raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-03-28 06:15:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
30,960 Commits 17 Branches 460 Tags
0887f0676f97c7393c0dd6ebf8a17d4bccc22fce
Commit Graph

30960 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jibees
6a874b9527 Merge pull request #10562 from openfoodfoundation/dependabot/bundler/rails-6.1.7.3 
Bump rails from 6.1.7.2 to 6.1.7.3
 2023-03-14 15:02:49 +01:00
dependabot[bot]
1f08da207f Bump rails from 6.1.7.2 to 6.1.7.3 
Bumps [rails](https://github.com/rails/rails) from 6.1.7.2 to 6.1.7.3.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.7.2...v6.1.7.3)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-14 09:59:50 +00:00
Maikel Linke
9c3bdc6b9b Remove unnecessary table join 
And use Rails syntax for clarity and future extensions.
 2023-03-14 14:38:25 +11:00
Maikel Linke
2105c0d0ea Ignore master variants exporting to DFC 2023-03-14 14:38:24 +11:00
Maikel Linke
6e514acc77 Spec too many variants exported to DFC 2023-03-14 14:38:24 +11:00
Maikel Linke
b8338fb9af Removing engine namespace from services 
Services are usually not namespaced because they are part of the app.
This engine has an isolated namespace which means that we don't need to
separate with out own namespacing here.
 2023-03-14 13:49:21 +11:00
jibees
687d4593fb Merge pull request #10550 from openfoodfoundation/dependabot/bundler/database_cleaner-2.0.2 
Bump database_cleaner from 2.0.1 to 2.0.2
 2023-03-13 21:12:42 +01:00
dependabot[bot]
b62f88512f Bump database_cleaner from 2.0.1 to 2.0.2 
Bumps [database_cleaner](https://github.com/DatabaseCleaner/database_cleaner) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/DatabaseCleaner/database_cleaner/releases)
- [Changelog](https://github.com/DatabaseCleaner/database_cleaner/blob/main/History.rdoc)
- [Commits](https://github.com/DatabaseCleaner/database_cleaner/compare/v2.0.1...v2.0.2)

---
updated-dependencies:
- dependency-name: database_cleaner
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 15:24:41 +00:00
jibees
6bdb89d090 Merge pull request #10551 from openfoodfoundation/dependabot/bundler/rubocop-1.48.1 
Bump rubocop from 1.48.0 to 1.48.1
 2023-03-13 16:16:56 +01:00
jibees
a63531c8c2 Merge pull request #10549 from openfoodfoundation/dependabot/bundler/ddtrace-1.10.1 
Bump ddtrace from 1.10.0 to 1.10.1
 2023-03-13 16:15:06 +01:00
jibees
de2a15e3e1 Merge pull request #10548 from openfoodfoundation/dependabot/npm_and_yarn/floating-ui/dom-1.2.4 
Bump @floating-ui/dom from 1.2.3 to 1.2.4
 2023-03-13 16:14:00 +01:00
vviekk
2674df026a Fixing 'unsaved' alert behaviour for order cycle edit forms 2023-03-13 17:50:00 +05:30
dependabot[bot]
e5f5d42d59 Bump rubocop from 1.48.0 to 1.48.1 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.48.0 to 1.48.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.48.0...v1.48.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 10:05:22 +00:00
dependabot[bot]
f23de206d9 Bump ddtrace from 1.10.0 to 1.10.1 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-rb) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/DataDog/dd-trace-rb/releases)
- [Changelog](https://github.com/DataDog/dd-trace-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/DataDog/dd-trace-rb/compare/v1.10.0...v1.10.1)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 10:03:01 +00:00
dependabot[bot]
729bcdf291 Bump @floating-ui/dom from 1.2.3 to 1.2.4 
Bumps [@floating-ui/dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/dom) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/floating-ui/floating-ui/releases)
- [Commits](https://github.com/floating-ui/floating-ui/commits/@floating-ui/dom@1.2.4/packages/dom)

