Merge pull request #6910 from andrewpbrett/remove-order-capture

Make orders not capturable if they have a payment pending authorization

app/serializers/api/admin/order_serializer.rb

@@ -38,9 +38,11 @@ module Api
         spree_routes_helper.admin_order_payments_path(object)
       end
 
+      # This methods requires to eager load the payment association (with its required WHERE
+      # constraints) so as not to cause and N+1.
       def ready_to_capture
-        pending_payment = object.pending_payments.first
-        object.payment_required? && pending_payment
+        pending_payments = object.pending_payments.reject(&:authorization_action_required?)
+        object.payment_required? && pending_payments.any?
       end
 
       def ready_to_ship

app/services/search_orders.rb

@@ -13,7 +13,9 @@ class SearchOrders
   attr_reader :params, :current_user
 
   def fetch_orders
-    @search = search_query.ransack(params[:q])
+    @search = search_query.
+      includes(:payments, :subscription, :shipments, :bill_address, :distributor, :order_cycle).
+      ransack(params[:q])
 
     return paginated_results if using_pagination?
 

spec/controllers/api/orders_controller_spec.rb

@@ -157,6 +157,47 @@ module Api
           expect(json_response['pagination']).to eq pagination_data
         end
       end
+
+      context "when there is a pending payment requiring authorization" do
+        let!(:pending_payment) do
+          create(
+            :payment,
+            order: order1,
+            state: 'pending',
+            amount: 123.45,
+            cvv_response_message: "https://stripe.com/redirect"
+          )
+        end
+
+        before do
+          allow(controller).to receive(:spree_current_user) { distributor.owner }
+        end
+
+        it "returns false" do
+          get :index
+          expect(json_response['orders'].first['ready_to_capture']).to eq(false)
+        end
+      end
+
+      context "when there is a pending payment but it does not require authorization" do
+        let!(:pending_payment) do
+          create(
+            :payment,
+            order: order1,
+            state: 'pending',
+            amount: 123.45,
+          )
+        end
+
+        before do
+          allow(controller).to receive(:spree_current_user) { distributor.owner }
+        end
+
+        it "returns true" do
+          get :index
+          expect(json_response['orders'].first['ready_to_capture']).to eq(true)
+        end
+      end
     end
 
     describe "#show" do

spec/serializers/api/admin/order_serializer_spec.rb

@@ -28,4 +28,43 @@ describe Api::Admin::OrderSerializer do
       end
     end
   end
+
+  describe '#ready_to_capture' do
+    let(:order) { create(:order) }
+
+    before do
+      allow(order).to receive(:payment_required?) { true }
+    end
+
+    context "there is a pending payment requiring authorization" do
+      let!(:pending_payment) do
+        create(
+          :payment,
+          order: order,
+          state: 'pending',
+          amount: 123.45,
+          cvv_response_message: "https://stripe.com/redirect"
+        )
+      end
+
+      it "returns false" do
+        expect(serializer.ready_to_capture).to be false
+      end
+    end
+
+    context "there is a pending payment but it does not require authorization" do
+      let!(:pending_payment) do
+        create(
+          :payment,
+          order: order,
+          state: 'pending',
+          amount: 123.45,
+        )
+      end
+
+      it "returns true" do
+        expect(serializer.ready_to_capture).to be true
+      end
+    end
+  end
 end