Add product soft-delete API action

2026-02-04 22:16:08 +00:00 · 2014-06-12 11:20:07 +10:00
parent e6c7acdff3
commit 9dc02e5eac
3 changed files with 36 additions and 4 deletions
--- a/app/controllers/spree/api/products_controller_decorator.rb
+++ b/app/controllers/spree/api/products_controller_decorator.rb
@@ -8,6 +8,15 @@ Spree::Api::ProductsController.class_eval do
  end


+  def soft_delete
+    authorize! :delete, Spree::Product
+    @product = find_product(params[:product_id])
+    authorize! :delete, @product
+    @product.delete
+    respond_with(@product, :status => 204)
+  end
+
+
  private

  # Copied and modified from Spree::Api::BaseController to allow
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -120,6 +120,7 @@ Spree::Core::Engine.routes.prepend do

    resources :products do
      get :managed, on: :collection
+      delete :soft_delete

      resources :variants do
        delete :soft_delete
--- a/spec/controllers/spree/api/products_controller_spec.rb
+++ b/spec/controllers/spree/api/products_controller_spec.rb
@@ -7,9 +7,11 @@ module Spree
    render_views

    let(:supplier) { FactoryGirl.create(:supplier_enterprise) }
+    let(:supplier2) { FactoryGirl.create(:supplier_enterprise) }
    let!(:product1) { FactoryGirl.create(:product, supplier: supplier) }
    let!(:product2) { FactoryGirl.create(:product, supplier: supplier) }
    let!(:product3) { FactoryGirl.create(:product, supplier: supplier) }
+    let(:product_other_supplier) { FactoryGirl.create(:product, supplier: supplier2) }
    let(:attributes) { [:id, :name, :supplier, :price, :on_hand, :available_on, :permalink_live] }
    let(:unit_attributes) { [:id, :name, :group_buy_unit_size, :variant_unit] }

@@ -39,6 +41,20 @@ module Spree
        keys = json_response.first.keys.map{ |key| key.to_sym }
        attributes.all?{ |attr| keys.include? attr }.should == true
      end
+
+      it "soft deletes my products" do
+        spree_delete :soft_delete, {product_id: product1.to_param, format: :json}
+        response.status.should == 204
+        lambda { product1.reload }.should_not raise_error
+        product1.deleted_at.should_not be_nil
+      end
+
+      it "is denied access to soft deleting another enterprises' product" do
+        spree_delete :soft_delete, {product_id: product_other_supplier.to_param, format: :json}
+        assert_unauthorized!
+        lambda { product_other_supplier.reload }.should_not raise_error
+        product_other_supplier.deleted_at.should be_nil
+      end
    end

    context "as an administrator" do
@@ -80,17 +96,23 @@ module Spree
      end

      it "should allow available_on to be nil" do
-
        spree_get :index, { :template => 'bulk_index', :format => :json }
        json_response.size.should == 3

-        product4 = FactoryGirl.create(:product)
-        product4.available_on = nil
-        product4.save!
+        product5 = FactoryGirl.create(:product)
+        product5.available_on = nil
+        product5.save!

        spree_get :index, { :template => 'bulk_index', :format => :json }
        json_response.size.should == 4
      end
+
+      it "soft deletes a product" do
+        spree_delete :soft_delete, {product_id: product1.to_param, format: :json}
+        response.status.should == 204
+        lambda { product1.reload }.should_not raise_error
+        product1.deleted_at.should_not be_nil
+      end
    end
  end
 end