mirror of
https://github.com/openfoodfoundation/openfoodnetwork
synced 2026-03-12 03:50:22 +00:00
Remove Spree module declaration from these files as they were moved out of the spree namespace
This commit is contained in:
luisramos0
@@ -1,226 +1,224 @@
|
||||
require 'spec_helper'
|
||||
|
||||
module Spree
|
||||
describe Spree::Api::ProductsController, type: :controller do
|
||||
render_views
|
||||
describe Api::ProductsController, type: :controller do
|
||||
render_views
|
||||
|
||||
let(:supplier) { create(:supplier_enterprise) }
|
||||
let(:supplier2) { create(:supplier_enterprise) }
|
||||
let!(:product) { create(:product, supplier: supplier) }
|
||||
let!(:inactive_product) { create(:product, available_on: Time.zone.now.tomorrow, name: "inactive") }
|
||||
let(:product_other_supplier) { create(:product, supplier: supplier2) }
|
||||
let(:product_with_image) { create(:product_with_image, supplier: supplier) }
|
||||
let(:attributes) { ["id", "name", "supplier", "price", "on_hand", "available_on", "permalink_live"] }
|
||||
let(:all_attributes) { ["id", "name", "price", "available_on", "variants"] }
|
||||
let(:variants_attributes) { ["id", "options_text", "unit_value", "unit_description", "unit_to_display", "on_demand", "display_as", "display_name", "name_to_display", "sku", "on_hand", "price"] }
|
||||
let(:supplier) { create(:supplier_enterprise) }
|
||||
let(:supplier2) { create(:supplier_enterprise) }
|
||||
let!(:product) { create(:product, supplier: supplier) }
|
||||
let!(:inactive_product) { create(:product, available_on: Time.zone.now.tomorrow, name: "inactive") }
|
||||
let(:product_other_supplier) { create(:product, supplier: supplier2) }
|
||||
let(:product_with_image) { create(:product_with_image, supplier: supplier) }
|
||||
let(:attributes) { ["id", "name", "supplier", "price", "on_hand", "available_on", "permalink_live"] }
|
||||
let(:all_attributes) { ["id", "name", "price", "available_on", "variants"] }
|
||||
let(:variants_attributes) { ["id", "options_text", "unit_value", "unit_description", "unit_to_display", "on_demand", "display_as", "display_name", "name_to_display", "sku", "on_hand", "price"] }
|
||||
|
||||
let(:current_api_user) { build(:user) }
|
||||
let(:current_api_user) { build(:user) }
|
||||
|
||||
before do
|
||||
allow(controller).to receive(:spree_current_user) { current_api_user }
|
||||
end
|
||||
|
||||
context "as a normal user" do
|
||||
before do
|
||||
allow(controller).to receive(:spree_current_user) { current_api_user }
|
||||
allow(current_api_user)
|
||||
.to receive(:has_spree_role?).with("admin").and_return(false)
|
||||
end
|
||||
|
||||
context "as a normal user" do
|
||||
it "gets a single product" do
|
||||
product.master.images.create!(attachment: image("thinking-cat.jpg"))
|
||||
product.variants.create!(unit_value: "1", unit_description: "thing")
|
||||
product.variants.first.images.create!(attachment: image("thinking-cat.jpg"))
|
||||
product.set_property("spree", "rocks")
|
||||
api_get :show, id: product.to_param
|
||||
|
||||
expect(all_attributes.all?{ |attr| json_response.keys.include? attr }).to eq(true)
|
||||
expect(variants_attributes.all?{ |attr| json_response['variants'].first.keys.include? attr }).to eq(true)
|
||||
end
|
||||
|
||||
context "finds a product by permalink first then by id" do
|
||||
let!(:other_product) { create(:product, permalink: "these-are-not-the-droids-you-are-looking-for") }
|
||||
|
||||
before do
|
||||
product.update_attribute(:permalink, "#{other_product.id}-and-1-ways")
|
||||
end
|
||||
|
||||
specify do
|
||||
api_get :show, id: product.to_param
|
||||
|
||||
expect(json_response["permalink_live"]).to match(/and-1-ways/)
|
||||
product.destroy
|
||||
|
||||
api_get :show, id: other_product.id
|
||||
expect(json_response["permalink_live"]).to match(/droids/)
|
||||
end
|
||||
end
|
||||
|
||||
it "cannot see inactive products" do
|
||||
api_get :show, id: inactive_product.to_param
|
||||
|
||||
expect(json_response["error"]).to eq("The resource you were looking for could not be found.")
