workarea-storefront 3.5.8 → 3.5.13

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 75e176db80d296deee6c9b3c137b7c8bf7b00789131342322ab319c5cec058f6
-  data.tar.gz: 97179fefcf0cb1f9ade197effaf012e36a9ef0dee1e92b54ea85ef13a29c5368
+  metadata.gz: 4ea6133352eedf9e8f948a185e5d1b989edc0c9664b21d2de8e5b496429a9938
+  data.tar.gz: 79c3922dc065c153aa2c0d3027d9a224b2a0a12795de5336e7a2083078719930
 SHA512:
-  metadata.gz: 49b621fc2a3cadaed09ff4b73e507b92f5d953e62e573627b1a860c394c528edadbf4cd7814a0dfbe3ccaed49d78fe06ad4bd4a551aba7a8fa8bdf45c9403c81
-  data.tar.gz: afb750b921e132d81e39e8a4f13c46e2ca486260afbe99e6c0da810d1cee8dcf4217eab8b23399fd42fb3fd003ce4676a7cdf626e358b93eb5475f2c45d9eceb
+  metadata.gz: 0dfcb3326e1fd5f3d70644c6eb5d340495d370f72a380730c9c6775c47c1eed96782e284e7229efbda6b453be1149056e65138339d33bd04091946894f3db088
+  data.tar.gz: 3b2ee21944554f42fef34f75e519626ddf8363c599fd3665328d92d3005946c38d4a5bdd5a639365096a1e93bbaa73389cbfaefd1d934867b8201492985a51e3

data/app/controllers/workarea/storefront/checkout/addresses_controller.rb

@@ -46,6 +46,8 @@ module Workarea
         end
 
         def validate_shipping_options
+          return unless current_order.requires_shipping?
+
           available_options = Workarea::Storefront::CartViewModel.new(current_order).shipping_options
 
           if available_options.empty?

data/app/controllers/workarea/storefront/checkouts_controller.rb

@@ -44,7 +44,7 @@ module Workarea
           segment_ids: current_segments.map(&:id)
         )
 
-        update_tracking!(email: current_order.email)
+        update_tracking!(email: current_order.email) unless current_order.email.blank?
       end
 
       def with_order_lock

data/app/controllers/workarea/storefront/current_checkout.rb

@@ -26,7 +26,10 @@ module Workarea
       #
       def current_order=(order)
         @current_order = order
-        cookies.permanent.signed[:order_id] = order&.id
+
+        if order.blank? || order.persisted?
+          cookies.permanent.signed[:order_id] = order&.id
+        end
       end
 
       # Removes the current order from the session.

data/app/controllers/workarea/storefront/users/passwords_controller.rb

@@ -8,7 +8,11 @@ module Workarea
 
     def edit
       reset = User::PasswordReset.find_by(token: params[:token]) rescue nil
-      redirect_to forgot_password_path unless reset
+
+      unless reset
+        flash[:error] = t('workarea.storefront.flash_messages.password_reset_expired')
+        redirect_to forgot_password_path
+      end
     end
 
     def create

data/app/view_models/workarea/storefront/category_view_model.rb

@@ -27,7 +27,7 @@ module Workarea
 
       def search_query
         @search_query ||= Search::CategoryBrowse.new(
-          options.merge(
+          options.except(:per_page).merge(
             category_ids: [model.id],
             rules: model.product_rules.usable,
             terms_facets: terms_facets - %w(category),

data/app/views/workarea/storefront/fulfillment_mailer/shipped.html.haml

@@ -3,7 +3,7 @@
 = render_schema_org(fulfillment_email_schema(@order, @package))
 
 - content_for :preheader_text do
-  = t('workarea.storefront.email.order_cancellation.heading', order_id: @order.id)
+  = t('workarea.storefront.email.order_shipped.heading', order_id: @order.id)
 
