diff --git a/spec/controllers/api/orders_controller_spec.rb b/spec/controllers/api/orders_controller_spec.rb index acd41e044c..2838d587ff 100644 --- a/spec/controllers/api/orders_controller_spec.rb +++ b/spec/controllers/api/orders_controller_spec.rb @@ -1,4 +1,5 @@ require 'spec_helper' +require 'spree/api/testing_support/helpers' module Api describe OrdersController, type: :controller do @@ -7,42 +8,120 @@ module Api describe '#index' do let!(:distributor) { create(:distributor_enterprise) } - let!(:order1) { create(:order, distributor: distributor) } - let!(:order2) { create(:order, distributor: distributor) } - let!(:order3) { create(:order, distributor: distributor) } - - let(:enterprise_user) { distributor.owner } - let(:regular_user) { create(:user) } + let!(:distributor2) { create(:distributor_enterprise) } + let!(:supplier) { create(:supplier_enterprise) } + let!(:coordinator) { create(:distributor_enterprise) } + let!(:order_cycle) { create(:simple_order_cycle, coordinator: coordinator) } + let!(:order1) do + create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now, + distributor: distributor, billing_address: create(:address) ) + end + let!(:order2) do + create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now, + distributor: distributor2, billing_address: create(:address) ) + end + let!(:order3) do + create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now, + distributor: distributor, billing_address: create(:address) ) + end + let!(:line_item1) do + create(:line_item, order: order1, + product: create(:product, supplier: supplier)) + end + let!(:line_item2) do + create(:line_item, order: order2, + product: create(:product, supplier: supplier)) + end + let!(:line_item3) do + create(:line_item, order: order2, + product: create(:product, supplier: supplier)) + end + let!(:line_item4) do + create(:line_item, order: order3, + product: create(:product, supplier: supplier)) + end + let!(:regular_user) { create(:user) } + let!(:admin_user) { create(:admin_user) } context 'as a regular user' do before do allow(controller).to receive(:spree_current_user) { regular_user } + get :index end it "returns unauthorized" do - get :index assert_unauthorized! end end - context 'as an enterprise user' do + context 'as an admin user' do before do - allow(controller).to receive(:spree_current_user) { enterprise_user } + allow(controller).to receive(:spree_current_user) { admin_user } + get :index end - it "returns serialized orders" do - get :index + it "retrieves a list of orders with appropriate attributes, + including line items with appropriate attributes" do - expect(response.status).to eq 200 - expect(json_response['orders'].count).to eq 3 - expect(json_response['orders'].first.keys).to include 'id', 'number', 'email', 'distributor' - expect(json_response['pagination']).to be_nil + returns_orders(json_response) + end + + it "formats completed_at to 'yyyy-mm-dd hh:mm'" do + completed_dates = json_response['orders'].map{ |order| order['completed_at'] } + correct_formats = completed_dates.all?{ |a| a == order1.completed_at.strftime('%B %d, %Y') } + + expect(correct_formats).to be_truthy + end + + it "returns distributor object with id key" do + distributors = json_response['orders'].map{ |order| order['distributor'] } + expect(distributors.all?{ |d| d.key?('id') }).to be_truthy + end + + it "returns the order number" do + order_numbers = json_response['orders'].map{ |order| order['number'] } + expect(order_numbers.all?{ |number| number.match("^R\\d{5,10}$") }).to be_truthy + end + end + + context 'as an enterprise user' do + context 'producer enterprise' do + before do + allow(controller).to receive(:spree_current_user) { supplier.owner } + get :index + end + + it "does not display line items for which my enterprise is a supplier" do + assert_unauthorized! + end + end + + context 'coordinator enterprise' do + before do + allow(controller).to receive(:spree_current_user) { coordinator.owner } + get :index + end + + it "retrieves a list of orders" do + returns_orders(json_response) + end + end + + context 'hub enterprise' do + before do + allow(controller).to receive(:spree_current_user) { distributor.owner } + get :index + end + + it "retrieves a list of orders" do + returns_orders(json_response) + end end end context 'with pagination' do before do - allow(controller).to receive(:spree_current_user) { enterprise_user } + allow(controller).to receive(:spree_current_user) { distributor.owner } end it 'returns pagination data when query params contain :per_page]' do @@ -53,9 +132,25 @@ module Api end end + private + + def returns_orders(response) + keys = response['orders'].first.keys.map(&:to_sym) + expect(order_attributes.all?