|
||||
expect(response.status).to eq(404)
|
||||
end
|
||||
|
||||
it "returns a 404 error when it cannot find a product" do
|
||||
api_get :show, id: "non-existant"
|
||||
|
||||
expect(json_response["error"]).to eq("The resource you were looking for could not be found.")
|
||||
expect(response.status).to eq(404)
|
||||
end
|
||||
|
||||
include_examples "modifying product actions are restricted"
|
||||
end
|
||||
|
||||
context "as an enterprise user" do
|
||||
let(:current_api_user) do
|
||||
user = create(:user)
|
||||
user.enterprise_roles.create(enterprise: supplier)
|
||||
user
|
||||
end
|
||||
|
||||
it "soft deletes my products" do
|
||||
spree_delete :soft_delete, product_id: product.to_param, format: :json
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect { product.reload }.not_to raise_error
|
||||
expect(product.deleted_at).not_to be_nil
|
||||
end
|
||||
|
||||
it "is denied access to soft deleting another enterprises' product" do
|
||||
spree_delete :soft_delete, product_id: product_other_supplier.to_param, format: :json
|
||||
|
||||
assert_unauthorized!
|
||||
expect { product_other_supplier.reload }.not_to raise_error
|
||||
expect(product_other_supplier.deleted_at).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
context "as an administrator" do
|
||||
before do
|
||||
allow(current_api_user)
|
||||
.to receive(:has_spree_role?).with("admin").and_return(true)
|
||||
end
|
||||
|
||||
it "soft deletes a product" do
|
||||
spree_delete :soft_delete, product_id: product.to_param, format: :json
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect { product.reload }.not_to raise_error
|
||||
expect(product.deleted_at).not_to be_nil
|
||||
end
|
||||
|
||||
it "can create a new product" do
|
||||
api_post :create, product: { name: "The Other Product",
|
||||
price: 19.99,
|
||||
shipping_category_id: create(:shipping_category).id,
|
||||
supplier_id: supplier.id,
|
||||
primary_taxon_id: FactoryBot.create(:taxon).id,
|
||||
variant_unit: "items",
|
||||
variant_unit_name: "things",
|
||||
unit_description: "things" }
|
||||
|
||||
expect(all_attributes.all?{ |attr| json_response.keys.include? attr }).to eq(true)
|
||||
expect(response.status).to eq(201)
|
||||
end
|
||||
|
||||
it "cannot create a new product with invalid attributes" do
|
||||
api_post :create, product: {}
|
||||
|
||||
expect(response.status).to eq(422)
|
||||
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
|
||||
errors = json_response["errors"]
|
||||
expect(errors.keys).to match_array(["name", "price", "primary_taxon", "shipping_category_id", "supplier", "variant_unit"])
|
||||
end
|
||||
|
||||
it "can update a product" do
|
||||
api_put :update, id: product.to_param, product: { name: "New and Improved Product!" }
|
||||
|
||||
expect(response.status).to eq(200)
|
||||
end
|
||||
|
||||
it "cannot update a product with an invalid attribute" do
|
||||
api_put :update, id: product.to_param, product: { name: "" }
|
||||
|
||||
expect(response.status).to eq(422)
|
||||
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
|
||||
expect(json_response["errors"]["name"]).to eq(["can't be blank"])
|
||||
end
|
||||
|
||||
it "can delete a product" do
|
||||
expect(product.deleted_at).to be_nil
|
||||
api_delete :destroy, id: product.to_param
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect(product.reload.deleted_at).not_to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
describe '#clone' do
|
||||
context 'as a normal user' do
|
||||
before do
|
||||
allow(current_api_user)
|
||||
.to receive(:has_spree_role?).with("admin").and_return(false)
|
||||
end
|
||||
|
||||
it "gets a single product" do
|
||||
product.master.images.create!(attachment: image("thinking-cat.jpg"))
|
||||
product.variants.create!(unit_value: "1", unit_description: "thing")
|
||||
product.variants.first.images.create!(attachment: image("thinking-cat.jpg"))
|
||||
product.set_property("spree", "rocks")
|
||||
api_get :show, id: product.to_param
|
||||
it 'denies access' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
expect(all_attributes.all?{ |attr| json_response.keys.include? attr }).to eq(true)
|
||||
expect(variants_attributes.all?{ |attr| json_response['variants'].first.keys.include? attr }).to eq(true)
|
||||
assert_unauthorized!
