From 0ad2978926f17e663b96bafffe4f8365e660af50 Mon Sep 17 00:00:00 2001
From: Rob Harrington <oeoeaio@gmail.com>
Date: Wed, 20 May 2015 11:48:48 +1000
Subject: [PATCH] Removing old managed route from api orders controller and
 switching BOM over to use new controller action

---
 .../admin/bulk_order_management.js.coffee     |   2 +-
 .../spree/api/orders_controller_decorator.rb  |   8 --
 .../spree/api/orders_controller_spec.rb       | 121 ------------------
 .../unit/bulk_order_management_spec.js.coffee |   2 +-
 4 files changed, 2 insertions(+), 131 deletions(-)

diff --git a/app/assets/javascripts/admin/bulk_order_management.js.coffee b/app/assets/javascripts/admin/bulk_order_management.js.coffee
index 20ddc177ba..076dd55e3a 100644
--- a/app/assets/javascripts/admin/bulk_order_management.js.coffee
+++ b/app/assets/javascripts/admin/bulk_order_management.js.coffee
@@ -62,7 +62,7 @@ angular.module("ofn.admin").controller "AdminOrderMgmtCtrl", [
 
     $scope.fetchOrders = ->
       $scope.loading = true
-      dataFetcher("/api/orders/managed?template=bulk_index;page=1;per_page=500;q[state_not_eq]=canceled;q[completed_at_not_null]=true;q[completed_at_gt]=#{$scope.startDate};q[completed_at_lt]=#{$scope.endDate}").then (data) ->
+      dataFetcher("/admin/orders/managed?template=bulk_index;page=1;per_page=500;q[state_not_eq]=canceled;q[completed_at_not_null]=true;q[completed_at_gt]=#{$scope.startDate};q[completed_at_lt]=#{$scope.endDate}").then (data) ->
         $scope.resetOrders data
         $scope.loading = false
 
diff --git a/app/controllers/spree/api/orders_controller_decorator.rb b/app/controllers/spree/api/orders_controller_decorator.rb
index ca1fc4a570..21f64f51d8 100644
--- a/app/controllers/spree/api/orders_controller_decorator.rb
+++ b/app/controllers/spree/api/orders_controller_decorator.rb
@@ -4,12 +4,4 @@ Spree::Api::OrdersController.class_eval do
   # because Spree's API controller causes authorize_read! to be called, which
   # results in an ActiveRecord::NotFound Exception as the order object is not
   # defined for collection actions
-  before_filter :authorize_read!, :except => [:managed]
-
-  def managed
-    authorize! :admin, Spree::Order
-    authorize! :read, Spree::Order
-    @orders = Spree::Order.ransack(params[:q]).result.distributed_by_user(current_api_user).page(params[:page]).per(params[:per_page])
-    respond_with(@orders, default_template: :index)
-  end
 end
diff --git a/spec/controllers/spree/api/orders_controller_spec.rb b/spec/controllers/spree/api/orders_controller_spec.rb
index ec87169f76..5b651016f3 100644
--- a/spec/controllers/spree/api/orders_controller_spec.rb
+++ b/spec/controllers/spree/api/orders_controller_spec.rb
@@ -3,127 +3,6 @@ require 'spree/api/testing_support/helpers'
 
 module Spree
   describe Spree::Api::OrdersController do
-    include Spree::Api::TestingSupport::Helpers
-    render_views
 