{ |attr| keys.include? attr }).to be_truthy + end + + def order_attributes + [ + :id, :number, :full_name, :email, :phone, :completed_at, :display_total, + :show_path, :edit_path, :state, :payment_state, :shipment_state, + :payments_path, :shipments_path, :ship_path, :ready_to_ship, :created_at, + :distributor_name, :special_instructions, :payment_capture_path + ] + end + def pagination_data { - 'results' => 3, + 'results' => 2, 'pages' => 1, 'page' => 1, 'per_page' => 15 diff --git a/spec/controllers/spree/admin/orders_controller_spec.rb b/spec/controllers/spree/admin/orders_controller_spec.rb index 1685b9506a..2ed23a2118 100644 --- a/spec/controllers/spree/admin/orders_controller_spec.rb +++ b/spec/controllers/spree/admin/orders_controller_spec.rb @@ -30,111 +30,24 @@ describe Spree::Admin::OrdersController, type: :controller do end describe "#index" do - render_views - - let(:order_attributes) { [:id, :full_name, :email, :phone, :completed_at, :distributor, :order_cycle, :number] } - - def self.make_simple_data! - let!(:dist1) { FactoryBot.create(:distributor_enterprise) } - let!(:order1) { FactoryBot.create(:order, state: 'complete', completed_at: Time.zone.now, distributor: dist1, billing_address: FactoryBot.create(:address) ) } - let!(:order2) { FactoryBot.create(:order, state: 'complete', completed_at: Time.zone.now, distributor: dist1, billing_address: FactoryBot.create(:address) ) } - let!(:order3) { FactoryBot.create(:order, state: 'complete', completed_at: Time.zone.now, distributor: dist1, billing_address: FactoryBot.create(:address) ) } - let!(:line_item1) { FactoryBot.create(:line_item, order: order1) } - let!(:line_item2) { FactoryBot.create(:line_item, order: order2) } - let!(:line_item3) { FactoryBot.create(:line_item, order: order2) } - let!(:line_item4) { FactoryBot.create(:line_item, order: order3) } - let(:line_item_attributes) { [:id, :quantity, :max_quantity, :supplier, :units_product, :units_variant] } - end - - context "as a normal user" do + context "as a regular user" do before { controller.stub spree_current_user: create_enterprise_user } - make_simple_data! - it "should deny me access to the index action" do - spree_get :index, :format => :json + spree_get :index expect(response).to redirect_to spree.unauthorized_path end end - context "as an administrator" do - make_simple_data! + context "as an enterprise user" do + let!(:order) { create(:order_with_distributor) } before do - controller.stub spree_current_user: quick_login_as_admin - spree_get :index, :format => :json + controller.stub spree_current_user: order.distributor.owner end - it "retrieves a list of orders with appropriate attributes, including line items with appropriate attributes" do - keys = json_response['orders'].first.keys.map{ |key| key.to_sym } - order_attributes.all?{ |attr| keys.include? attr }.should == true - end - - it "sorts orders in ascending id order" do - ids = json_response['orders'].map{ |order| order['id'] } - expect(ids[0]).to be < ids[1] - expect(ids[1]).to be < ids[2] - end - - it "formats completed_at to 'yyyy-mm-dd hh:mm'" do - json_response['orders'].map{ |order| order['completed_at'] }.all?{ |a| a == order1.completed_at.strftime('%B %d, %Y') }.should == true - end - - it "returns distributor object with id key" do - json_response['orders'].map{ |order| order['distributor'] }.all?{ |d| d.has_key?('id') }.should == true - end - - it "retrieves the order number" do - json_response['orders'].map{ |order| order['number'] }.all?{ |number| number.match("^R\\d{5,10}$") }.should == true - end - end - - context "as an enterprise user" do - let(:supplier) { create(:supplier_enterprise) } - let(:distributor1) { create(:distributor_enterprise) } - let(:distributor2) { create(:distributor_enterprise) } - let(:coordinator) { create(:distributor_enterprise) } - let(:order_cycle) { create(:simple_order_cycle, coordinator: coordinator) } - let!(:order1) { FactoryBot.create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now, distributor: distributor1, billing_address: FactoryBot.create(:address) ) } - let!(:line_item1) { FactoryBot.create(:line_item, order: order1, product: FactoryBot.create(:product, supplier: supplier)) } - let!(:line_item2) { FactoryBot.create(:line_item, order: order1, product: FactoryBot.create(:product, supplier: supplier)) } - let!(:order2) { FactoryBot.create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now, distributor: distributor2, billing_address: FactoryBot.create(:address) ) } - let!(:line_item3) { FactoryBot.create(:line_item, order: order2, product: FactoryBot.create(:product, supplier: supplier)) } - - context "producer enterprise" do - - before do - controller.stub spree_current_user: supplier.owner - spree_get :index, :format => :json - end - - it "does not display line items for which my enterprise is a supplier" do - expect(response).to redirect_to spree.unauthorized_path - end - end - - context "coordinator enterprise" do - before do - controller.stub spree_current_user: coordinator.owner - spree_get :index, :format => :json - end - - it "retrieves a list of orders" do - keys = json_response['orders'].first.keys.map{ |key| key.to_sym } - order_attributes.all?{ |attr| keys.include? attr }.should == true - end - end - - context "hub enterprise" do - before do - controller.stub spree_current_user: distributor1.owner - spree_get :index, :format => :json - end - - it "retrieves a list of orders" do - keys = json_response['orders'].first.keys.map{ |key| key.to_sym } - order_attributes.all?{ |attr| keys.include? attr }.should == true - end + it "should allow access" do + expect(response.status).to eq 200 end end end