From c646eb3939fb585304dcd7ae0e28cca5c1287592 Mon Sep 17 00:00:00 2001
From: Pau Perez <saulopefa@gmail.com>
Date: Fri, 1 Dec 2017 19:32:37 +1100
Subject: [PATCH] Disable api auth as there is no Spree api key set

Although Spree::Api::Config[:requires_authentication] is set to false by
default for some unknown reason if not done explicitly Spree still
returns it as false.

This amends the change done in a87c89c83db9e54c58ea43e5b273d2906669c624,
which introduced the bug. As there is no Spree api key set the auth
fails when getting taxons.
---
 config/initializers/spree.rb                         |  2 +-
 .../spree/api/products_controller_spec.rb            | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/config/initializers/spree.rb b/config/initializers/spree.rb
index dc41aa9258..2c5ba91ac3 100644
--- a/config/initializers/spree.rb
+++ b/config/initializers/spree.rb
@@ -12,7 +12,7 @@ require 'spree/core/calculated_adjustments_decorator'
 require "#{Rails.root}/app/models/spree/payment_method_decorator"
 require "#{Rails.root}/app/models/spree/gateway_decorator"
 
-Spree::Api::Config[:requires_authentication] = true
+Spree::Api::Config[:requires_authentication] = false
 
 Spree.config do |config|
   config.shipping_instructions = true
diff --git a/spec/controllers/spree/api/products_controller_spec.rb b/spec/controllers/spree/api/products_controller_spec.rb
index fcc56c20a3..29d508ab9a 100644
--- a/spec/controllers/spree/api/products_controller_spec.rb
+++ b/spec/controllers/spree/api/products_controller_spec.rb
@@ -15,8 +15,7 @@ module Spree
     let(:attributes) { [:id, :name, :supplier, :price, :on_hand, :available_on, :permalink_live] }
 
     before do
-      stub_authentication!
-      Spree.user_class.stub :find_by_spree_api_key => current_api_user
+      allow(controller).to receive(:spree_current_user) { current_api_user }
     end
 
     context "as a normal user" do
@@ -109,14 +108,11 @@ module Spree
     end
 
     describe '#clone' do
-      before do
-        spree_post :clone, product_id: product1.id, format: :json
-      end
-
       context 'as a normal user' do
         sign_in_as_user!
 
         it 'denies access' do
+          spree_post :clone, product_id: product1.id, format: :json
           assert_unauthorized!
         end
       end
@@ -125,10 +121,12 @@ module Spree
         sign_in_as_enterprise_user! [:supplier]
 
         it 'responds with a successful response' do
+          spree_post :clone, product_id: product1.id, format: :json
           expect(response.status).to eq(201)
         end
 
         it 'clones the product' do
+          spree_post :clone, product_id: product1.id, format: :json
           expect(json_response['name']).to eq("COPY OF #{product1.name}")
         end
       end
@@ -137,10 +135,12 @@ module Spree
         sign_in_as_admin!
 
         it 'responds with a successful response' do
+          spree_post :clone, product_id: product1.id, format: :json
           expect(response.status).to eq(201)
         end
 
         it 'clones the product' do
+          spree_post :clone, product_id: product1.id, format: :json
           expect(json_response['name']).to eq("COPY OF #{product1.name}")
         end
       end