RubyGems - workarea-api-storefront - Versions diffs - 4.4.6 - Mend

workarea-api-storefront 4.4.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (203) hide show

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 23b35914b434546ccc6bfb92e627936a4a7a012686f2a9eb1883390f55d75add
+  data.tar.gz: 1c3c4c602f398f541937a4229f94039c8fce1f23153f2abe6c8257ea2487f558
+SHA512:
+  metadata.gz: d362d53c468c1496de0be57d962177ad21bfc8f2ddcab962ffb06b5fe0f4b11cdce6574cb6119a46847e9f29ee310a6e4e1e683f3679bb345120411e79f372c9
+  data.tar.gz: 8fb0927dff5edcbd5cb69a842d38055d7782dab40e218512a0c96c59dd416528a92d4cca9283c29d0e8e48d8a1c4d111d08d584f5f490cffce51cc7087105d97

data/.gitignore ADDED Viewed

@@ -0,0 +1,12 @@
+.bundle/
+Gemfile.lock
+.sass-cache/
+log/*.log
+pkg/
+test/dummy/public/system/dragonfly
+test/dummy/db/*.sqlite3
+test/dummy/log/*.log
+test/dummy/tmp/
+test/dummy/.sass-cache
+**/.DS_Store
+docs/build

data/README.md ADDED Viewed

@@ -0,0 +1,58 @@
+# Workarea Storefront API
+Part of the [Workarea API][], the Storefront API provides programmatic
+access to operations and resources to alternative user interfaces to
+your Workarea application, like on-premises kiosks, mobile applications,
+and client-side storefront implementations.
+## Getting Started
+To use this plugin, install the **workarea-api** gem.
+For more information on the API as a whole, and to learn how to set up
+the API plugin, consult the [main README][Workarea API].
+## Authenticating
+The Storefront API requires the use of a temporary authentication token,
+analogous to the user ID in the session, which tells the backend of
+Workarea whether a User is authenticated. It uses the
+`Workarea::UrlToken` mixin from core to generate this token.
+To obtain an authentication token, make a POST request like so:
+```bash
+curl \
+  --request POST \
+  --data '{ "email": "your@email.address", "password": "Password1!" }' \
+  "http://yourincredibleheadlesscommercesolution.biz/api/authentication_tokens.json"
+```
+You should get a response that looks like this:
+```json
+{
+  "token": "tL6Scp6ubsufq76FZHLbhLWs",
+  "expires_at": "2018-12-25T11:58:43.674-05:00"
+}
+```
+Use the `token` in this response to make further authenticated requests
+to the API:
+```bash
+curl \
+  --request GET \
+  --header 'Authorization: Token token="tL6Scp6ubsufq76FZHLbhLWs"' \
+  "http://yourincredibleheadlesscommercesolution.biz/api/carts.json"
+```
+## Copyright & Licensing
+Copyright Workarea 2017-2019. All rights reserved.
+For licensing, contact [sales@workarea.com][].
+[Workarea API]: https://homebase.weblinc.com/plugins/workarea-api-admin
+[sales@workarea.com]: mailto:sales@workarea.com

data/Rakefile ADDED Viewed

@@ -0,0 +1,10 @@
+#!/usr/bin/env rake
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+# Load the dummy app's rake tasks
+APP_RAKEFILE = File.expand_path('../test/dummy/Rakefile', __FILE__)
+load 'rails/tasks/engine.rake'

data/app/controllers/workarea/api/storefront/accounts_controller.rb ADDED Viewed

@@ -0,0 +1,31 @@
+module Workarea
+  module Api
+    module Storefront
+      class AccountsController < Api::Storefront::ApplicationController
+        def show
+        end
+        def create
+          @user = User.create!(user_params)
+          Workarea::Storefront::AccountMailer
+            .creation(@user.id.to_s)
+            .deliver_later
+          @authentication_token = @user.authentication_tokens.create!
+        end
+        def update
+          current_user.update_attributes!(user_params)
+          render :show
+        end
+        private
+        def user_params
+          params.permit(:email, :password, :first_name, :last_name)
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/analytics_controller.rb ADDED Viewed

@@ -0,0 +1,41 @@
+module Workarea
+  module Api
+    module Storefront
+      class AnalyticsController < ActionController::Metal
+        include ActionController::Head
+        include ActionController::Instrumentation
+        def category_view
+          Metrics::CategoryByDay.inc(key: { category_id: params[:category_id] }, views: 1)
+          head :ok
+        end
+        def product_view
+          Metrics::ProductByDay.inc(key: { product_id: params[:product_id] }, views: 1)
+          head :ok
+        end
+        def search
+          Metrics::SearchByDay.save_search(params[:q], params[:total_results])
+          head :ok
+        end
+        def search_abandonment
+          warn <<~eos
+DEPRECATION WARNING: Search abandonment tracking is deprecated and will be removed \
+in Workarea 3.5.
+          eos
+          head :ok
+        end
+        def filters
+          warn <<~eos
+DEPRECATION WARNING: Filter analytics tracking is deprecated and will be removed \
+in Workarea 3.5.
+          eos
+          head :ok
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/application_controller.rb ADDED Viewed