|
||||
end
|
||||
|
||||
context "finds a product by permalink first then by id" do
|
||||
let!(:other_product) { create(:product, permalink: "these-are-not-the-droids-you-are-looking-for") }
|
||||
|
||||
before do
|
||||
product.update_attribute(:permalink, "#{other_product.id}-and-1-ways")
|
||||
end
|
||||
|
||||
specify do
|
||||
api_get :show, id: product.to_param
|
||||
|
||||
expect(json_response["permalink_live"]).to match(/and-1-ways/)
|
||||
product.destroy
|
||||
|
||||
api_get :show, id: other_product.id
|
||||
expect(json_response["permalink_live"]).to match(/droids/)
|
||||
end
|
||||
end
|
||||
|
||||
it "cannot see inactive products" do
|
||||
api_get :show, id: inactive_product.to_param
|
||||
|
||||
expect(json_response["error"]).to eq("The resource you were looking for could not be found.")
|
||||
expect(response.status).to eq(404)
|
||||
end
|
||||
|
||||
it "returns a 404 error when it cannot find a product" do
|
||||
api_get :show, id: "non-existant"
|
||||
|
||||
expect(json_response["error"]).to eq("The resource you were looking for could not be found.")
|
||||
expect(response.status).to eq(404)
|
||||
end
|
||||
|
||||
include_examples "modifying product actions are restricted"
|
||||
end
|
||||
|
||||
context "as an enterprise user" do
|
||||
context 'as an enterprise user' do
|
||||
let(:current_api_user) do
|
||||
user = create(:user)
|
||||
user.enterprise_roles.create(enterprise: supplier)
|
||||
user
|
||||
end
|
||||
|
||||
it "soft deletes my products" do
|
||||
spree_delete :soft_delete, product_id: product.to_param, format: :json
|
||||
it 'responds with a successful response' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect { product.reload }.not_to raise_error
|
||||
expect(product.deleted_at).not_to be_nil
|
||||
expect(response.status).to eq(201)
|
||||
end
|
||||
|
||||
it "is denied access to soft deleting another enterprises' product" do
|
||||
spree_delete :soft_delete, product_id: product_other_supplier.to_param, format: :json
|
||||
it 'clones the product' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
assert_unauthorized!
|
||||
expect { product_other_supplier.reload }.not_to raise_error
|
||||
expect(product_other_supplier.deleted_at).to be_nil
|
||||
expect(json_response['name']).to eq("COPY OF #{product.name}")
|
||||
end
|
||||
|
||||
it 'clones a product with image' do
|
||||
spree_post :clone, product_id: product_with_image.id, format: :json
|
||||
|
||||
expect(response.status).to eq(201)
|
||||
expect(json_response['name']).to eq("COPY OF #{product_with_image.name}")
|
||||
end
|
||||
end
|
||||
|
||||
context "as an administrator" do
|
||||
context 'as an administrator' do
|
||||
before do
|
||||
allow(current_api_user)
|
||||
.to receive(:has_spree_role?).with("admin").and_return(true)
|
||||
end
|
||||
|
||||
it "soft deletes a product" do
|
||||
spree_delete :soft_delete, product_id: product.to_param, format: :json
|
||||
it 'responds with a successful response' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect { product.reload }.not_to raise_error
|
||||
expect(product.deleted_at).not_to be_nil
|
||||
end
|
||||
|
||||
it "can create a new product" do
|
||||
api_post :create, product: { name: "The Other Product",
|
||||
price: 19.99,
|
||||
shipping_category_id: create(:shipping_category).id,
|
||||
supplier_id: supplier.id,
|
||||
primary_taxon_id: FactoryBot.create(:taxon).id,
|
||||
variant_unit: "items",
|
||||
variant_unit_name: "things",
|
||||
unit_description: "things" }
|
||||
|
||||
expect(all_attributes.all?{ |attr| json_response.keys.include? attr }).to eq(true)
|
||||
expect(response.status).to eq(201)
|
||||
end
|
||||
|
||||
it "cannot create a new product with invalid attributes" do
|
||||
api_post :create, product: {}
|
||||
it 'clones the product' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
expect(response.status).to eq(422)
|
||||
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
|
||||
errors = json_response["errors"]
|
||||
expect(errors.keys).to match_array(["name", "price", "primary_taxon", "shipping_category_id", "supplier", "variant_unit"])
|
||||
expect(json_response['name']).to eq("COPY OF #{product.name}")
|
||||
end
|
||||
|
||||
it "can update a product" do
|
||||
api_put :update, id: product.to_param, product: { name: "New and Improved Product!" }
|
||||
it 'clones a product with image' do
|
||||
spree_post :clone, product_id: product_with_image.id, format: :json
|
||||
|
||||
expect(response.status).to eq(200)
|
||||
end
|
||||
|
||||
it "cannot update a product with an invalid attribute" do
|
||||
api_put :update, id: product.to_param, product: { name: "" }
|
||||
|
||||
expect(response.status).to eq(422)
|
||||
expect(json_response["error"]).to eq("Invalid resource. Please fix errors and try again.")
|
||||
expect(json_response["errors"]["name"]).to eq(["can't be blank"])
|
||||
end
|
||||
|
||||
it "can delete a product" do
|
||||
expect(product.deleted_at).to be_nil
|
||||
api_delete :destroy, id: product.to_param
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect(product.reload.deleted_at).not_to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
describe '#clone' do
|
||||
context 'as a normal user' do
|
||||
before do
|
||||
allow(current_api_user)
|
||||
.to receive(:has_spree_role?).with("admin").and_return(false)
|
||||
end
|
||||
|
||||
it 'denies access' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
assert_unauthorized!
|
||||
end
|
||||
end
|
||||
|
||||
context 'as an enterprise user' do
|
||||
let(:current_api_user) do
|
||||
user = create(:user)
|
||||
user.enterprise_roles.create(enterprise: supplier)
|
||||
user
|
||||
end
|
||||
|
||||
it 'responds with a successful response' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
expect(response.status).to eq(201)
|
||||
end
|
||||
|
||||
it 'clones the product' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
expect(json_response['name']).to eq("COPY OF #{product.name}")
|
||||
end
|
||||
|
||||
it 'clones a product with image' do
|
||||
spree_post :clone, product_id: product_with_image.id, format: :json
|
||||
|
||||
expect(response.status).to eq(201)
|
||||
expect(json_response['name']).to eq("COPY OF #{product_with_image.name}")
|
||||
end
|
||||
end
|
||||
|
||||
context 'as an administrator' do
|
||||
before do
|
||||
allow(current_api_user)
|
||||
.to receive(:has_spree_role?).with("admin").and_return(true)
