spec.rb
@@ -256,9 +261,9 @@ licenses:
 - BSD-3-Clause
 metadata:
   bug_tracker_uri: https://github.com/spree-contrib/spree_multi_vendor/issues
-  changelog_uri: https://github.com/spree-contrib/spree_multi_vendor/releases/tag/v2.0.2
+  changelog_uri: https://github.com/spree-contrib/spree_multi_vendor/releases/tag/v2.1.0
   documentation_uri: https://guides.spreecommerce.org/
-  source_code_uri: https://github.com/spree-contrib/spree_multi_vendor/tree/v2.0.2
+  source_code_uri: https://github.com/spree-contrib/spree_multi_vendor/tree/v2.1.0
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -275,7 +280,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements:
 - none
-rubygems_version: 3.2.3
+rubygems_version: 3.0.3
 signing_key:
 specification_version: 4
 summary: Spree Commerce multi vendor marketplace extension
@@ -299,6 +304,7 @@ test_files:
 - spec/models/spree/vendor_order_totals_spec.rb
 - spec/models/spree/vendor_spec.rb
 - spec/models/spree/vendor_user_spec.rb
+- spec/requests/spree/api/v1/vendors_spec.rb
 - spec/requests/spree/api/v2/storefront/cart_spec.rb
 - spec/requests/spree/api/v2/storefront/products_spec.rb
 - spec/requests/spree/api/v2/storefront/vendors_spec.rb