raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-03-16 04:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into 2-0-stable-nov-8th

Browse Source
This commit is contained in:
luisramos0
2018-11-08 11:18:54 +00:00
parent fae0617639 51a94c8194
commit fcdb5cd7af
101 changed files with 4970 additions and 760 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
spec/controllers/admin/manager_invitations_controller_spec.rb
View File

@@ -2,6 +2,8 @@ require 'spec_helper'
module Admin
describe ManagerInvitationsController, type: :controller do
include OpenFoodNetwork::EmailHelper
let!(:enterprise_owner) { create(:user) }
let!(:other_enterprise_user) { create(:user) }
let!(:existing_user) { create(:user) }
@@ -25,7 +27,7 @@ module Admin
context "signing up a new user" do
before do
create(:mail_method)
setup_email
controller.stub spree_current_user: admin
end
@@ -46,7 +48,7 @@ module Admin
describe "with enterprise permissions" do
context "as user with proper enterprise permissions" do
before do
create(:mail_method)
setup_email
controller.stub spree_current_user: enterprise_owner
end

3
spec/controllers/admin/subscriptions_controller_spec.rb
View File

@@ -2,6 +2,7 @@ require 'spec_helper'
describe Admin::SubscriptionsController, type: :controller do
include AuthenticationWorkflow
include OpenFoodNetwork::EmailHelper
describe 'index' do
let!(:user) { create(:user, enterprise_limit: 10) }
@@ -626,7 +627,7 @@ describe Admin::SubscriptionsController, type: :controller do
context "when at least one associate orders is 'canceled'" do
before do
Spree::Config[:mails_from] = "spree@example.com"
setup_email
proxy_order.cancel
end

158
spec/controllers/api/orders_controller_spec.rb Normal file
View File

@@ -0,0 +1,158 @@
require 'spec_helper'
require 'spree/api/testing_support/helpers'
module Api
describe OrdersController, type: :controller do
include AuthenticationWorkflow
render_views
describe '#index' do
let!(:distributor) { create(:distributor_enterprise) }
let!(:distributor2) { create(:distributor_enterprise) }
let!(:supplier) { create(:supplier_enterprise) }
let!(:coordinator) { create(:distributor_enterprise) }
let!(:order_cycle) { create(:simple_order_cycle, coordinator: coordinator) }
let!(:order1) do
create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now,
distributor: distributor, billing_address: create(:address) )
end
let!(:order2) do
create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now,
distributor: distributor2, billing_address: create(:address) )
end
let!(:order3) do
create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now,
distributor: distributor, billing_address: create(:address) )
end
let!(:line_item1) do
create(:line_item, order: order1,
product: create(:product, supplier: supplier))
end
let!(:line_item2) do
create(:line_item, order: order2,
product: create(:product, supplier: supplier))
end
let!(:line_item3) do
create(:line_item, order: order2,
product: create(:product, supplier: supplier))
end
let!(:line_item4) do
create(:line_item, order: order3,
product: create(:product, supplier: supplier))
end
let!(:regular_user) { create(:user) }
let!(:admin_user) { create(:admin_user) }
context 'as a regular user' do
before do
allow(controller).to receive(:spree_current_user) { regular_user }
get :index
end
it "returns unauthorized" do
assert_unauthorized!
end
end
context 'as an admin user' do
before do
allow(controller).to receive(:spree_current_user) { admin_user }
get :index
end
it "retrieves a list of orders with appropriate attributes,
including line items with appropriate attributes" do
returns_orders(json_response)
end
it "formats completed_at to 'yyyy-mm-dd hh:mm'" do
completed_dates = json_response['orders'].map{ |order| order['completed_at'] }
correct_formats = completed_dates.all?{ |a| a == order1.completed_at.strftime('%B %d, %Y') }
expect(correct_formats).to be_truthy
end
it "returns distributor object with id key" do
distributors = json_response['orders'].map{ |order| order['distributor'] }
expect(distributors.all?{ |d| d.key?('id') }).to be_truthy
end
it "returns the order number" do
order_numbers = json_response['orders'].map{ |order| order['number'] }
expect(order_numbers.all?{ |number| number.match("^R\\d{5,10}$") }).to be_truthy
end
end
context 'as an enterprise user' do
context 'producer enterprise' do
before do
allow(controller).to receive(:spree_current_user) { supplier.owner }
get :index
end
it "does not display line items for which my enterprise is a supplier" do
assert_unauthorized!
end
end
context 'coordinator enterprise' do
before do
allow(controller).to receive(:spree_current_user) { coordinator.owner }
get :index
end
it "retrieves a list of orders" do
returns_orders(json_response)
end
end
context 'hub enterprise' do
before do
allow(controller).to receive(:spree_current_user) { distributor.owner }
get :index
end
it "retrieves a list of orders" do
returns_orders(json_response)
end
end
end
context 'with pagination' do
before do
allow(controller).to receive(:spree_current_user) { distributor.owner }
end
it 'returns pagination data when query params contain :per_page]' do
get :index, per_page: 15, page: 1
pagination_data = {
'results' => 2,
'pages' => 1,
'page' => 1,
'per_page' => 15
}
expect(json_response['pagination']).to eq pagination_data
end
end
end
private
def returns_orders(response)
keys = response['orders'].first.keys.map(&:to_sym)
expect(order_attributes.all?{ |attr| keys.include? attr }).to be_truthy
end
def order_attributes
[
:id, :number, :full_name, :email, :phone, :completed_at, :display_total,
:show_path, :edit_path, :state, :payment_state, :shipment_state,
:payments_path, :shipments_path, :ship_path, :ready_to_ship, :created_at,
:distributor_name, :special_instructions, :payment_capture_path
]
end
end
end