@@ -0,0 +1,65 @@
+module Workarea
+  module Api
+    module Storefront
+      class ApplicationController < Workarea::ApplicationController
+        include Workarea::Storefront::HttpCaching
+        include Api::Storefront::Authentication
+        include Api::Storefront::UserActivity
+        respond_to :json
+        before_action :set_json_format
+        before_action :skip_session
+        before_action { params.permit! }
+        after_action :disable_cors_protection
+        rescue_from Mongoid::Errors::DocumentNotFound, with: :handle_not_found
+        rescue_from Mongoid::Errors::Validations, with: :handle_invalid
+        rescue_from Mongoid::Errors::UnknownAttribute, with: :handle_unknown_attribute
+        rescue_from Authentication::InvalidError, with: :handle_invalid_auth
+        helper :all
+        def cache_page
+          expires_in Workarea.config.page_cache_ttl, public: true
+        end
+        def skip_session
+          request.session_options[:skip] = true
+        end
+        private
+        def set_json_format
+          request.format = :json
+        end
+        def handle_not_found(e)
+          payload = { params: e.params, problem: e.problem }
+          render json: payload, status: :not_found
+        end
+        def handle_invalid(e)
+          render(
+            json: { problems: e.document.errors.full_messages },
+            status: :unprocessable_entity
+          )
+        end
+        def handle_unknown_attribute(e)
+          render json: e.as_json.slice('problem'), status: :unprocessable_entity
+        end
+        def handle_invalid_auth
+          request_http_token_authentication
+        end
+        def disable_cors_protection
+          headers['Access-Control-Allow-Origin'] = '*'
+          headers['Access-Control-Allow-Headers'] = '*'
+          headers['Access-Control-Allow-Methods'] = 'GET, POST, PATCH, PUT, DELETE, OPTIONS'
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/assets_controller.rb ADDED Viewed

@@ -0,0 +1,11 @@
+module Workarea
+  module Api
+    module Storefront
+      class AssetsController < Api::Storefront::ApplicationController
+        def show
+          @asset = Content::Asset.find(params[:id])
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/authentication.rb ADDED Viewed

@@ -0,0 +1,30 @@
+module Workarea
+  module Api
+    module Storefront
+      module Authentication
+        extend ActiveSupport::Concern
+        class InvalidError < RuntimeError; end
+        included do
+          helper_method :current_user
+        end
+        def current_user
+          return @current_user if defined?(@current_user)
+          user = authenticate_with_http_token do |token, options|
+            User::AuthenticationToken.authenticate(token, options).try(:user)
+          end
+          @current_user = user || raise(InvalidError)
+        end
+        def authentication?
+          regex = ActionController::HttpAuthentication::Token::TOKEN_REGEX
+          request.authorization.to_s[regex].present?
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/authentication_tokens_controller.rb ADDED Viewed

@@ -0,0 +1,50 @@
+module Workarea
+  module Api
+    module Storefront
+      class AuthenticationTokensController < Api::Storefront::ApplicationController
+        before_action :ensure_not_locked, only: :create
+        def create
+          user = User.find_for_login(params[:email], params[:password])
+          if user.blank?
+            render(
+              json: { problem: t('workarea.api.storefront.authentication_tokens.error') },
+              status: :unprocessable_entity
+            )
+          else
+            @authentication_token = User::AuthenticationToken.create!(user: user)
+          end
+        end
+        def update
+          @authentication_token = authenticate_with_http_token do |token, options|
+            User::AuthenticationToken.refresh!(token, options)
+          end
+          if @authentication_token.blank?
+            render(
+              json: { problem: t('workarea.api.storefront.authentication_tokens.error') },
+              status: :unprocessable_entity
+            )
+          end
+        end
+        private
+        def ensure_not_locked
+          if User.login_locked?(params[:email])
+            render(
+              json: {
+                problem: t('workarea.api.storefront.authentication_tokens.login_locked')
+              },
+              status: :unprocessable_entity
+            )
+            return false
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/cart_items_controller.rb ADDED Viewed