|
||||
end
|
||||
|
||||
it 'responds with a successful response' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
expect(response.status).to eq(201)
|
||||
end
|
||||
|
||||
it 'clones the product' do
|
||||
spree_post :clone, product_id: product.id, format: :json
|
||||
|
||||
expect(json_response['name']).to eq("COPY OF #{product.name}")
|
||||
end
|
||||
|
||||
it 'clones a product with image' do
|
||||
spree_post :clone, product_id: product_with_image.id, format: :json
|
||||
|
||||
expect(response.status).to eq(201)
|
||||
expect(json_response['name']).to eq("COPY OF #{product_with_image.name}")
|
||||
end
|
||||
expect(response.status).to eq(201)
|
||||
expect(json_response['name']).to eq("COPY OF #{product_with_image.name}")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@@ -1,199 +1,197 @@
|
||||
require 'spec_helper'
|
||||
|
||||
module Spree
|
||||
describe Spree::Api::VariantsController, type: :controller do
|
||||
render_views
|
||||
describe Api::VariantsController, type: :controller do
|
||||
render_views
|
||||
|
||||
let(:supplier) { FactoryBot.create(:supplier_enterprise) }
|
||||
let!(:variant1) { FactoryBot.create(:variant) }
|
||||
let!(:variant2) { FactoryBot.create(:variant) }
|
||||
let!(:variant3) { FactoryBot.create(:variant) }
|
||||
let(:attributes) { [:id, :options_text, :price, :on_hand, :unit_value, :unit_description, :on_demand, :display_as, :display_name] }
|
||||
let(:supplier) { FactoryBot.create(:supplier_enterprise) }
|
||||
let!(:variant1) { FactoryBot.create(:variant) }
|
||||
let!(:variant2) { FactoryBot.create(:variant) }
|
||||
let!(:variant3) { FactoryBot.create(:variant) }
|
||||
let(:attributes) { [:id, :options_text, :price, :on_hand, :unit_value, :unit_description, :on_demand, :display_as, :display_name] }
|
||||
|
||||
before do
|
||||
allow(controller).to receive(:spree_current_user) { current_api_user }
|
||||
before do
|
||||
allow(controller).to receive(:spree_current_user) { current_api_user }
|
||||
end
|
||||
|
||||
context "as a normal user" do
|
||||
sign_in_as_user!
|
||||
|
||||
let!(:product) { create(:product) }
|
||||
let!(:variant) do
|
||||
variant = product.master
|
||||
variant.option_values << create(:option_value)
|
||||
variant
|
||||
end
|
||||
|
||||
context "as a normal user" do
|
||||
sign_in_as_user!
|
||||
it "retrieves a list of variants with appropriate attributes" do
|
||||
spree_get :index, format: :json
|
||||
|
||||
let!(:product) { create(:product) }
|
||||
let!(:variant) do
|
||||
variant = product.master
|
||||
variant.option_values << create(:option_value)
|
||||
variant
|
||||
keys = json_response.first.keys.map(&:to_sym)
|
||||
expect(attributes.all?{ |attr| keys.include? attr }).to eq(true)
|
||||
end
|
||||
|
||||
it "is denied access when trying to delete a variant" do
|
||||
product = create(:product)
|
||||
variant = product.master
|
||||
spree_delete :soft_delete, variant_id: variant.to_param, product_id: product.to_param, format: :json
|
||||
|
||||
assert_unauthorized!
|
||||
expect { variant.reload }.not_to raise_error
|
||||
expect(variant.deleted_at).to be_nil
|
||||
end
|
||||
|
||||
it 'can query the results through a parameter' do
|
||||
expected_result = create(:variant, sku: 'FOOBAR')
|
||||
api_get :index, q: { sku_cont: 'FOO' }
|
||||
|
||||
expect(json_response.size).to eq(1)
|
||||
expect(json_response.first['sku']).to eq expected_result.sku
|
||||
end
|
||||
|
||||
# Regression test for spree#2141
|
||||
context "a deleted variant" do
|
||||
before do
|
||||
variant.update_column(:deleted_at, Time.zone.now)
|
||||
end
|
||||
|
||||
it "retrieves a list of variants with appropriate attributes" do
|
||||
spree_get :index, format: :json
|
||||
|
||||
keys = json_response.first.keys.map(&:to_sym)
|
||||
expect(attributes.all?{ |attr| keys.include? attr }).to eq(true)
|
||||
it "is not returned in the results" do
|
||||
api_get :index
|
||||
expect(json_response.count).to eq(10) # there are 11 variants
|
||||
end
|
||||
|
||||
it "is denied access when trying to delete a variant" do
|
||||
product = create(:product)
|
||||
variant = product.master
|
||||
spree_delete :soft_delete, variant_id: variant.to_param, product_id: product.to_param, format: :json
|
||||
|
||||
assert_unauthorized!