78
spec/controllers/line_items_controller_spec.rb
View File

@@ -27,70 +27,72 @@ describe LineItemsController, type: :controller do
end
end
describe "destroying a line item on a completed order" do
let(:item) do
order = create(:completed_order_with_totals)
item = create(:line_item, order: order)
while !order.completed? do break unless order.next! end
item
end
let(:order) { item.order }
let(:order_cycle) { create(:simple_order_cycle, distributors: [distributor], variants: [order.line_item_variants]) }
before { controller.stub spree_current_user: item.order.user }
context "without a line item id" do
it "fails and raises an error" do
delete :destroy
expect(response.status).to eq 404
describe "destroying a line item" do
context "on a completed order" do
let(:item) do
order = create(:completed_order_with_totals)
item = create(:line_item, order: order)
while !order.completed? do break unless order.next! end
item
end
end
context "with a line item id" do
let(:params) { { format: :json, id: item } }
let(:order) { item.order }
let(:order_cycle) { create(:simple_order_cycle, distributors: [distributor], variants: [order.line_item_variants]) }
context "where the item's order is not associated with the user" do
it "denies deletion" do
delete :destroy, params
expect(response.status).to eq 403
before { controller.stub spree_current_user: item.order.user }
context "without a line item id" do
it "fails and raises an error" do
delete :destroy
expect(response.status).to eq 404
end
end
context "where the item's order is associated with the current user" do
before { order.update_attributes!(user_id: user.id) }
context "with a line item id" do
let(:params) { { format: :json, id: item } }
context "without an order cycle or distributor" do
context "where the item's order is not associated with the user" do
it "denies deletion" do
delete :destroy, params
expect(response.status).to eq 403
end
end
context "with an order cycle and distributor" do
before { order.update_attributes!(order_cycle_id: order_cycle.id, distributor_id: distributor.id) }
context "where the item's order is associated with the current user" do
before { order.update_attributes!(user_id: user.id) }
context "where changes are not allowed" do
context "without an order cycle or distributor" do
it "denies deletion" do
delete :destroy, params
expect(response.status).to eq 403
end
end
context "where changes are allowed" do
before { distributor.update_attributes!(allow_order_changes: true) }
context "with an order cycle and distributor" do
before { order.update_attributes!(order_cycle_id: order_cycle.id, distributor_id: distributor.id) }
it "deletes the line item" do
delete :destroy, params
expect(response.status).to eq 204
expect { item.reload }.to raise_error ActiveRecord::RecordNotFound
context "where changes are not allowed" do
it "denies deletion" do
delete :destroy, params
expect(response.status).to eq 403
end
end
context "where changes are allowed" do
before { distributor.update_attributes!(allow_order_changes: true) }
it "deletes the line item" do
delete :destroy, params
expect(response.status).to eq 204
expect { item.reload }.to raise_error ActiveRecord::RecordNotFound
end
end
end
end
end
end
context "where shipping and payment fees apply" do
context "on a completed order with shipping and payment fees" do
let(:shipping_fee) { 3 }
let(:payment_fee) { 5 }
let(:order) { create(:completed_order_with_fees, shipping_fee: shipping_fee, payment_fee: payment_fee) }
@@ -124,7 +126,7 @@ describe LineItemsController, type: :controller do
end
end
context "where enterprise fees apply" do
context "on a completed order with enterprise fees" do
let(:user) { create(:user) }
let(:variant) { create(:variant) }
let(:distributor) { create(:distributor_enterprise, allow_order_changes: true) }