@@ -0,0 +1,100 @@
+module Workarea
+  module Api
+    module Storefront
+      class CartItemsController < Api::Storefront::ApplicationController
+        include CurrentCheckout
+        before_action :set_checkout_view_models
+        before_action :validate_customizations, only: [:create, :update]
+        def create
+          current_order.add_item(item_params.to_h.merge(item_details.to_h))
+          update_cart
+          render_item
+        end
+        def update
+          update_params = params.permit(:sku, :quantity).to_h
+          update_params.merge!(item_details.to_h) if params[:sku].present?
+          current_order.update_item(params[:id], update_params)
+          update_cart
+          render_item
+        end
+        def destroy
+          current_order.remove_item(params[:id])
+          update_cart
+          render_item
+        end
+        private
+        def update_cart
+          current_order.save! # trigger any validation errors to raise
+          remove_unpurchasable_items
+          check_inventory
+          Pricing.perform(current_order, current_checkout.shipping)
+        end
+        def item_params
+          @item_params ||= params
+                             .permit(:product_id, :sku, :quantity)
+                             .merge(customizations: customization_params)
+        end
+        def product_id
+          @product_id ||= if params[:product_id].present?
+            params[:product_id]
+          elsif params[:sku].present?
+            Catalog::Product.find_by_sku(params[:sku]).id
+          elsif params[:id].present?
+            current_order.items.find(params[:id]).product_id
+          end
+        end
+        def item_details
+          ActionController::Parameters.new(
+            OrderItemDetails.find!(params[:sku]).to_h
+          ).permit!
+        end
+        def customizations
+          @customizations ||= Catalog::Customizations.find(
+            product_id,
+            params.to_unsafe_h
+          )
+        end
+        def customization_params
+          ActionController::Parameters.new(
+            customizations.try(:to_h) || {}
+          ).permit!
+        end
+        def validate_customizations
+          if customizations.present? && !customizations.valid?
+            flash[:error] = customizations.errors.full_messages.join(', ')
+            set_flash_header
+            render_item
+            return false
+          end
+        end
+        def render_item
+          if current_order.items.any? && !request.delete?
+            model = if params[:id].present?
+              current_order.items.find(params[:id])
+            else
+              current_order.items.desc(:updated_at).first
+            end
+            @item = Workarea::Storefront::OrderItemViewModel.wrap(model)
+          end
+          render template: 'workarea/api/storefront/cart_items/item'
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/carts_controller.rb ADDED Viewed

@@ -0,0 +1,47 @@
+module Workarea
+  module Api
+    module Storefront
+      class CartsController < Api::Storefront::ApplicationController
+        include CurrentCheckout
+        before_action :set_checkout_view_models, except: [:index, :create]
+        before_action :remove_unpurchasable_items, except: [:index, :create]
+        before_action :check_inventory, except: [:index, :create]
+        def index
+          @orders = Workarea::Storefront::OrderViewModel.wrap(
+            Order.carts.where(user_id: current_user.id).to_a
+          )
+        end
+        def create
+          order = Order.new
+          order.user_id = current_user.id if authentication?
+          order.save!
+          @order = Workarea::Storefront::OrderViewModel.new(
+            order,
+            view_model_options
+          )
+          render :show
+        end
+        def show
+          Pricing.perform(current_order, current_checkout.shipping)
+        end
+        def add_promo_code
+          if Pricing.valid_promo_code?(params[:promo_code], current_checkout.email)
+            current_order.add_promo_code(params[:promo_code])
+          else
+            flash[:error] = t('workarea.storefront.flash_messages.promo_code_error')
+          end
+          Pricing.perform(current_order, current_checkout.shipping)
+          render :show
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/categories_controller.rb ADDED Viewed

@@ -0,0 +1,25 @@
+module Workarea
+  module Api
+    module Storefront
+      class CategoriesController < Api::Storefront::ApplicationController
+        before_action :cache_page
+        def index
+          models = Catalog::Category.active.page(params[:page])
+          @categories = Workarea::Storefront::CategoryViewModel.wrap(
+            models,
+            view_model_options
+          )
+        end
+        def show
+          model = Catalog::Category.find_by(slug: params[:id])
+          @category = Workarea::Storefront::CategoryViewModel.wrap(
+            model,
+            view_model_options
+          )
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/checkouts_controller.rb ADDED Viewed