|
||||
expect { variant.reload }.not_to raise_error
|
||||
expect(variant.deleted_at).to be_nil
|
||||
end
|
||||
|
||||
it 'can query the results through a parameter' do
|
||||
expected_result = create(:variant, sku: 'FOOBAR')
|
||||
api_get :index, q: { sku_cont: 'FOO' }
|
||||
|
||||
expect(json_response.size).to eq(1)
|
||||
expect(json_response.first['sku']).to eq expected_result.sku
|
||||
end
|
||||
|
||||
# Regression test for spree#2141
|
||||
context "a deleted variant" do
|
||||
before do
|
||||
variant.update_column(:deleted_at, Time.zone.now)
|
||||
end
|
||||
|
||||
it "is not returned in the results" do
|
||||
api_get :index
|
||||
expect(json_response.count).to eq(10) # there are 11 variants
|
||||
end
|
||||
|
||||
it "is not returned even when show_deleted is passed" do
|
||||
api_get :index, show_deleted: true
|
||||
expect(json_response.count).to eq(10) # there are 11 variants
|
||||
end
|
||||
end
|
||||
|
||||
it "can see a single variant" do
|
||||
api_get :show, id: variant.to_param
|
||||
|
||||
keys = json_response.keys.map(&:to_sym)
|
||||
expect((attributes).all?{ |attr| keys.include? attr }).to eq(true)
|
||||
end
|
||||
|
||||
it "cannot create a new variant if not an admin" do
|
||||
api_post :create, variant: { sku: "12345" }
|
||||
|
||||
assert_unauthorized!
|
||||
end
|
||||
|
||||
it "cannot update a variant" do
|
||||
api_put :update, id: variant.to_param, variant: { sku: "12345" }
|
||||
|
||||
assert_unauthorized!
|
||||
end
|
||||
|
||||
it "cannot delete a variant" do
|
||||
api_delete :destroy, id: variant.to_param
|
||||
|
||||
assert_unauthorized!
|
||||
expect { variant.reload }.not_to raise_error
|
||||
it "is not returned even when show_deleted is passed" do
|
||||
api_get :index, show_deleted: true
|
||||
expect(json_response.count).to eq(10) # there are 11 variants
|
||||
end
|
||||
end
|
||||
|
||||
context "as an enterprise user" do
|
||||
sign_in_as_enterprise_user! [:supplier]
|
||||
let(:supplier_other) { create(:supplier_enterprise) }
|
||||
let(:product) { create(:product, supplier: supplier) }
|
||||
let(:variant) { product.master }
|
||||
let(:product_other) { create(:product, supplier: supplier_other) }
|
||||
let(:variant_other) { product_other.master }
|
||||
it "can see a single variant" do
|
||||
api_get :show, id: variant.to_param
|
||||
|
||||
it "soft deletes a variant" do
|
||||
spree_delete :soft_delete, variant_id: variant.to_param, product_id: product.to_param, format: :json
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect { variant.reload }.not_to raise_error
|
||||
expect(variant.deleted_at).to be_present
|
||||
end
|
||||
|
||||
it "is denied access to soft deleting another enterprises' variant" do
|
||||
spree_delete :soft_delete, variant_id: variant_other.to_param, product_id: product_other.to_param, format: :json
|
||||
|
||||
assert_unauthorized!
|
||||
expect { variant.reload }.not_to raise_error
|
||||
expect(variant.deleted_at).to be_nil
|
||||
end
|
||||
|
||||
context 'when the variant is not the master' do
|
||||
before { variant.update_attribute(:is_master, false) }
|
||||
|
||||
it 'refreshes the cache' do
|
||||
expect(OpenFoodNetwork::ProductsCache).to receive(:variant_destroyed).with(variant)
|
||||
spree_delete :soft_delete, variant_id: variant.id, product_id: variant.product.permalink, format: :json
|
||||
end
|
||||
end
|
||||
keys = json_response.keys.map(&:to_sym)
|
||||
expect((attributes).all?{ |attr| keys.include? attr }).to eq(true)
|
||||
end
|
||||
|
||||
context "as an administrator" do
|
||||
sign_in_as_admin!
|
||||
it "cannot create a new variant if not an admin" do
|
||||
api_post :create, variant: { sku: "12345" }
|
||||
|
||||
let(:product) { create(:product) }
|
||||
let(:variant) { product.master }
|
||||
let(:resource_scoping) { { product_id: variant.product.to_param } }
|
||||
assert_unauthorized!
|
||||
end
|
||||
|
||||
it "soft deletes a variant" do
|
||||
spree_delete :soft_delete, variant_id: variant.to_param, product_id: product.to_param, format: :json
|
||||
it "cannot update a variant" do
|
||||
api_put :update, id: variant.to_param, variant: { sku: "12345" }
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect { variant.reload }.not_to raise_error
|
||||
expect(variant.deleted_at).not_to be_nil
|
||||
end
|
||||
assert_unauthorized!
|
||||
end
|
||||
|
||||
it "doesn't delete the only variant of the product" do
|
||||
product = create(:product)
|
||||
variant = product.variants.first
|
||||
spree_delete :soft_delete, variant_id: variant.to_param, product_id: product.to_param, format: :json
|
||||
it "cannot delete a variant" do
|
||||
api_delete :destroy, id: variant.to_param
|
||||
|
||||
expect(variant.reload).to_not be_deleted
|
||||
expect(assigns(:variant).errors[:product]).to include "must have at least one variant"
|
||||
end
|
||||
assert_unauthorized!
|
||||
expect { variant.reload }.not_to raise_error
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the variant is not the master' do
|
||||
before { variant.update_attribute(:is_master, false) }
|
||||
context "as an enterprise user" do
|
||||
sign_in_as_enterprise_user! [:supplier]
|
||||
let(:supplier_other) { create(:supplier_enterprise) }
|
||||
let(:product) { create(:product, supplier: supplier) }
|
||||
let(:variant) { product.master }
|
||||
let(:product_other) { create(:product, supplier: supplier_other) }
|
||||
let(:variant_other) { product_other.master }
|
||||
|
||||
it 'refreshes the cache' do
|
||||
expect(OpenFoodNetwork::ProductsCache).to receive(:variant_destroyed).with(variant)
|
||||
spree_delete :soft_delete, variant_id: variant.id, product_id: variant.product.permalink, format: :json
|
||||
end
|
||||
end
|
||||
it "soft deletes a variant" do
|
||||
spree_delete :soft_delete, variant_id: variant.to_param, product_id: product.to_param, format: :json
|
||||
|
||||
context "deleted variants" do
|
||||
before do
|
||||
variant.update_column(:deleted_at, Time.zone.now)
|
||||
end
|
||||
expect(response.status).to eq(204)
|
||||
expect { variant.reload }.not_to raise_error
|
||||
expect(variant.deleted_at).to be_present
|
||||
end
|
||||
|
||||
it "are visible by admin" do
|
||||
api_get :index, show_deleted: 1
|
||||
it "is denied access to soft deleting another enterprises' variant" do
|
||||
spree_delete :soft_delete, variant_id: variant_other.to_param, product_id: product_other.to_param, format: :json
|
||||
|
||||
expect(json_response.count).to eq(2)
|
||||
end
|
||||
end
|
||||
assert_unauthorized!