121
spec/controllers/spree/admin/orders_controller_spec.rb
View File

@@ -2,6 +2,7 @@ require 'spec_helper'
describe Spree::Admin::OrdersController, type: :controller do
include AuthenticationWorkflow
include OpenFoodNetwork::EmailHelper
context "updating an order with line items" do
let!(:order) { create(:order) }
@@ -30,112 +31,22 @@ describe Spree::Admin::OrdersController, type: :controller do
end
describe "#index" do
render_views
let(:order_attributes) { [:id, :full_name, :email, :phone, :completed_at, :distributor, :order_cycle, :number] }
def self.make_simple_data!
let!(:dist1) { FactoryBot.create(:distributor_enterprise) }
let!(:order1) { FactoryBot.create(:order, state: 'complete', completed_at: Time.zone.now, distributor: dist1, billing_address: FactoryBot.create(:address) ) }
let!(:order2) { FactoryBot.create(:order, state: 'complete', completed_at: Time.zone.now, distributor: dist1, billing_address: FactoryBot.create(:address) ) }
let!(:order3) { FactoryBot.create(:order, state: 'complete', completed_at: Time.zone.now, distributor: dist1, billing_address: FactoryBot.create(:address) ) }
let!(:line_item1) { FactoryBot.create(:line_item_with_shipment, order: order1) }
let!(:line_item2) { FactoryBot.create(:line_item_with_shipment, order: order2) }
let!(:line_item3) { FactoryBot.create(:line_item_with_shipment, order: order2) }
let!(:line_item4) { FactoryBot.create(:line_item_with_shipment, order: order3) }
let(:line_item_attributes) { [:id, :quantity, :max_quantity, :supplier, :units_product, :units_variant] }
end
context "as a normal user" do
before { controller.stub spree_current_user: create_enterprise_user }
make_simple_data!
context "as a regular user" do
before { allow(controller).to receive(:spree_current_user) { create_enterprise_user } }
it "should deny me access to the index action" do
spree_get :index, :format => :json
spree_get :index
expect(response).to redirect_to spree.unauthorized_path
end
end
context "as an administrator" do
make_simple_data!
before do
controller.stub spree_current_user: quick_login_as_admin
spree_get :index, :format => :json
end
it "retrieves a list of orders with appropriate attributes, including line items with appropriate attributes" do
keys = json_response['orders'].first.keys.map{ |key| key.to_sym }
order_attributes.all?{ |attr| keys.include? attr }.should == true
end
it "sorts orders in descending id order" do
ids = json_response['orders'].map{ |order| order['id'] }
ids[0].should > ids[1]
ids[1].should > ids[2]
end
it "formats completed_at to 'yyyy-mm-dd hh:mm'" do
pp json_response
json_response['orders'].map{ |order| order['completed_at'] }.all?{ |a| a == order1.completed_at.strftime('%B %d, %Y') }.should == true
end
it "returns distributor object with id key" do
json_response['orders'].map{ |order| order['distributor'] }.all?{ |d| d.has_key?('id') }.should == true
end
it "retrieves the order number" do
json_response['orders'].map{ |order| order['number'] }.all?{ |number| number.match("^R\\d{5,10}$") }.should == true
end
end
context "as an enterprise user" do
let(:supplier) { create(:supplier_enterprise) }
let(:distributor1) { create(:distributor_enterprise) }
let(:distributor2) { create(:distributor_enterprise) }
let(:coordinator) { create(:distributor_enterprise) }
let(:order_cycle) { create(:simple_order_cycle, coordinator: coordinator) }
let!(:order1) { FactoryBot.create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now, distributor: distributor1, billing_address: FactoryBot.create(:address) ) }
let!(:line_item1) { FactoryBot.create(:line_item_with_shipment, order: order1, product: FactoryBot.create(:product, supplier: supplier)) }
let!(:line_item2) { FactoryBot.create(:line_item_with_shipment, order: order1, product: FactoryBot.create(:product, supplier: supplier)) }
let!(:order2) { FactoryBot.create(:order, order_cycle: order_cycle, state: 'complete', completed_at: Time.zone.now, distributor: distributor2, billing_address: FactoryBot.create(:address) ) }
