th_shopify_api 1.2.6.pre

data/lib/shopify_api/resources/rule.rb

@@ -0,0 +1,4 @@
+module ShopifyAPI
+  class Rule < Base
+  end
+end

data/lib/shopify_api/resources/script_tag.rb

@@ -0,0 +1,4 @@
+module ShopifyAPI
+  class ScriptTag < Base
+  end
+end

data/lib/shopify_api/resources/shipping_address.rb

@@ -0,0 +1,4 @@
+module ShopifyAPI
+  class ShippingAddress < Base
+  end
+end

data/lib/shopify_api/resources/shipping_line.rb

@@ -0,0 +1,4 @@
+module ShopifyAPI
+  class ShippingLine < Base
+  end  
+end

data/lib/shopify_api/resources/shop.rb

@@ -0,0 +1,23 @@
+module ShopifyAPI
+  # Shop object. Use Shop.current to receive 
+  # the shop.
+  class Shop < Base
+    def self.current
+      find(:one, :from => "/admin/shop.#{format.extension}")
+    end
+    
+    def metafields
+      Metafield.find(:all)
+    end
+    
+    def add_metafield(metafield)
+      raise ArgumentError, "You can only add metafields to resource that has been saved" if new?      
+      metafield.save
+      metafield
+    end
+    
+    def events
+      Event.find(:all)
+    end
+  end               
+end

data/lib/shopify_api/resources/smart_collection.rb

@@ -0,0 +1,10 @@
+module ShopifyAPI
+  class SmartCollection < Base
+    include Events
+    include Metafields
+
+    def products
+      Product.find(:all, :params => {:collection_id => self.id})
+    end
+  end
+end

data/lib/shopify_api/resources/tax_line.rb

@@ -0,0 +1,4 @@
+module ShopifyAPI
+  class TaxLine < Base
+  end
+end

data/lib/shopify_api/resources/theme.rb

@@ -0,0 +1,4 @@
+module ShopifyAPI
+  class Theme < Base
+  end
+end

data/lib/shopify_api/resources/transaction.rb

@@ -0,0 +1,5 @@
+module ShopifyAPI
+  class Transaction < Base
+    self.prefix = "/admin/orders/:order_id/"
+  end
+end

data/lib/shopify_api/resources/variant.rb

@@ -0,0 +1,11 @@
+module ShopifyAPI
+  class Variant < Base
+    include Metafields
+
+    self.prefix = "/admin/products/:product_id/"
+    
+    def self.prefix(options={})
+      options[:product_id].nil? ? "/admin/" : "/admin/products/#{options[:product_id]}/"
+    end
+  end
+end