-    before do
-      stub_authentication!
-      Spree.user_class.stub :find_by_spree_api_key => current_api_user
-    end
-
-    let(:order_attributes) { [:id, :full_name, :email, :phone, :completed_at, :line_items, :distributor, :order_cycle, :number] }
-
-    def self.make_simple_data!
-      let!(:dist1) { FactoryGirl.create(:distributor_enterprise) }
-      let!(:order1) { FactoryGirl.create(:order, state: 'complete', completed_at: Time.now, distributor: dist1, billing_address: FactoryGirl.create(:address) ) }
-      let!(:order2) { FactoryGirl.create(:order, state: 'complete', completed_at: Time.now, distributor: dist1, billing_address: FactoryGirl.create(:address) ) }
-      let!(:order3) { FactoryGirl.create(:order, state: 'complete', completed_at: Time.now, distributor: dist1, billing_address: FactoryGirl.create(:address) ) }
-      let!(:line_item1) { FactoryGirl.create(:line_item, order: order1) }
-      let!(:line_item2) { FactoryGirl.create(:line_item, order: order2) }
-      let!(:line_item3) { FactoryGirl.create(:line_item, order: order2) }
-      let!(:line_item4) { FactoryGirl.create(:line_item, order: order3) }
-      let(:line_item_attributes) { [:id, :quantity, :max_quantity, :supplier, :units_product, :units_variant] }
-    end
-
-
-    context "as a normal user" do
-      sign_in_as_user!
-      make_simple_data!
-
-      it "should deny me access to managed orders" do
-        spree_get :managed, { :template => 'bulk_index', :format => :json }
-        assert_unauthorized!
-      end
-    end
-
-    context "as an administrator" do
-      sign_in_as_admin!
-      make_simple_data!
-
-      before :each do
-        spree_get :managed, { :template => 'bulk_index', :format => :json }
-      end
-
-      it "retrieves a list of orders with appropriate attributes, including line items with appropriate attributes" do
-        keys = json_response.first.keys.map{ |key| key.to_sym }
-        order_attributes.all?{ |attr| keys.include? attr }.should == true
-      end
-
-      it "retrieves a list of line items with appropriate attributes" do
-        li_keys = json_response.first['line_items'].first.keys.map{ |key| key.to_sym }
-        line_item_attributes.all?{ |attr| li_keys.include? attr }.should == true
-      end
-
-      it "sorts orders in ascending id order" do
-        ids = json_response.map{ |order| order['id'] }
-        ids[0].should < ids[1]
-        ids[1].should < ids[2]
-      end
-
-      it "formats completed_at to 'yyyy-mm-dd hh:mm'" do
-        json_response.map{ |order| order['completed_at'] }.all?{ |a| a.match("^\\d{4}-\\d{2}-\\d{2} \\d{2}:\\d{2}:\\d{2}$") }.should == true
-      end
-
-      it "returns an array for line_items" do
-        json_response.map{ |order| order['line_items'] }.all?{ |a| a.is_a? Array }.should == true
-      end
-
-      it "returns quantity and max quantity at integers" do
-        json_response.map{ |order| order['line_items'] }.flatten.map{ |li| li['quantity'] }.all?{ |q| q.is_a? Fixnum }.should == true
-        json_response.map{ |order| order['line_items'] }.flatten.map{ |li| li['max_quantity'] }.all?{ |mq| mq.nil? || mq.is_a?( Fixnum ) }.should == true
-      end
-
-      it "returns supplier object with id and name keys" do
-        json_response.map{ |order| order['line_items'] }.flatten.map{ |li| li['supplier'] }.all?{ |s| s.has_key?('id') && s.has_key?('name') }.should == true
-      end
-
-      it "returns distributor object with id and name keys" do
-        json_response.map{ |order| order['distributor'] }.all?{ |d| d.has_key?('id') && d.has_key?('name') }.should == true
-      end
-
-      it "retrieves the order number" do
-        json_response.map{ |order| order['number'] }.all?{ |number| number.match("^R\\d{5,10}$") }.should == true
-      end
-    end
-
-    context "as an enterprise user" do
-      let(:supplier) { create(:supplier_enterprise) }
-      let(:distributor1) { create(:distributor_enterprise) }
-      let(:distributor2) { create(:distributor_enterprise) }
-      let!(:order1) { FactoryGirl.create(:order, state: 'complete', completed_at: Time.now, distributor: distributor1, billing_address: FactoryGirl.create(:address) ) }
-      let!(:line_item1) { FactoryGirl.create(:line_item, order: order1, product: FactoryGirl.create(:product, supplier: supplier)) }
-      let!(:line_item2) { FactoryGirl.create(:line_item, order: order1, product: FactoryGirl.create(:product, supplier: supplier)) }
-      let!(:order2) { FactoryGirl.create(:order, state: 'complete', completed_at: Time.now, distributor: distributor2, billing_address: FactoryGirl.create(:address) ) }
-      let!(:line_item3) { FactoryGirl.create(:line_item, order: order2, product: FactoryGirl.create(:product, supplier: supplier)) }
-
-      context "producer enterprise" do
-        sign_in_as_enterprise_user! [:supplier]
-
-        before :each do
-          spree_get :managed, { :template => 'bulk_index', :format => :json }
-        end
-
-        it "does not display line item for which my enteprise is a supplier" do
-          response.status.should == 401
-        end
-      end
-
-      context "hub enterprise" do
-        sign_in_as_enterprise_user! [:distributor1]
-
-        before :each do
-          spree_get :managed, { :template => 'bulk_index', :format => :json }
-        end
-
-        it "retrieves a list of orders" do
-          keys = json_response.first.keys.map{ |key| key.to_sym }
-          order_attributes.all?{ |attr| keys.include? attr }.should == true
-        end
-
-        it "only displays line items from orders for which my enterprise is a distributor" do
-          json_response.map{ |order| order['line_items'] }.flatten.map{ |line_item| line_item["id"] }.should == [line_item1.id, line_item2.id]
-        end
-      end
-    end
   end
 end
diff --git a/spec/javascripts/unit/bulk_order_management_spec.js.coffee b/spec/javascripts/unit/bulk_order_management_spec.js.coffee
index 3377c799db..71ebb9f3b9 100644
--- a/spec/javascripts/unit/bulk_order_management_spec.js.coffee
+++ b/spec/javascripts/unit/bulk_order_management_spec.js.coffee
@@ -43,7 +43,7 @@ describe "AdminOrderMgmtCtrl", ->
   describe "fetching orders", ->
     beforeEach ->
       scope.initialiseVariables()
-      httpBackend.expectGET("/api/orders/managed?template=bulk_index;page=1;per_page=500;q[state_not_eq]=canceled;q[completed_at_not_null]=true;q[completed_at_gt]=SomeDate;q[completed_at_lt]=SomeDate").respond "list of orders"
+      httpBackend.expectGET("/admin/orders/managed?template=bulk_index;page=1;per_page=500;q[state_not_eq]=canceled;q[completed_at_not_null]=true;q[completed_at_gt]=SomeDate;q[completed_at_lt]=SomeDate").respond "list of orders"
 
     it "makes a call to dataFetcher, with current start and end date parameters", ->
       scope.fetchOrders()