let!(:line_item3) { FactoryBot.create(:line_item_with_shipment, order: order2, product: FactoryBot.create(:product, supplier: supplier)) }
let!(:order) { create(:order_with_distributor) }
context "producer enterprise" do
before { allow(controller).to receive(:spree_current_user) { order.distributor.owner } }
before do
controller.stub spree_current_user: supplier.owner
spree_get :index, :format => :json
end
it "does not display line items for which my enterprise is a supplier" do
expect(response).to redirect_to spree.unauthorized_path
end
end
context "coordinator enterprise" do
before do
controller.stub spree_current_user: coordinator.owner
spree_get :index, :format => :json
end
it "retrieves a list of orders" do
keys = json_response['orders'].first.keys.map{ |key| key.to_sym }
order_attributes.all?{ |attr| keys.include? attr }.should == true
end
end
context "hub enterprise" do
before do
controller.stub spree_current_user: distributor1.owner
spree_get :index, :format => :json
end
it "retrieves a list of orders" do
keys = json_response['orders'].first.keys.map{ |key| key.to_sym }
order_attributes.all?{ |attr| keys.include? attr }.should == true
end
it "should allow access" do
expect(response.status).to eq 200
end
end
end
@@ -148,7 +59,7 @@ describe Spree::Admin::OrdersController, type: :controller do
let(:params) { { id: order.number } }
context "as a normal user" do
before { controller.stub spree_current_user: user }
before { allow(controller).to receive(:spree_current_user) { user } }
it "should prevent me from sending order invoices" do
spree_get :invoice, params
@@ -158,7 +69,8 @@ describe Spree::Admin::OrdersController, type: :controller do
context "as an enterprise user" do
context "which is not a manager of the distributor for an order" do
before { controller.stub spree_current_user: user }
before { allow(controller).to receive(:spree_current_user) { user } }
it "should prevent me from sending order invoices" do
spree_get :invoice, params
expect(response).to redirect_to spree.unauthorized_path
@@ -166,7 +78,8 @@ describe Spree::Admin::OrdersController, type: :controller do
end
context "which is a manager of the distributor for an order" do
before { controller.stub spree_current_user: distributor.owner }
before { allow(controller).to receive(:spree_current_user) { distributor.owner } }
context "when the distributor's ABN has not been set" do
before { distributor.update_attribute(:abn, "") }
it "should allow me to send order invoices" do
@@ -181,8 +94,8 @@ describe Spree::Admin::OrdersController, type: :controller do
context "when the distributor's ABN has been set" do
before { distributor.update_attribute(:abn, "123") }
before do
Spree::Config[:mails_from] = "spree@example.com"
ActionMailer::Base.perform_deliveries = true
setup_email
end
it "should allow me to send order invoices" do
@@ -204,7 +117,7 @@ describe Spree::Admin::OrdersController, type: :controller do
let(:params) { { id: order.number } }
context "as a normal user" do
before { controller.stub spree_current_user: user }
before { allow(controller).to receive(:spree_current_user) { user } }
it "should prevent me from sending order invoices" do
spree_get :print, params
@@ -214,7 +127,7 @@ describe Spree::Admin::OrdersController, type: :controller do
context "as an enterprise user" do
context "which is not a manager of the distributor for an order" do
before { controller.stub spree_current_user: user }
before { allow(controller).to receive(:spree_current_user) { user } }
it "should prevent me from sending order invoices" do
spree_get :print, params
expect(response).to redirect_to spree.unauthorized_path
@@ -222,7 +135,7 @@ describe Spree::Admin::OrdersController, type: :controller do
end
context "which is a manager of the distributor for an order" do
before { controller.stub spree_current_user: distributor.owner }
before { allow(controller).to receive(:spree_current_user) { distributor.owner } }
it "should allow me to send order invoices" do
spree_get :print, params
expect(response).to render_template :invoice