data/lib/shopify_api/resources/webhook.rb

@@ -0,0 +1,4 @@
+module ShopifyAPI
+  class Webhook < Base
+  end
+end

data/lib/shopify_api/session.rb

@@ -0,0 +1,166 @@
+module ShopifyAPI
+  # 
+  #  The Shopify API authenticates each call via HTTP Authentication, using
+  #    * the application's API key as the username, and
+  #    * a hex digest of the application's shared secret and an 
+  #      authentication token as the password.
+  #  
+  #  Generation & acquisition of the beforementioned looks like this:
+  # 
+  #    0. Developer (that's you) registers Application (and provides a
+  #       callback url) and receives an API key and a shared secret
+  # 
+  #    1. User visits Application and are told they need to authenticate the
+  #       application first for read/write permission to their data (needs to
+  #       happen only once). User is asked for their shop url.
+  # 
+  #    2. Application redirects to Shopify : GET <user's shop url>/admin/api/auth?api_key=<API key>
+  #       (See Session#create_permission_url)
+  # 
+  #    3. User logs-in to Shopify, approves application permission request
+  # 
+  #    4. Shopify redirects to the Application's callback url (provided during
+  #       registration), including the shop's name, and an authentication token in the parameters:
+  #         GET client.com/customers?shop=snake-oil.myshopify.com&t=a94a110d86d2452eb3e2af4cfb8a3828
+  # 
+  #    5. Authentication password computed using the shared secret and the
+  #       authentication token (see Session#computed_password)
+  # 
+  #    6. Profit!
+  #       (API calls can now authenticate through HTTP using the API key, and
+  #       computed password)
+  # 
+  #  LoginController and ShopifyLoginProtection use the Session class to set Shopify::Base.site
+  #  so that all API calls are authorized transparently and end up just looking like this:
+  # 
+  #    # get 3 products
+  #    @products = ShopifyAPI::Product.find(:all, :params => {:limit => 3})
+  #    
+  #    # get latest 3 orders
+  #    @orders = ShopifyAPI::Order.find(:all, :params => {:limit => 3, :order => "created_at DESC" })
+  # 
+  #  As an example of what your LoginController should look like, take a look
+  #  at the following:
+  # 
+  #    class LoginController < ApplicationController
+  #      def index
+  #        # Ask user for their #{shop}.myshopify.com address
+  #      end
+  #    
+  #      def authenticate
+  #        redirect_to ShopifyAPI::Session.new(params[:shop]).create_permission_url
+  #      end
+  #    
+  #      # Shopify redirects the logged-in user back to this action along with
+  #      # the authorization token t.
+  #      # 
+  #      # This token is later combined with the developer's shared secret to form
+  #      # the password used to call API methods.
+  #      def finalize
+  #        shopify_session = ShopifyAPI::Session.new(params[:shop], params[:t])
+  #        if shopify_session.valid?
+  #          session[:shopify] = shopify_session
+  #          flash[:notice] = "Logged in to shopify store."
+  #    
+  #          return_address = session[:return_to] || '/home'
+  #          session[:return_to] = nil
+  #          redirect_to return_address
+  #        else
+  #          flash[:error] = "Could not log in to Shopify store."
+  #          redirect_to :action => 'index'
+  #        end
+  #      end
+  #    
+  #      def logout
+  #        session[:shopify] = nil
+  #        flash[:notice] = "Successfully logged out."
+  #    
+  #        redirect_to :action => 'index'
+  #      end
+  #    end
+  # 
+  class Session
+    cattr_accessor :api_key
+    cattr_accessor :secret
+    cattr_accessor :protocol 
+    self.protocol = 'https'
+
+    attr_accessor :url, :token, :name
+    
+    class << self
+    
+      def setup(params)
+        params.each { |k,value| send("#{k}=", value) }
+      end
+      
+      def temp(domain, token, &block)
+        session = new(domain, token)
+
+        original_site = ShopifyAPI::Base.site
+        begin
+          ShopifyAPI::Base.site = session.site
+          yield
+        ensure
+          ShopifyAPI::Base.site = original_site
+        end
+      end
+      
+      def prepare_url(url)
+        return nil if url.blank?
+        url.gsub!(/https?:\/\//, '')                            # remove http:// or https://
+        url.concat(".myshopify.com") unless url.include?('.')   # extend url to myshopify.com if no host is given
+      end
+      
+      def validate_signature(params)
+        return false unless signature = params[:signature]
+        return true if defined?(Rails) && Rails.env.test?
+        
+        sorted_params = params.except(:signature, :action, :controller).collect{|k,v|"#{k}=#{v}"}.sort.join
+        Digest::MD5.hexdigest(secret + sorted_params) == signature
+      end
+    
+    end
+    
+    def initialize(url, token = nil, params = nil)
+      self.url, self.token = url, token
+
+      if params
+        unless self.class.validate_signature(params) && params[:timestamp].to_i > 24.hours.ago.utc.to_i
+          raise "Invalid Signature: Possible malicious login" 
+        end
+      end
+
+      self.class.prepare_url(self.url)
+    end
+    
+    def shop
+      Shop.current
+    end
+    
+    def create_permission_url
+      return nil if url.blank? || api_key.blank?
+      "http://#{url}/admin/api/auth?api_key=#{api_key}"
+    end
+
+    # Used by ActiveResource::Base to make all non-authentication API calls
+    # 
+    # (ShopifyAPI::Base.site set in ShopifyLoginProtection#shopify_session)
+    def site
+      "#{protocol}://#{api_key}:#{computed_password}@#{url}/admin"
+    end
+
+    def valid?
+      url.present? && token.present?
+    end
+
+    private
+
+    # The secret is computed by taking the shared_secret which we got when 
+    # registring this third party application and concating the request_to it, 
+    # and then calculating a MD5 hexdigest. 
+    def computed_password
+      Digest::MD5.hexdigest(secret + token.to_s)
+    end
+    
+  end
+end