---
updated-dependencies:
- dependency-name: "@floating-ui/dom"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 09:58:49 +00:00
vviekk
c1c0eca7c4 Enable invoices config only controls Print bulk action 2023-03-13 11:39:21 +05:30
vviekk
e10ea4b686 Merge branch 'openfoodfoundation:master' into 9978 2023-03-11 11:00:03 +05:30
David Cook
8f67e9839d Apply code suggestion 
Avoids an error:
./script/nodenv-install.sh: line 13: brew: command not found

Co-authored-by: Maikel <maikel@email.org.au>
 2023-03-10 13:38:59 +11:00
Maikel Linke
62d0ce290a Update translations v4.2.38 2023-03-10 11:42:36 +11:00
jibees
96ead52fcc Merge pull request #10536 from openfoodfoundation/dependabot/bundler/rack-2.2.6.3 
Bump rack from 2.2.6.2 to 2.2.6.3
 2023-03-09 14:55:19 +01:00
dependabot[bot]
ff708952ab Bump rack from 2.2.6.2 to 2.2.6.3 
Bumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.3.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/v2.2.6.2...v2.2.6.3)

---
updated-dependencies:
- dependency-name: rack
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-09 02:40:19 +00:00
David Cook
fdeeab5750 Test twitter with (almost) real world example 
I discovered that twitter doesn't have 'www' in the url anymore, no '@' symbol and interestingly no trailing slash. I added back the '@' just so we can test that still.

Using a regex group we can cater for optional www in a single regex.
 2023-03-09 11:22:04 +11:00
David Cook
9e7e176cf9 Accept full URLs 
It looks like the intention was there, so I made it work.
I've included a real world example, but added capitalisation to complete the test.
 2023-03-09 11:21:52 +11:00
Konrad
2daa49406a Merge pull request #10506 from jibees/9868-product-import-empty-variant-names-recorded-differently-leads-to-variant-duplication 
Product import: consider `display_name` with `null` or `empty` as value as equal
 2023-03-08 16:58:32 +01:00
Konrad
125bc3d14b Merge pull request #10514 from jibees/9292-changes-to-incomingoutgoing-products-lists-triggering-failed-to-update-order-cycle-error 
Do not update `estimate_price` of a variant that is not available for the shop on OrderCycle update
 2023-03-08 15:45:11 +01:00
Rachel Arnould
02300d6bb6 Merge pull request #10496 from rioug/10479-split-checkout-fix-user-blocked-at-step1 
[split checkout] Fix bug preventing user from reaching payment step
 2023-03-08 15:44:50 +01:00
Rachel Arnould
aba3968bca Merge pull request #10447 from jibees/9148-no-bulk-delete-possible-on-bom-when-orders-have-multiple-items 
Admin, BOM: can bulk delete line items of an order
 2023-03-08 14:56:25 +01:00
Gaetan Craig-Riou
23c4298519 Fix bug when in specific scenario user couldn't proceed to payment step 
When using a "pick up" shipping method, with a user who doesn't have a shipping address it was impossible to proceed to the payment step because shipping address was invalid.

To fix this, we ensure that "ship_address_same_as_billing" parameter is set to true when using a "pick up" shipping method.