4
spec/controllers/spree/orders_controller_spec.rb
View File

@@ -1,6 +1,8 @@
require 'spec_helper'
describe Spree::OrdersController, type: :controller do
include OpenFoodNetwork::EmailHelper
let(:distributor) { double(:distributor) }
let(:order) { create(:order) }
let(:order_cycle) { create(:simple_order_cycle) }
@@ -371,7 +373,7 @@ describe Spree::OrdersController, type: :controller do
let(:order) { create(:completed_order_with_totals, user: user) }
before do
Spree::Config[:mails_from] = "spree@example.com"
setup_email
end
it "responds with success" do

4
spec/controllers/user_confirmations_controller_spec.rb
View File

@@ -2,6 +2,8 @@ require 'spec_helper'
describe UserConfirmationsController, type: :controller do
include AuthenticationWorkflow
include OpenFoodNetwork::EmailHelper
let!(:user) { create_enterprise_user }
let!(:confirmed_user) { create_enterprise_user(confirmed_at: nil) }
let!(:unconfirmed_user) { create_enterprise_user(confirmed_at: nil) }
@@ -57,7 +59,7 @@ describe UserConfirmationsController, type: :controller do
end
context "requesting confirmation instructions to be resent" do
before { create(:mail_method) }
before { setup_email }
it "redirects the user to login" do
spree_post :create, { spree_user: { email: unconfirmed_user.email } }

3
spec/controllers/user_passwords_controller_spec.rb
View File

@@ -2,6 +2,8 @@ require 'spec_helper'
require 'spree/api/testing_support/helpers'
describe UserPasswordsController, type: :controller do
include OpenFoodNetwork::EmailHelper
let(:user) { create(:user) }
let(:unconfirmed_user) { create(:user, confirmed_at: nil) }
@@ -32,6 +34,7 @@ describe UserPasswordsController, type: :controller do
end
it "renders Darkswarm" do
setup_email
clear_jobs
user.send_reset_password_instructions

3
spec/controllers/user_registrations_controller_spec.rb
View File

@@ -2,9 +2,10 @@ require 'spec_helper'
require 'spree/api/testing_support/helpers'
describe UserRegistrationsController, type: :controller do
include OpenFoodNetwork::EmailHelper
before(:all) do
create(:mail_method)
setup_email
end
before do