raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-30 21:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
26,450 Commits 18 Branches 452 Tags
00a823b2fc3ddbf689bff00e0219d06522badc75
Commit Graph

26450 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Cook
00a823b2fc 6. Add webhook endpoints to user developer settings screen 
Allowing creation and deleting via the user association.
It probably won't be much effort to allow editing and multiple records, but I cut it down to the minimum needed to avoid any further delays.

I couldn't find a way to test a failure in the destroy method, but decided to keep the condition because I thought it was worth having.
 2023-03-07 15:38:50 +11:00
David Cook
3d81a6e280 Prevent creating duplicate webhook notifications [migration] 
Using the clever concurrency testing borrowed from SubscriptionPlacementJob, but I thought a shorter pause time (just 100ms) would be sufficient.

I considered doing this with a new 'state' field (upcoming/open/close), but decided to keep it simple.
 2023-03-07 15:38:50 +11:00
David Cook
739df4be01 4. OrderCycleOpenedJob triggers webhook 2023-03-07 15:38:50 +11:00
David Cook
b91cabc510 Also send webhook payloads for distributor owners 
But not supplier owners.
 2023-03-07 15:38:50 +11:00
David Cook
ba152f12ee 3. Add OrderCycleWebhookService to create webhook payloads for an order cycle event 2023-03-07 15:38:50 +11:00
David Cook
778baba118 User may have many WebhookEndpoints [migration] 
Although we won't be allowing multiple in the this PR, we certainly plan to in the future.

The migration helper add_reference couldn't handle the custom column name, so I had to put it together manually.
 2023-03-07 15:38:50 +11:00
David Cook
85c98c6d3e 2. Add model WebhookEndpoint [migration] 
This will store the URL for each user that wants a notification.

We probably don't need URL validation (it's not done on Enterprise for example). It could be validated by browser input, and anyway will be validated if the webhook actually works or not.

Inspired by Keygen: https://keygen.sh/blog/how-to-build-a-webhook-system-in-rails-using-sidekiq/
 2023-03-07 15:38:50 +11:00
David Cook
de9546587a Prevent webhooks to private addresses (SSRF) [add gem] 
Best reviewed with whitespace hidden.

Unfortunately the spec isn't allowed in CI. But it worked on my environment, I promise.
I chose `xit` so that it doesn't run unnecessarily. Perhaps we could use `pending` instead, which would execute, and notify us if it suddenly started working one day. But I doubt it.
 2023-03-07 15:38:50 +11:00
David Cook
9741935955 Raise error on server error 
And thus retry later.
I tried to test that it actually retries, or ensuring the job remained in the queue to be retried, but couldn't get it to work.
 2023-03-07 15:38:50 +11:00
David Cook
9d19f37fec 1. Add WebhookDeliveryJob 
This job is responsible for delivering a payload for one webhook event only. It allows the action to run asynchronously (and not slow down the calling process).
 2023-03-07 15:38:50 +11:00
David Cook
718ac0ab80 Add Faraday for making HTTP requests [add gem] 
It's the most popular and flexible option, so should be able to cater for our future needs best.
 2023-03-07 15:38:47 +11:00
Maikel
6371f7eff6 Merge pull request #10474 from abdellani/fix-customer-can-checkout-non-matching-shipping-and-product-categories 
Fix: Customers can checkout with non-matching shipping and product categories
 2023-03-03 11:27:11 +11:00
Filipe
60bea89f5c Merge pull request #10135 from abdellani/fix_when_user_deletes_a_shipping_method_existing_orders_are_updated_with_a_random_shipping_method 
Fix When user deletes a shipping method existing orders are updated with a random shipping method
 2023-03-02 20:03:59 +00:00
jibees
f88689e45f Merge pull request #10469 from openfoodfoundation/dependabot/bundler/sidekiq-7.0.6 
Bump sidekiq from 7.0.5 to 7.0.6
 2023-03-02 15:32:17 +01:00
jibees
1c1a7ffe9b Merge pull request #10444 from openfoodfoundation/dependabot/bundler/devise-i18n-1.10.3 
Bump devise-i18n from 1.10.2 to 1.10.3
 2023-03-02 15:30:01 +01:00
jibees
0aa11581af Merge pull request #10502 from openfoodfoundation/dependabot/npm_and_yarn/hotwired/turbo-7.3.0 
Bump @hotwired/turbo from 7.2.5 to 7.3.0
 2023-03-02 13:44:20 +01:00
dependabot[bot]
4d72c807ea Bump devise-i18n from 1.10.2 to 1.10.3 
Bumps [devise-i18n](https://github.com/tigrish/devise-i18n) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/tigrish/devise-i18n/releases)
- [Changelog](https://github.com/tigrish/devise-i18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tigrish/devise-i18n/compare/v1.10.2...v1.10.3)