 %tr
   %td

data/app/views/workarea/storefront/products/templates/_option_selects.html.haml

@@ -10,6 +10,8 @@
     .product-prices.product-prices--details
       = render 'workarea/storefront/products/pricing', product: product
 
+    = append_partials('storefront.product_pricing_details', product: product)
+
     - if product.description.present?
       .product-details__description
         %p= truncated_product_description(product, t('workarea.storefront.products.read_more'))

data/app/views/workarea/storefront/products/templates/_option_thumbnails.html.haml

@@ -10,6 +10,8 @@
     .product-prices.product-prices--details
       = render 'workarea/storefront/products/pricing', product: product
 
+    = append_partials('storefront.product_pricing_details', product: product)
+
     - if product.description.present?
       .product-details__description
         %p= truncated_product_description(product, t('workarea.storefront.products.read_more'))

data/config/locales/en.yml

@@ -210,14 +210,14 @@ en:
         credit_card_update_error: There were errors updating your credit card.
         credit_card_removed: Your credit card has been removed.
         password_reset_expired: This password reset is expired.
-        password_reset_email_sent: If a valid e-mail address was entered, instructions to reset your password have been sent to "%{email}"
+        password_reset_email_sent: If a valid email address was entered, instructions to reset your password have been sent to "%{email}"
         password_reset: Your password has been reset.
         old_password_invalid: Your old password is not valid.
         password_required: Password is required.
         items_required: You must add an item to your cart to checkout
         order_custom_pricing: Your cart has custom pricing, you cannot edit the contents of your cart.
         download_unavailable: This download is no longer available. Contact customer support for more information.
-        no_available_shipping_options: There are no available shipping options for your shipping adddress.
+        no_available_shipping_options: There are no available shipping options for your shipping address.
 
       forms:
         required: '*'

data/test/integration/workarea/storefront/accounts_integration_test.rb

@@ -123,6 +123,26 @@ module Workarea
 
         assert_redirected_to(storefront.login_path)
       end
+
+      def test_no_extra_order_id_cookies
+        user = create_user(password: 'Passw0rd!')
+        post storefront.login_path,
+          params: { email: user.email, password: 'Passw0rd!' }
+
+        follow_redirect!
+        assert(cookies[:order_id].blank?)
+
+        delete storefront.logout_path
+
+        follow_redirect!
+        assert(cookies[:order_id].blank?)
+
+        post storefront.login_path,
+          params: { email: user.email, password: 'Passw0rd!' }
+
+        follow_redirect!
+        assert(cookies[:order_id].blank?)
+      end
     end
   end
 end

data/test/integration/workarea/storefront/categories_integration_test.rb

@@ -16,6 +16,16 @@ module Workarea
         get storefront.category_path(create_category(active: false))
         assert(response.ok?)
       end
+
+      def test_not_accepting_per_page_param
+        products = [create_product, create_product]
+        category = create_category(product_ids: products.map(&:id))
+
+        get storefront.category_path(category, page: 1, per_page: 1)
+        assert(response.ok?)
+        assert_includes(response.body, storefront.product_path(products.first))
+        assert_includes(response.body, storefront.product_path(products.second))
+      end
     end
   end
 end

data/test/integration/workarea/storefront/checkouts_integration_test.rb

@@ -345,6 +345,39 @@ module Workarea
 
         assert(flash[:error].present?)
       end
+
+      def test_not_setting_a_blank_tracking_email
+        cookies[:email] = 'foo@bar.com'
+        get storefront.checkout_shipping_path
+        assert_equal('foo@bar.com', cookies[:email])
+      end
+
+      def test_no_required_shipping_address_options_flash_message
+        product = create_product(name: 'Digital Product', variants: [{ sku: 'SKU' }])
+        create_fulfillment_sku(id: 'SKU', policy: :download, file: product_image_file)
+
+        post storefront.cart_items_path,
+          params: { product_id: product.id, sku: product.skus.first, quantity: 1 }
+
+        get storefront.checkout_addresses_path
+
+        patch storefront.checkout_addresses_path,
+          params: {
+            email: 'bcrouse@weblinc.com',
+            billing_address: {
+              first_name:   'Ben',
+              last_name:    'Crouse',
+              street:       '12 N. 3rd St.',
+              city:         'Philadelphia',
+              region:       'PA',
+              postal_code:  '19106',
+              country:      'US',
+              phone_number: '2159251800'
+            }
+          }
+
+        refute(flash[:error].present?)
+      end
     end
   end
 end