use distributor address when shipping method doesn't require a ship address ; in doing this we follow the same logic as the legacy checkout
 2023-03-08 10:49:37 +01:00
Jean-Baptiste Bellet
40a0d8e08c Improve design: make delete not a button but a link + close to file name 2023-03-08 10:38:28 +01:00
Jean-Baptiste Bellet
5cbec5521c Simplify ability 
Co-Authored-By: David Cook <david@redcliffs.net>
 2023-03-08 10:38:28 +01:00
Rachel Arnould
d7047bb4cc Merge pull request #10513 from jibees/10505-add-shopper-comment-to-order-detail-summary 
SplitCheckout: Display special_instructions of the order as emphasized text if present on summary page
 2023-03-08 10:30:40 +01:00
binarygit
8f6fdf3e31 [Admin, Enterprise Settings] Remove Angular from Business Details tab 2023-03-08 10:26:05 +01:00
Rachel Arnould
1ce029d8e4 Merge pull request #10497 from jibees/10495-split-checkout-label-of-checkbox-save-card-for-future-use-is-clickable-but-not-active 
SplitCheckout: Make label clickable to check/uncheck checkbox on step 2
 2023-03-08 10:20:00 +01:00
jibees
eb7d20d74d Merge pull request #10530 from mkllnk/flaky-service-spec 
Stabilise spec with deterministic order
 2023-03-08 09:04:29 +01:00
Maikel Linke
c4ba1e6616 Stabilise spec with deterministic order 
The ids were returned in random order before.
 2023-03-08 13:14:40 +11:00
Maikel
f97ccb4203 Merge pull request #10525 from openfoodfoundation/dependabot/bundler/ddtrace-1.10.0 
Bump ddtrace from 1.9.0 to 1.10.0
 2023-03-08 12:09:04 +11:00
Maikel
df8283661d Merge pull request #10487 from mkllnk/time-spec 
Prepare caching spec for Rails 7
 2023-03-08 11:37:44 +11:00
Maikel
d9ee56b4a5 Merge pull request #10524 from mkllnk/dfc-urls 
Configure host for dfc_provider engine globally
 2023-03-08 11:13:48 +11:00
dependabot[bot]
2230a1f179 Bump ddtrace from 1.9.0 to 1.10.0 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-rb) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/DataDog/dd-trace-rb/releases)
- [Changelog](https://github.com/DataDog/dd-trace-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/DataDog/dd-trace-rb/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-07 09:58:38 +00:00
Maikel Linke
a9c8d9f304 Configure host for dfc_provider engine globally 
Passing the parameter all the time was pretty inconvenient.
 2023-03-07 16:39:02 +11:00
David Cook
9d5ca2255b Apply suggestions from code review 
Co-authored-by: Maikel <maikel@email.org.au>
 2023-03-07 15:38:50 +11:00
David Cook
00a823b2fc 6. Add webhook endpoints to user developer settings screen 
Allowing creation and deleting via the user association.
It probably won't be much effort to allow editing and multiple records, but I cut it down to the minimum needed to avoid any further delays.

I couldn't find a way to test a failure in the destroy method, but decided to keep the condition because I thought it was worth having.
 2023-03-07 15:38:50 +11:00
David Cook
3d81a6e280 Prevent creating duplicate webhook notifications [migration] 
Using the clever concurrency testing borrowed from SubscriptionPlacementJob, but I thought a shorter pause time (just 100ms) would be sufficient.

I considered doing this with a new 'state' field (upcoming/open/close), but decided to keep it simple.
 2023-03-07 15:38:50 +11:00
David Cook
739df4be01 4. OrderCycleOpenedJob triggers webhook 2023-03-07 15:38:50 +11:00
David Cook
b91cabc510 Also send webhook payloads for distributor owners 
But not supplier owners.
 2023-03-07 15:38:50 +11:00
David Cook
ba152f12ee 3. Add OrderCycleWebhookService to create webhook payloads for an order cycle event 2023-03-07 15:38:50 +11:00
David Cook
778baba118 User may have many WebhookEndpoints [migration] 
Although we won't be allowing multiple in the this PR, we certainly plan to in the future.

The migration helper add_reference couldn't handle the custom column name, so I had to put it together manually.
 2023-03-07 15:38:50 +11:00
David Cook
85c98c6d3e 2. Add model WebhookEndpoint [migration] 
This will store the URL for each user that wants a notification.

We probably don't need URL validation (it's not done on Enterprise for example). It could be validated by browser input, and anyway will be validated if the webhook actually works or not.

Inspired by Keygen: https://keygen.sh/blog/how-to-build-a-webhook-system-in-rails-using-sidekiq/
 2023-03-07 15:38:50 +11:00
David Cook
de9546587a Prevent webhooks to private addresses (SSRF) [add gem] 
Best reviewed with whitespace hidden.

Unfortunately the spec isn't allowed in CI. But it worked on my environment, I promise.
I chose `xit` so that it doesn't run unnecessarily. Perhaps we could use `pending` instead, which would execute, and notify us if it suddenly started working one day. But I doubt it.
 2023-03-07 15:38:50 +11:00
David Cook
9741935955 Raise error on server error 
And thus retry later.
I tried to test that it actually retries, or ensuring the job remained in the queue to be retried, but couldn't get it to work.
 2023-03-07 15:38:50 +11:00