|
||||
expect { variant.reload }.not_to raise_error
|
||||
expect(variant.deleted_at).to be_nil
|
||||
end
|
||||
|
||||
it "can create a new variant" do
|
||||
original_number_of_variants = variant.product.variants.count
|
||||
api_post :create, variant: { sku: "12345", unit_value: "weight", unit_description: "L" }
|
||||
context 'when the variant is not the master' do
|
||||
before { variant.update_attribute(:is_master, false) }
|
||||
|
||||
expect(attributes.all?{ |attr| json_response.include? attr.to_s }).to eq(true)
|
||||
expect(response.status).to eq(201)
|
||||
expect(json_response["sku"]).to eq("12345")
|
||||
expect(variant.product.variants.count).to eq(original_number_of_variants + 1)
|
||||
end
|
||||
|
||||
it "can update a variant" do
|
||||
api_put :update, id: variant.to_param, variant: { sku: "12345" }
|
||||
|
||||
expect(response.status).to eq(200)
|
||||
end
|
||||
|
||||
it "can delete a variant" do
|
||||
api_delete :destroy, id: variant.to_param
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect { Spree::Variant.find(variant.id) }.to raise_error(ActiveRecord::RecordNotFound)
|
||||
it 'refreshes the cache' do
|
||||
expect(OpenFoodNetwork::ProductsCache).to receive(:variant_destroyed).with(variant)
|
||||
spree_delete :soft_delete, variant_id: variant.id, product_id: variant.product.permalink, format: :json
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context "as an administrator" do
|
||||
sign_in_as_admin!
|
||||
|
||||
let(:product) { create(:product) }
|
||||
let(:variant) { product.master }
|
||||
let(:resource_scoping) { { product_id: variant.product.to_param } }
|
||||
|
||||
it "soft deletes a variant" do
|
||||
spree_delete :soft_delete, variant_id: variant.to_param, product_id: product.to_param, format: :json
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect { variant.reload }.not_to raise_error
|
||||
expect(variant.deleted_at).not_to be_nil
|
||||
end
|
||||
|
||||
it "doesn't delete the only variant of the product" do
|
||||
product = create(:product)
|
||||
variant = product.variants.first
|
||||
spree_delete :soft_delete, variant_id: variant.to_param, product_id: product.to_param, format: :json
|
||||
|
||||
expect(variant.reload).to_not be_deleted
|
||||
expect(assigns(:variant).errors[:product]).to include "must have at least one variant"
|
||||
end
|
||||
|
||||
context 'when the variant is not the master' do
|
||||
before { variant.update_attribute(:is_master, false) }
|
||||
|
||||
it 'refreshes the cache' do
|
||||
expect(OpenFoodNetwork::ProductsCache).to receive(:variant_destroyed).with(variant)
|
||||
spree_delete :soft_delete, variant_id: variant.id, product_id: variant.product.permalink, format: :json
|
||||
end
|
||||
end
|
||||
|
||||
context "deleted variants" do
|
||||
before do
|
||||
variant.update_column(:deleted_at, Time.zone.now)
|
||||
end
|
||||
|
||||
it "are visible by admin" do
|
||||
api_get :index, show_deleted: 1
|
||||
|
||||
expect(json_response.count).to eq(2)
|
||||
end
|
||||
end
|
||||
|
||||
it "can create a new variant" do
|
||||
original_number_of_variants = variant.product.variants.count
|
||||
api_post :create, variant: { sku: "12345", unit_value: "weight", unit_description: "L" }
|
||||
|
||||
expect(attributes.all?{ |attr| json_response.include? attr.to_s }).to eq(true)
|
||||
expect(response.status).to eq(201)
|
||||
expect(json_response["sku"]).to eq("12345")
|
||||
expect(variant.product.variants.count).to eq(original_number_of_variants + 1)
|
||||
end
|
||||
|
||||
it "can update a variant" do
|
||||
api_put :update, id: variant.to_param, variant: { sku: "12345" }
|
||||
|
||||
expect(response.status).to eq(200)
|
||||
end
|
||||
|
||||
it "can delete a variant" do
|
||||
api_delete :destroy, id: variant.to_param
|
||||
|
||||
expect(response.status).to eq(204)
|
||||
expect { Spree::Variant.find(variant.id) }.to raise_error(ActiveRecord::RecordNotFound)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user