data/test/integration/workarea/storefront/current_checkout_integration_test.rb

@@ -13,7 +13,7 @@ module Workarea
 
         def test_login
           login(User.find(params[:user_id]))
-          self.current_order = Order.new(id: params[:order_id]) if params[:order_id].present?
+          self.current_order = Order.create!(id: params[:order_id]) if params[:order_id].present?
           head :ok
         end
 

data/test/integration/workarea/storefront/search_integration_test.rb

@@ -87,6 +87,16 @@ module Workarea
         assert_includes(response.body, 'Foo A')
         assert_includes(response.body, 'Foo B')
       end
+
+      def test_not_accepting_per_page_param
+        one = create_product(name: 'Foo A')
+        two = create_product(name: 'Foo B')
+
+        get storefront.search_path(q: 'foo', page: 1, per_page: 1)
+        assert(response.ok?)
+        assert_includes(response.body, storefront.product_path(one))
+        assert_includes(response.body, storefront.product_path(two))
+      end
     end
   end
 end

data/test/integration/workarea/storefront/segments_integration_test.rb

@@ -271,6 +271,19 @@ module Workarea
           headers: { 'HTTP_REFERER' => 'https://www.facebook.com/' }
         assert_equal(google.id.to_s, response.headers['X-Workarea-Segments'])
       end
+
+      def test_missing_email_cookies
+        user = create_user(password: 'w0rkArea!', tags: %w(foo))
+        segment = create_segment(rules: [Segment::Rules::Tags.new(tags: %w(foo))])
+
+        post storefront.login_path,
+          params: { email: user.email, password: 'w0rkArea!' }
+
+        cookies[:email] = nil
+
+        get storefront.current_user_path(format: 'json')
+        assert_equal(segment.id.to_s, response.headers['X-Workarea-Segments'])
+      end
     end
   end
 end

data/test/integration/workarea/storefront/users/passwords_integration_test.rb

@@ -31,6 +31,7 @@ module Workarea
 
         def test_handles_a_missing_password_reset
           get storefront.reset_password_path(token: 'foo')
+          assert(flash[:error].present?)
           assert_redirected_to(storefront.forgot_password_path)
         end
 
@@ -42,6 +43,24 @@ module Workarea
           assert(flash[:error].present?)
           assert(response.redirect?)
         end
+
+        def test_expired_resets
+          post storefront.forgot_password_path, params: { email: 'passwords@workarea.com' }
+          first = User::PasswordReset.desc(:created_at).first
+
+          get storefront.reset_password_path(token: first.token)
+          assert(response.ok?)
+
+          post storefront.forgot_password_path, params: { email: 'passwords@workarea.com' }
+          second = User::PasswordReset.desc(:created_at).first
+
+          get storefront.reset_password_path(token: second.token)
+          assert(response.ok?)
+
+          get storefront.reset_password_path(token: first.token)
+          assert(flash[:error].present?)
+          assert_redirected_to(storefront.forgot_password_path)
+        end
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workarea-storefront
 version: !ruby/object:Gem::Version
-  version: 3.5.8
+  version: 3.5.13
 platform: ruby
 authors:
 - Ben Crouse
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-31 00:00:00.000000000 Z
+date: 2020-06-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: workarea-core
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.8
+        version: 3.5.13
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.8
+        version: 3.5.13
 description: Provides user-facing ecommerce storefront functionality for the Workarea
   Commerce Platform.
 email: