diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index d42c7b3a2c..0e57ab39af 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -681,7 +681,7 @@ Rails/ActiveRecordOverride: # This cop supports unsafe autocorrection (--autocorrect-all). Rails/ApplicationController: Exclude: - - 'engines/dfc_provider/app/controllers/dfc_provider/api/base_controller.rb' + - 'engines/dfc_provider/app/controllers/dfc_provider/base_controller.rb' # Offense count: 6 # This cop supports unsafe autocorrection (--autocorrect-all). diff --git a/config/routes.rb b/config/routes.rb index 9c449ed11d..e1bc3394d1 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -117,11 +117,6 @@ Openfoodnetwork::Application.routes.draw do get 'sitemap.xml', to: 'sitemap#index', defaults: { format: 'xml' } - constraints FeatureToggleConstraint.new(:dfc_provider) do - # Mount DFC API endpoints - mount DfcProvider::Engine, at: '/' - end - # Mount Spree's routes mount Spree::Core::Engine, :at => '/' diff --git a/config/routes/api.rb b/config/routes/api.rb index 0a830a60f2..42899a0baf 100644 --- a/config/routes/api.rb +++ b/config/routes/api.rb @@ -5,6 +5,12 @@ Openfoodnetwork::Application.routes.draw do end namespace :api do + + constraints FeatureToggleConstraint.new(:dfc_provider) do + # Mount DFC API endpoints + mount DfcProvider::Engine, at: '/' + end + namespace :v0 do resources :products do collection do diff --git a/engines/dfc_provider/app/controllers/dfc_provider/api/base_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/api/base_controller.rb deleted file mode 100644 index 7ff59bdb0a..0000000000 --- a/engines/dfc_provider/app/controllers/dfc_provider/api/base_controller.rb +++ /dev/null @@ -1,65 +0,0 @@ -# frozen_string_literal: true - -# Controller used to provide the API products for the DFC application -module DfcProvider - module Api - class BaseController < ActionController::Base - rescue_from ActiveRecord::RecordNotFound, with: :not_found - - before_action :check_authorization, - :check_user - - respond_to :json - - private - - def check_authorization - return if access_token.present? - - head :unprocessable_entity - end - - def check_user - return if current_user.present? - - head :unauthorized - end - - def check_enterprise - return if current_enterprise.present? - - not_found - end - - def current_enterprise - @current_enterprise ||= - case params[enterprise_id_param_name] - when 'default' - current_user.enterprises.first! - else - current_user.enterprises.find(params[enterprise_id_param_name]) - end - end - - def enterprise_id_param_name - :enterprise_id - end - - def current_user - @current_user ||= authorization_control.process - end - - def access_token - request.headers['Authorization'].to_s.split(' ').last - end - - def authorization_control - DfcProvider::AuthorizationControl.new(access_token) - end - - def not_found - head :not_found - end - end - end -end diff --git a/engines/dfc_provider/app/controllers/dfc_provider/api/catalog_items_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/api/catalog_items_controller.rb deleted file mode 100644 index 9d4419d84f..0000000000 --- a/engines/dfc_provider/app/controllers/dfc_provider/api/catalog_items_controller.rb +++ /dev/null @@ -1,30 +0,0 @@ -# frozen_string_literal: true - -# Controller used to provide the API products for the DFC application -# CatalogItems are items that are being sold by the entreprise. -module DfcProvider - module Api - class CatalogItemsController < DfcProvider::Api::BaseController - before_action :check_enterprise - - def index - # CatalogItem is nested into an entreprise which is also nested into - # an user on the DFC specifications, as defined here: - # https://datafoodconsortium.gitbook.io/dfc-standard-documentation - # /technical-specification/api-examples - render json: current_user, serializer: DfcProvider::PersonSerializer - end - - def show - render json: variant, serializer: DfcProvider::CatalogItemSerializer - end - - private - - def variant - @variant ||= - DfcProvider::VariantFetcher.new(current_enterprise).scope.find(params[:id]) - end - end - end -end diff --git a/engines/dfc_provider/app/controllers/dfc_provider/api/enterprises_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/api/enterprises_controller.rb deleted file mode 100644 index f68ffc3087..0000000000 --- a/engines/dfc_provider/app/controllers/dfc_provider/api/enterprises_controller.rb +++ /dev/null @@ -1,20 +0,0 @@ -# frozen_string_literal: true - -# Controller used to provide the CatalogItem API for the DFC application -module DfcProvider - module Api - class EnterprisesController < DfcProvider::Api::BaseController - before_action :check_enterprise - - def show - render json: current_enterprise, serializer: DfcProvider::EnterpriseSerializer - end - - private - - def enterprise_id_param_name - :id - end - end - end -end diff --git a/engines/dfc_provider/app/controllers/dfc_provider/api/persons_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/api/persons_controller.rb deleted file mode 100644 index 82b00b11f9..0000000000 --- a/engines/dfc_provider/app/controllers/dfc_provider/api/persons_controller.rb +++ /dev/null @@ -1,26 +0,0 @@ -# frozen_string_literal: true - -# Controller used to provide the Persons API for the DFC application -module DfcProvider - module Api - class PersonsController < DfcProvider::Api::BaseController - before_action :check_user_accessibility - - def show - render json: user, serializer: DfcProvider::PersonSerializer - end - - private - - def user - @user ||= Spree::User.find(params[:id]) - end - - def check_user_accessibility - return if current_user == user - - not_found - end - end - end -end diff --git a/engines/dfc_provider/app/controllers/dfc_provider/api/supplied_products_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/api/supplied_products_controller.rb deleted file mode 100644 index c711017c13..0000000000 --- a/engines/dfc_provider/app/controllers/dfc_provider/api/supplied_products_controller.rb +++ /dev/null @@ -1,22 +0,0 @@ -# frozen_string_literal: true - -# Controller used to provide the SuppliedProducts API for the DFC application -# SuppliedProducts are products that are managed by an enterprise. -module DfcProvider - module Api - class SuppliedProductsController < DfcProvider::Api::BaseController - before_action :check_enterprise - - def show - render json: variant, serializer: DfcProvider::SuppliedProductSerializer - end - - private - - def variant - @variant ||= - DfcProvider::VariantFetcher.new(current_enterprise).scope.find(params[:id]) - end - end - end -end diff --git a/engines/dfc_provider/app/controllers/dfc_provider/base_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/base_controller.rb new file mode 100644 index 0000000000..cbd04b1e20 --- /dev/null +++ b/engines/dfc_provider/app/controllers/dfc_provider/base_controller.rb @@ -0,0 +1,63 @@ +# frozen_string_literal: true + +# Controller used to provide the API products for the DFC application +module DfcProvider + class BaseController < ActionController::Base + rescue_from ActiveRecord::RecordNotFound, with: :not_found + + before_action :check_authorization, + :check_user + + respond_to :json + + private + + def check_authorization + return if access_token.present? + + head :unprocessable_entity + end + + def check_user + return if current_user.present? + + head :unauthorized + end + + def check_enterprise + return if current_enterprise.present? + + not_found + end + + def current_enterprise + @current_enterprise ||= + case params[enterprise_id_param_name] + when 'default' + current_user.enterprises.first! + else + current_user.enterprises.find(params[enterprise_id_param_name]) + end + end + + def enterprise_id_param_name + :enterprise_id + end + + def current_user + @current_user ||= authorization_control.process + end + + def access_token + request.headers['Authorization'].to_s.split(' ').last + end + + def authorization_control + DfcProvider::AuthorizationControl.new(access_token) + end + + def not_found + head :not_found + end + end +end diff --git a/engines/dfc_provider/app/controllers/dfc_provider/catalog_items_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/catalog_items_controller.rb new file mode 100644 index 0000000000..6851e7dd93 --- /dev/null +++ b/engines/dfc_provider/app/controllers/dfc_provider/catalog_items_controller.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +# Controller used to provide the API products for the DFC application +# CatalogItems are items that are being sold by the entreprise. +module DfcProvider + class CatalogItemsController < DfcProvider::BaseController + before_action :check_enterprise + + def index + # CatalogItem is nested into an entreprise which is also nested into + # an user on the DFC specifications, as defined here: + # https://datafoodconsortium.gitbook.io/dfc-standard-documentation + # /technical-specification/api-examples + render json: current_user, serializer: DfcProvider::PersonSerializer + end + + def show + render json: variant, serializer: DfcProvider::CatalogItemSerializer + end + + private + + def variant + @variant ||= + DfcProvider::VariantFetcher.new(current_enterprise).scope.find(params[:id]) + end + end +end diff --git a/engines/dfc_provider/app/controllers/dfc_provider/enterprises_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/enterprises_controller.rb new file mode 100644 index 0000000000..1298584da6 --- /dev/null +++ b/engines/dfc_provider/app/controllers/dfc_provider/enterprises_controller.