---
updated-dependencies:
- dependency-name: devise-i18n
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-02 12:43:57 +00:00
dependabot[bot]
f182712188 Bump sidekiq from 7.0.5 to 7.0.6 
Bumps [sidekiq](https://github.com/sidekiq/sidekiq) from 7.0.5 to 7.0.6.
- [Release notes](https://github.com/sidekiq/sidekiq/releases)
- [Changelog](https://github.com/sidekiq/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/sidekiq/sidekiq/compare/v7.0.5...v7.0.6)

---
updated-dependencies:
- dependency-name: sidekiq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-02 12:43:45 +00:00
jibees
1171577d5d Merge pull request #10489 from openfoodfoundation/dependabot/bundler/sidekiq-scheduler-5.0.2 
Bump sidekiq-scheduler from 5.0.1 to 5.0.2
 2023-03-02 13:42:54 +01:00
jibees
d05522c21c Merge pull request #10472 from openfoodfoundation/dependabot/bundler/omniauth_openid_connect-0.6.1 
Bump omniauth_openid_connect from 0.6.0 to 0.6.1
 2023-03-02 13:42:37 +01:00
jibees
cbdb3c2834 Merge pull request #10504 from openfoodfoundation/dependabot/bundler/rubocop-1.47.0 
Bump rubocop from 1.46.0 to 1.47.0
 2023-03-02 11:12:46 +01:00
dependabot[bot]
87c3165a24 Bump rubocop from 1.46.0 to 1.47.0 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.46.0 to 1.47.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.46.0...v1.47.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-02 10:02:09 +00:00
dependabot[bot]
81e96298b5 Bump @hotwired/turbo from 7.2.5 to 7.3.0 
Bumps [@hotwired/turbo](https://github.com/hotwired/turbo) from 7.2.5 to 7.3.0.
- [Release notes](https://github.com/hotwired/turbo/releases)
- [Commits](https://github.com/hotwired/turbo/compare/v7.2.5...v7.3.0)

---
updated-dependencies:
- dependency-name: "@hotwired/turbo"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-02 09:57:36 +00:00
dependabot[bot]
b734067785 Bump omniauth_openid_connect from 0.6.0 to 0.6.1 
Bumps [omniauth_openid_connect](https://github.com/m0n9oose/omniauth_openid_connect) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/m0n9oose/omniauth_openid_connect/releases)
- [Changelog](https://github.com/omniauth/omniauth_openid_connect/blob/master/CHANGELOG.md)
- [Commits](https://github.com/m0n9oose/omniauth_openid_connect/compare/v0.6.0...v0.6.1)

---
updated-dependencies:
- dependency-name: omniauth_openid_connect
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-01 14:22:38 +00:00
jibees
e7bf912a23 Merge pull request #10490 from openfoodfoundation/dependabot/bundler/puma-6.1.1 
Bump puma from 6.1.0 to 6.1.1
 2023-03-01 15:14:57 +01:00
jibees
b07a0fca50 Merge pull request #10498 from openfoodfoundation/dependabot/bundler/knapsack_pro-3.8.0 
Bump knapsack_pro from 3.7.0 to 3.8.0
 2023-03-01 11:01:37 +01:00
Mohamed ABDELLANI
348f806bbe remove load_shipping_methods 2023-03-01 10:53:03 +01:00
Mohamed ABDELLANI
89037e160c Update app/controllers/concerns/checkout_callbacks.rb 
Co-authored-by: Maikel <maikel@email.org.au>
 2023-03-01 10:51:27 +01:00
Mohamed ABDELLANI
eab8e2be6c load exclusively the shipping methods that support all the shipping categories of the line items 2023-03-01 10:51:27 +01:00
dependabot[bot]
d146684acb Bump knapsack_pro from 3.7.0 to 3.8.0 
Bumps [knapsack_pro](https://github.com/KnapsackPro/knapsack_pro-ruby) from 3.7.0 to 3.8.0.
- [Release notes](https://github.com/KnapsackPro/knapsack_pro-ruby/releases)
- [Changelog](https://github.com/KnapsackPro/knapsack_pro-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/KnapsackPro/knapsack_pro-ruby/compare/v3.7.0...v3.8.0)