data/shopify_api.gemspec

@@ -0,0 +1,35 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+
+Gem::Specification.new do |s|
+  s.name        = "th_shopify_api"
+  s.version     = "1.2.6.pre"
+  s.authors     = ["TravisHaynes", "Shopify"]
+  s.email       = ["travis.j.haynes@gmail.com", "developers@jadedpixel.com"]
+  s.homepage    = %q{http://www.shopify.com/partners/apps}
+  s.summary     = %q{The Shopify API gem is a lightweight gem for accessing the Shopify admin REST web services}
+  s.description = %q{The Shopify API gem allows Ruby developers to programmatically access the admin section of Shopify stores. The API is implemented as XML over HTTP using all four verbs (GET/POST/PUT/DELETE). Each resource, like Order, Product, or Collection, has its own URL and is manipulated in isolation.}
+
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README.rdoc"
+  ]
+  
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.license = 'MIT'
+
+  s.add_dependency("activeresource", [">= 2.2.2"])
+  s.add_dependency("thor", [">= 0.14.4"])
+  
+  if s.respond_to?(:add_development_dependency)
+    s.add_development_dependency("mocha", ">= 0.9.8")
+  else
+    s.add_dependency("mocha", ">= 0.9.8")
+  end
+end
+

data/test/cli_test.rb

@@ -0,0 +1,109 @@
+require 'test_helper'
+require 'shopify_api/cli'
+require 'fileutils'
+
+class CliTest < Test::Unit::TestCase
+  def setup
+    @test_home = File.join(File.expand_path(File.dirname(__FILE__)), 'files', 'home')
+    @shop_config_dir = File.join(@test_home, '.shopify', 'shops')
+    @default_symlink = File.join(@shop_config_dir, 'default')
+    `rm -rf #{@test_home}`
+    ENV['HOME'] = @test_home
+    @cli = ShopifyAPI::Cli.new
+    
+    FileUtils.mkdir_p(@shop_config_dir)
+    File.open(config_file('foo'), 'w') do |file|
+      file.puts valid_options.merge('domain' => 'foo.myshopify.com').to_yaml
+    end
+    File.symlink(config_file('foo'), @default_symlink)
+    File.open(config_file('bar'), 'w') do |file|
+      file.puts valid_options.merge('domain' => 'bar.myshopify.com').to_yaml
+    end
+  end
+  
+  def teardown
+    `rm -rf #{@test_home}`
+  end
+  
+  test "add with blank domain" do
+    `rm -rf #{@shop_config_dir}/*`
+    $stdout.expects(:print).with("Domain? (leave blank for foo.myshopify.com) ")
+    $stdout.expects(:print).with("API key? ")
+    $stdout.expects(:print).with("Password? ")
+    $stdin.expects(:gets).times(3).returns("", "key", "pass")
+    @cli.expects(:puts).with("\nopen https://foo.myshopify.com/admin/api in your browser to get API credentials\n")
+    @cli.expects(:puts).with("Default connection is foo")
+    
+    @cli.add('foo')
+    
+    config = YAML.load(File.read(config_file('foo')))
+    assert_equal 'foo.myshopify.com', config['domain']
+    assert_equal 'key', config['api_key']
+    assert_equal 'pass', config['password']
+    assert_equal 'https', config['protocol']
+    assert_equal config_file('foo'), File.readlink(@default_symlink)
+  end
+  
+  test "add with explicit domain" do