@@ -0,0 +1,117 @@
+module Workarea
+  module Api
+    module Storefront
+      class CheckoutsController < Api::Storefront::ApplicationController
+        include CurrentCheckout
+        class InvalidCheckout < RuntimeError; end
+        before_action :set_checkout_view_models
+        before_action :start_checkout, only: [:show, :update]
+        before_action :validate_checkout, only: :show
+        before_action :check_inventory, only: [:show, :complete]
+        before_action :remove_unpurchasable_items, only: [:show, :complete]
+        before_action :check_lock, only: :complete
+        around_action :with_order_lock, only: [:update, :complete]
+        before_action :touch_checkout, only: [:update, :complete]
+        before_action { params.permit! }
+        rescue_from InvalidCheckout, with: :handle_checkout_error
+        def show
+          render_checkout
+        end
+        def update
+          success = current_checkout.update(params)
+          render_checkout(status: success ? :ok : :unprocessable_entity)
+        end
+        def complete
+          payment = Workarea::Checkout::Steps::Payment.new(current_checkout)
+          payment.update(params)
+          if payment.complete? && current_checkout.place_order
+            Workarea::Storefront::OrderMailer
+              .confirmation(current_order.id)
+              .deliver_later
+            @order = Workarea::Storefront::OrderViewModel.new(current_order)
+            render template: 'workarea/api/storefront/orders/show'
+          else
+            flash[:error] =
+              t('workarea.storefront.flash_messages.order_place_error')
+            render_checkout status: :unprocessable_entity
+          end
+        end
+        def reset
+          current_checkout.reset!
+          start_checkout
+          render_checkout
+        end
+        private
+        def render_checkout(status: :ok)
+          Pricing.perform(current_order, current_checkout.shipping)
+          render template: 'workarea/api/storefront/checkouts/show',
+                 status: status
+        end
+        def start_checkout
+          return if current_order.checking_out?
+          if authentication?
+            current_checkout.start_as(current_user)
+          else
+            current_checkout.start_as(:guest)
+          end
+        end
+        def validate_checkout
+          message =
+            if !current_order || current_order.no_items?
+              t('workarea.storefront.flash_messages.items_required')
+            elsif current_order.started_checkout? && !current_order.checking_out?
+              t('workarea.storefront.flash_messages.checkout_expired')
+            end
+          raise InvalidCheckout.new(message) if message
+        end
+        def with_order_lock
+          current_order.lock!
+          yield
+          current_order.unlock! if current_order
+        end
+        def check_lock
+          raise InvalidCheckout.new(
+            t('workarea.storefront.flash_messages.checkout_lock_error')
+          ) if current_order.locked?
+        end
+        def touch_checkout
+          if authentication?
+            current_order.touch_checkout!(
+              ip_address: request.remote_ip,
+              user_activity_id: current_user.id,
+              checkout_by_id: current_user.id,
+              source: 'storefront_api'
+            )
+          else
+            current_order.touch_checkout!(
+              ip_address: request.remote_ip,
+              source: 'storefront_api'
+            )
+          end
+        end
+        def handle_checkout_error(e)
+          render json: { problem: e.message }, status: :unprocessable_entity
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/contacts_controller.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module Workarea
+  module Api
+    module Storefront
+      class ContactsController < Api::Storefront::ApplicationController
+        def create
+          inquiry = Inquiry.create!(inquiry_params)
+          Workarea::Storefront::InquiryMailer.created(inquiry.id.to_s).deliver_later
+          render(json: { inquiry: inquiry })
+        end
+        private
+        def inquiry_params
+          params.permit(:name, :email, :order_id, :subject, :message)
+        end
+      end
+    end
+  end
+end

data/app/controllers/workarea/api/storefront/current_checkout.rb ADDED Viewed

@@ -0,0 +1,60 @@
+module Workarea
+  module Api
+    module Storefront
+      module CurrentCheckout
+        def current_order
+          return @current_order if defined?(@current_order)
+          options = { id: params[:cart_id].presence || params[:id] }
+          options[:user_id] = current_user.id if authentication?
+          order = Order.carts.find_by(options)
+          if order.user_id.present? && current_user.id.to_s != order.user_id
+            raise Authentication::InvalidError
+          end
+          @current_order = order
+        end
+        def current_checkout
+          @current_checkout ||=
+            if authentication?
+              Workarea::Checkout.new(current_order, current_user)
+            else
+              Workarea::Checkout.new(current_order)
+            end
+        end
+        private
+        def set_checkout_view_models
+          @cart = Workarea::Storefront::CartViewModel.new(
+            current_order,
+            view_model_options
+          )
+          @summary = Workarea::Storefront::Checkout::SummaryViewModel.new(
+            current_checkout,
+            view_model_options
+          )
+          @order = Workarea::Storefront::OrderViewModel.new(
+            current_order,
+            view_model_options
+          )
+        end
+        def remove_unpurchasable_items
+          cleaner = CartCleaner.new(current_order)
+          cleaner.clean
+          flash[:info] = cleaner.messages if cleaner.message?
+        end
+        def check_inventory
+          reservation = InventoryAdjustment.new(current_order).tap(&:perform)
+          flash[:error] = reservation.errors if reservation.errors.present?
+        end
+      end
+    end
+  end
+end