---
updated-dependencies:
- dependency-name: knapsack_pro
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-01 09:13:38 +00:00
Maikel
c3fe399f0c Merge pull request #10476 from mkllnk/flaky-index-spec 
Stabilise flaky spec with defined enterprise order
 2023-03-01 10:05:44 +11:00
Maikel
182e5bd0ee Merge pull request #10493 from jibees/10492-background-reports-background_reports-breaks-pdf-and-xlsx-file-download 
Reports, `background_reports` feature toggle activated: Force writing file in binary mode
 2023-03-01 10:00:11 +11:00
Maikel
bccee0698f Merge pull request #10332 from jibees/8901-allow-product-description-to-show-images-in-the-shopfront 
Shopfront: Allow product description with formatting and `<img />`
 2023-03-01 09:56:41 +11:00
Konrad
11928859bc Merge pull request #10438 from jibees/10133-update-column-dropdown-everywhere 
Redesign old columns dropdown component to match the design of the new one
 2023-02-28 20:22:00 +01:00
Konrad
6a0b9cbb76 Merge pull request #10459 from openfoodfoundation/dependabot/bundler/stripe-8.3.0 
Bump stripe from 8.0.0 to 8.3.0
 2023-02-28 19:22:50 +01:00
Jean-Baptiste Bellet
075e295fc2 Force writing file in binary mode 
```
/Users/jibees/dev/openfoodnetwork/app/jobs/report_job.rb:22:in `write': "\\xFE" from ASCII-8BIT to UTF-8 (Encoding::UndefinedConversionError)
from /Users/jibees/dev/openfoodnetwork/app/jobs/report_job.rb:22:in `write'
from /Users/jibees/dev/openfoodnetwork/app/jobs/report_job.rb:8:in `perform'
```
 2023-02-28 15:30:14 +01:00
jibees
151f96f673 Merge pull request #10486 from mkllnk/i18n-spec 
Remove unused Spree translation checker
 2023-02-28 14:28:39 +01:00
dependabot[bot]
2d7c593fe6 Bump sidekiq-scheduler from 5.0.1 to 5.0.2 
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Changelog](https://github.com/sidekiq-scheduler/sidekiq-scheduler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v5.0.1...v5.0.2)

---
updated-dependencies:
- dependency-name: sidekiq-scheduler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-28 10:52:14 +00:00
dependabot[bot]
5cded5ba8d Bump puma from 6.1.0 to 6.1.1 
Bumps [puma](https://github.com/puma/puma) from 6.1.0 to 6.1.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v6.1.0...v6.1.1)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-28 09:57:59 +00:00
Maikel Linke
4f15b5a65b Specify raised error in spec and avoid warning 
Before it said:

```
WARNING: Using the `raise_error` matcher without providing a specific error or message risks false positives, since `raise_error` will match when Ruby raises a `NoMethodError`, `NameError` or `ArgumentError`, potentially allowing the expectation to pass without even executing the method you are intending to call. Actual error raised was #<RuntimeError: Cannot use t(".legacy_translation") shortcut because path is not available>. Instead consider providing a specific error class or message. This message can be suppressed by setting: `RSpec::Expectations.configuration.on_potential_false_positives = :nothing`.
```
 2023-02-28 15:44:18 +11:00
Maikel Linke
bf1cbe615f Remove unused Spree translation checker 
If we wanted similar functionality in the future then we would implement
it differently. At the moment, it's just unused code.
 2023-02-28 15:44:18 +11:00
Maikel
890ab6796e Merge pull request #10413 from mkllnk/reports-params 
Fix background processing of Enterprise Fee Summary report
 2023-02-28 13:07:59 +11:00
Maikel Linke
10aa7730e5 Rename user var again for clarity 2023-02-28 12:50:55 +11:00
Maikel Linke
116e844004 Stabilise flaky spec with defined enterprise order 2023-02-28 12:42:55 +11:00
Maikel Linke
16289a62f1 Rename test vars for clarity 2023-02-28 12:42:55 +11:00
Maikel Linke
e9fa360d61 Take test setup as granted and simplify 2023-02-28 12:42:55 +11:00
Maikel Linke
e6eb9412d9 Simplify owner selection in spec 
Instead of knowing the input id generated by select2, we now rely on the
fact that the owner is in the fifth column. Both could change but this
is less code.
 2023-02-28 12:42:55 +11:00
Maikel Linke
401210ef44 DRY and clarify test case 2023-02-28 12:42:55 +11:00
Maikel Linke
f484518ee5 Remove unused test enterprise 2023-02-28 12:42:55 +11:00
Mohamed ABDELLANI
066c7bb449 promote OrderManagement::Stock::Estimator.calculate_cost to a public method 2023-02-27 17:49:54 +01:00