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +# Controller used to provide the CatalogItem API for the DFC application +module DfcProvider + class EnterprisesController < DfcProvider::BaseController + before_action :check_enterprise + + def show + render json: current_enterprise, serializer: DfcProvider::EnterpriseSerializer + end + + private + + def enterprise_id_param_name + :id + end + end +end diff --git a/engines/dfc_provider/app/controllers/dfc_provider/persons_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/persons_controller.rb new file mode 100644 index 0000000000..952152e323 --- /dev/null +++ b/engines/dfc_provider/app/controllers/dfc_provider/persons_controller.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +# Controller used to provide the Persons API for the DFC application +module DfcProvider + class PersonsController < DfcProvider::BaseController + before_action :check_user_accessibility + + def show + render json: user, serializer: DfcProvider::PersonSerializer + end + + private + + def user + @user ||= Spree::User.find(params[:id]) + end + + def check_user_accessibility + return if current_user == user + + not_found + end + end +end diff --git a/engines/dfc_provider/app/controllers/dfc_provider/supplied_products_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/supplied_products_controller.rb new file mode 100644 index 0000000000..188ba2093e --- /dev/null +++ b/engines/dfc_provider/app/controllers/dfc_provider/supplied_products_controller.rb @@ -0,0 +1,20 @@ +# frozen_string_literal: true + +# Controller used to provide the SuppliedProducts API for the DFC application +# SuppliedProducts are products that are managed by an enterprise. +module DfcProvider + class SuppliedProductsController < DfcProvider::BaseController + before_action :check_enterprise + + def show + render json: variant, serializer: DfcProvider::SuppliedProductSerializer + end + + private + + def variant + @variant ||= + DfcProvider::VariantFetcher.new(current_enterprise).scope.find(params[:id]) + end + end +end diff --git a/engines/dfc_provider/app/serializers/dfc_provider/catalog_item_serializer.rb b/engines/dfc_provider/app/serializers/dfc_provider/catalog_item_serializer.rb index a91a3b51ca..83b8dcac8a 100644 --- a/engines/dfc_provider/app/serializers/dfc_provider/catalog_item_serializer.rb +++ b/engines/dfc_provider/app/serializers/dfc_provider/catalog_item_serializer.rb @@ -14,7 +14,7 @@ module DfcProvider key: 'dfc:offeredThrough' def id - dfc_provider_routes.api_dfc_provider_enterprise_catalog_item_url( + dfc_provider_routes.dfc_provider_enterprise_catalog_item_url( enterprise_id: object.product.supplier_id, id: object.id, host: host @@ -41,7 +41,7 @@ module DfcProvider private def reference_id - dfc_provider_routes.api_dfc_provider_enterprise_supplied_product_url( + dfc_provider_routes.dfc_provider_enterprise_supplied_product_url( enterprise_id: object.product.supplier_id, id: object.id, host: host diff --git a/engines/dfc_provider/app/serializers/dfc_provider/enterprise_serializer.rb b/engines/dfc_provider/app/serializers/dfc_provider/enterprise_serializer.rb index 19ad8fe19e..28616c077d 100644 --- a/engines/dfc_provider/app/serializers/dfc_provider/enterprise_serializer.rb +++ b/engines/dfc_provider/app/serializers/dfc_provider/enterprise_serializer.rb @@ -16,7 +16,7 @@ module DfcProvider serializer: DfcProvider::CatalogItemSerializer def id - dfc_provider_routes.api_dfc_provider_enterprise_url( + dfc_provider_routes.dfc_provider_enterprise_url( id: object.id, host: host ) diff --git a/engines/dfc_provider/app/serializers/dfc_provider/person_serializer.rb b/engines/dfc_provider/app/serializers/dfc_provider/person_serializer.rb index bbf0877349..bddc61b1dd 100644 --- a/engines/dfc_provider/app/serializers/dfc_provider/person_serializer.rb +++ b/engines/dfc_provider/app/serializers/dfc_provider/person_serializer.rb @@ -26,7 +26,7 @@ module DfcProvider end def id - dfc_provider_routes.api_dfc_provider_person_url( + dfc_provider_routes.dfc_provider_person_url( id: object.id, host: host ) diff --git a/engines/dfc_provider/app/serializers/dfc_provider/supplied_product_serializer.rb b/engines/dfc_provider/app/serializers/dfc_provider/supplied_product_serializer.rb index 0613db72fb..c553970bda 100644 --- a/engines/dfc_provider/app/serializers/dfc_provider/supplied_product_serializer.rb +++ b/engines/dfc_provider/app/serializers/dfc_provider/supplied_product_serializer.rb @@ -17,7 +17,7 @@ module DfcProvider has_many :physical_characteristics, key: 'dfc:physicalCharacterisctics' def id - dfc_provider_routes.api_dfc_provider_enterprise_supplied_product_url( + dfc_provider_routes.dfc_provider_enterprise_supplied_product_url( enterprise_id: object.product.supplier_id, id: object.id, host: host diff --git a/engines/dfc_provider/config/routes.rb b/engines/dfc_provider/config/routes.rb index b9ea25e15e..f081977d2c 100644 --- a/engines/dfc_provider/config/routes.rb +++ b/engines/dfc_provider/config/routes.rb @@ -1,13 +1,11 @@ # frozen_string_literal: true DfcProvider::Engine.routes.draw do - namespace :api do - scope :dfc_provider, as: :dfc_provider, path: '/dfc_provider' do - resources :enterprises, only: [:show] do - resources :catalog_items, only: [:index, :show] - resources :supplied_products, only: [:show] - end - resources :persons, only: [:show] + scope :dfc_provider, as: :dfc_provider, path: '/dfc_provider' do + resources :enterprises, only: [:show] do + resources :catalog_items, only: [:index, :show] + resources :supplied_products, only: [:show] end + resources :persons, only: [:show] end end diff --git a/engines/dfc_provider/spec/controllers/dfc_provider/api/catalog_items_controller_spec.rb b/engines/dfc_provider/spec/controllers/dfc_provider/catalog_items_controller_spec.rb similarity index 98% rename from engines/dfc_provider/spec/controllers/dfc_provider/api/catalog_items_controller_spec.rb rename to engines/dfc_provider/spec/controllers/dfc_provider/catalog_items_controller_spec.rb index 29558dd00a..4a38948d10 100644 --- a/engines/dfc_provider/spec/controllers/dfc_provider/api/catalog_items_controller_spec.rb +++ b/engines/dfc_provider/spec/controllers/dfc_provider/catalog_items_controller_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe DfcProvider::Api::CatalogItemsController, type: :controller do +describe DfcProvider::CatalogItemsController, type: :controller do render_views let!(:user) { create(:user) } diff --git a/engines/dfc_provider/spec/controllers/dfc_provider/api/enterprises_spec.rb b/engines/dfc_provider/spec/controllers/dfc_provider/enterprises_spec.rb similarity index 95% rename from engines/dfc_provider/spec/controllers/dfc_provider/api/enterprises_spec.rb rename to engines/dfc_provider/spec/controllers/dfc_provider/enterprises_spec.rb index 04c5003e3d..fc5edd4190 100644 --- a/engines/dfc_provider/spec/controllers/dfc_provider/api/enterprises_spec.rb +++ b/engines/dfc_provider/spec/controllers/dfc_provider/enterprises_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe DfcProvider::Api::EnterprisesController, type: :controller do +describe DfcProvider::EnterprisesController, type: :controller do render_views let!(:user) { create(:user) } diff --git a/engines/dfc_provider/spec/controllers/dfc_provider/api/persons_controller_spec.rb b/engines/dfc_provider/spec/controllers/dfc_provider/persons_controller_spec.rb similarity index 93% rename from engines/dfc_provider/spec/controllers/dfc_provider/api/persons_controller_spec.rb rename to engines/dfc_provider/spec/controllers/dfc_provider/persons_controller_spec.rb index 81498c1f46..dc57a25de8 100644 --- a/engines/dfc_provider/spec/controllers/dfc_provider/api/persons_controller_spec.rb +++ b/engines/dfc_provider/spec/controllers/dfc_provider/persons_controller_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe DfcProvider::Api::PersonsController, type: :controller do +describe DfcProvider::PersonsController, type: :controller do render_views let!(:user) { create(:user) } diff --git a/engines/dfc_provider/spec/controllers/dfc_provider/api/supplied_products_controller_spec.rb b/engines/dfc_provider/spec/controllers/dfc_provider/supplied_products_controller_spec.rb similarity index 94% rename from engines/dfc_provider/spec/controllers/dfc_provider/api/supplied_products_controller_spec.rb rename to engines/dfc_provider/spec/controllers/dfc_provider/supplied_products_controller_spec.rb index b739ae2176..f5ecb728c3 100644 --- a/engines/dfc_provider/spec/controllers/dfc_provider/api/supplied_products_controller_spec.rb +++ b/engines/dfc_provider/spec/controllers/dfc_provider/supplied_products_controller_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe DfcProvider::Api::SuppliedProductsController, type: :controller do +describe DfcProvider::SuppliedProductsController, type: :controller do render_views let!(:user) { create(:user) }