+    `rm -rf #{@shop_config_dir}/*`
+    $stdout.expects(:print).with("Domain? (leave blank for foo.myshopify.com) ")
+    $stdout.expects(:print).with("API key? ")
+    $stdout.expects(:print).with("Password? ")
+    $stdin.expects(:gets).times(3).returns("bar.myshopify.com", "key", "pass")
+    @cli.expects(:puts).with("\nopen https://bar.myshopify.com/admin/api in your browser to get API credentials\n")
+    @cli.expects(:puts).with("Default connection is foo")
+    
+    @cli.add('foo')
+    
+    config = YAML.load(File.read(config_file('foo')))
+    assert_equal 'bar.myshopify.com', config['domain']
+  end
+  
+  test "list" do
+    @cli.expects(:puts).with("   bar")
+    @cli.expects(:puts).with(" * foo")
+    
+    @cli.list
+  end
+  
+  test "show default" do
+    @cli.expects(:puts).with("Default connection is foo")
+    
+    @cli.default
+  end
+  
+  test "set default" do
+    @cli.expects(:puts).with("Default connection is bar")
+    
+    @cli.default('bar')
+    
+    assert_equal config_file('bar'), File.readlink(@default_symlink)
+  end
+  
+  test "remove default connection" do
+    @cli.remove('foo')
+    
+    assert !File.exist?(@default_symlink)
+    assert !File.exist?(config_file('foo'))
+    assert File.exist?(config_file('bar'))
+  end
+  
+  test "remove non-default connection" do
+    @cli.remove('bar')
+    
+    assert_equal config_file('foo'), File.readlink(@default_symlink)
+    assert File.exist?(config_file('foo'))
+    assert !File.exist?(config_file('bar'))
+  end
+  
+  private
+  
+  def valid_options
+    {'domain' => 'snowdevil.myshopify.com', 'api_key' => 'key', 'password' => 'pass', 'protocol' => 'https'}
+  end
+  
+  def config_file(connection)
+    File.join(@shop_config_dir, "#{connection}.yml")
+  end
+  
+end

data/test/limits_test.rb

@@ -0,0 +1,37 @@
+require 'test_helper'
+require 'mocha'
+
+class LimitsTest < Test::Unit::TestCase
+  def setup
+    ShopifyAPI::Base.site = "test.myshopify.com"
+    @header_hash = {'http_x_shopify_api_call_limit' => '150/3000',
+                    'http_x_shopify_shop_api_call_limit' => '100/300'}
+    ShopifyAPI::Base.connection.expects(:response).at_least(0).returns(@header_hash)
+  end
+  
+  context "Limits" do
+    should "fetch limit total" do
+      assert_equal(299, ShopifyAPI.credit_limit(:shop))
+      assert_equal(2999, ShopifyAPI.credit_limit(:global))
+    end
+    
+    should "fetch used calls" do
+      assert_equal(100, ShopifyAPI.credit_used(:shop))
+      assert_equal(150, ShopifyAPI.credit_used(:global))
+    end
+    
+    should "calculate remaining calls" do
+      assert_equal(199, ShopifyAPI.credit_left)
+    end
+    
+    should "flag maxed out credits" do
+      assert !ShopifyAPI.maxed?
+      @header_hash = {'http_x_shopify_api_call_limit' => '2999/3000',
+                      'http_x_shopify_shop_api_call_limit' => '299/300'}
+      ShopifyAPI::Base.connection.expects(:response).at_least(1).returns(@header_hash)
+      assert ShopifyAPI.maxed?
+    end
+  end
+  
+  
+end