raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-02 21:57:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
28,175 Commits 18 Branches 452 Tags
276b94de5bd7bb971c25b4f64e6acda0b5691391
Commit Graph

28175 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maikel
f97ccb4203 Merge pull request #10525 from openfoodfoundation/dependabot/bundler/ddtrace-1.10.0 
Bump ddtrace from 1.9.0 to 1.10.0
 2023-03-08 12:09:04 +11:00
Maikel
df8283661d Merge pull request #10487 from mkllnk/time-spec 
Prepare caching spec for Rails 7
 2023-03-08 11:37:44 +11:00
Maikel
d9ee56b4a5 Merge pull request #10524 from mkllnk/dfc-urls 
Configure host for dfc_provider engine globally
 2023-03-08 11:13:48 +11:00
dependabot[bot]
2230a1f179 Bump ddtrace from 1.9.0 to 1.10.0 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-rb) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/DataDog/dd-trace-rb/releases)
- [Changelog](https://github.com/DataDog/dd-trace-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/DataDog/dd-trace-rb/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-07 09:58:38 +00:00
Maikel Linke
a9c8d9f304 Configure host for dfc_provider engine globally 
Passing the parameter all the time was pretty inconvenient.
 2023-03-07 16:39:02 +11:00
David Cook
9d5ca2255b Apply suggestions from code review 
Co-authored-by: Maikel <maikel@email.org.au>
 2023-03-07 15:38:50 +11:00
David Cook
00a823b2fc 6. Add webhook endpoints to user developer settings screen 
Allowing creation and deleting via the user association.
It probably won't be much effort to allow editing and multiple records, but I cut it down to the minimum needed to avoid any further delays.

I couldn't find a way to test a failure in the destroy method, but decided to keep the condition because I thought it was worth having.
 2023-03-07 15:38:50 +11:00
David Cook
3d81a6e280 Prevent creating duplicate webhook notifications [migration] 
Using the clever concurrency testing borrowed from SubscriptionPlacementJob, but I thought a shorter pause time (just 100ms) would be sufficient.

I considered doing this with a new 'state' field (upcoming/open/close), but decided to keep it simple.
 2023-03-07 15:38:50 +11:00
David Cook
739df4be01 4. OrderCycleOpenedJob triggers webhook 2023-03-07 15:38:50 +11:00
David Cook
b91cabc510 Also send webhook payloads for distributor owners 
But not supplier owners.
 2023-03-07 15:38:50 +11:00
David Cook
ba152f12ee 3. Add OrderCycleWebhookService to create webhook payloads for an order cycle event 2023-03-07 15:38:50 +11:00
David Cook
778baba118 User may have many WebhookEndpoints [migration] 
Although we won't be allowing multiple in the this PR, we certainly plan to in the future.

The migration helper add_reference couldn't handle the custom column name, so I had to put it together manually.
 2023-03-07 15:38:50 +11:00
David Cook
85c98c6d3e 2. Add model WebhookEndpoint [migration] 
This will store the URL for each user that wants a notification.

We probably don't need URL validation (it's not done on Enterprise for example). It could be validated by browser input, and anyway will be validated if the webhook actually works or not.

Inspired by Keygen: https://keygen.sh/blog/how-to-build-a-webhook-system-in-rails-using-sidekiq/
 2023-03-07 15:38:50 +11:00
David Cook
de9546587a Prevent webhooks to private addresses (SSRF) [add gem] 
Best reviewed with whitespace hidden.

Unfortunately the spec isn't allowed in CI. But it worked on my environment, I promise.
I chose `xit` so that it doesn't run unnecessarily. Perhaps we could use `pending` instead, which would execute, and notify us if it suddenly started working one day. But I doubt it.
 2023-03-07 15:38:50 +11:00
David Cook
9741935955 Raise error on server error 
And thus retry later.
I tried to test that it actually retries, or ensuring the job remained in the queue to be retried, but couldn't get it to work.
 2023-03-07 15:38:50 +11:00
David Cook
9d19f37fec 1. Add WebhookDeliveryJob 
This job is responsible for delivering a payload for one webhook event only. It allows the action to run asynchronously (and not slow down the calling process).
 2023-03-07 15:38:50 +11:00
David Cook
718ac0ab80 Add Faraday for making HTTP requests [add gem] 
It's the most popular and flexible option, so should be able to cater for our future needs best.
 2023-03-07 15:38:47 +11:00
Neal Chambers
d95c5ff8a8 Use Spree Taxon Controller instead of API Taxon Controller 
Add tests for reordering taxons
 2023-03-07 13:22:59 +11:00
Maikel Linke
797b98d686 Remove Rails 5.0 controller spec workaround 
We added a method to work around a bug. But that's not needed any more.
 2023-03-07 08:46:36 +11:00
Maikel Linke
3dc3ebe584 Correctly include order id in return auth spec 
The route to update a return authorization must include the order number
as id:

    /admin/orders/:order_id/return_authorizations/:id(.:format)

The spec only worked because the controller's ivars were not reset
between requests and the order was already set. But Rails 7 will reset
the ivars and it failed finding the order without a given id.
 2023-03-07 08:46:36 +11:00
Jean-Baptiste Bellet
a7644f8e8b Update spec: can edit OC even if variant in subscription has been deleted 2023-03-06 17:12:09 +01:00
jibees
5dd2737811 Merge pull request #10517 from openfoodfoundation/dependabot/bundler/rubocop-1.48.0 
Bump rubocop from 1.47.0 to 1.48.0
 2023-03-06 15:23:25 +01:00
filipefurtad0
6d05d57846 Fixes spec when introducing invalid instagram link 
It seems that only the slash at the end of the address is making it invalid, which does not correspond to the error message. This is a separate issue.
 2023-03-06 15:02:49 +01:00
Jean-Baptiste Bellet
d9b534b829 + update spec as well 2023-03-06 14:52:32 +01:00
Jean-Baptiste Bellet
ac739108a2 Improve readability by generating search string for ransack 2023-03-06 11:31:36 +01:00
dependabot[bot]
a78768c291 Bump rubocop from 1.47.0 to 1.48.0 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.47.0 to 1.48.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.47.0...v1.48.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 10:02:43 +00:00
Neal Chambers
3f3ae97a40 Add tests for reordering taxons 2023-03-06 18:57:02 +09:00
binarygit
ae166ae220 Fix: User does not get stuck when going backwards while creating new ent 2023-03-06 09:29:04 +01:00
binarygit
533f7048bf [Enterprise->Create] Show correct error message when user inputs url in instagram field 2023-03-06 09:29:04 +01:00
Neal Chambers
e399e27a7d Merge remote-tracking branch 'origin/fix_taxonomy' into fix_taxonomy 2023-03-06 15:09:13 +09:00
Neal Chambers
63ba3defec Use Spree Taxon Controller instead of API Taxon Controller 2023-03-06 15:07:52 +09:00
Maikel
b9a7ff903f Merge pull request #10494 from filipefurtad0/test_xlsx_reports 
Adds coverage for CSV and XLSX file download
 2023-03-06 15:00:56 +11:00
Maikel
fc6b61fc87 Merge pull request #10503 from openfoodfoundation/dependabot/npm_and_yarn/floating-ui/dom-1.2.3 
Bump @floating-ui/dom from 1.2.1 to 1.2.3
 2023-03-06 11:52:38 +11:00
Jean-Baptiste Bellet
131772f7b2 Variant can be "not available": next and don't update its estimate price 2023-03-03 15:07:10 +01:00
Jean-Baptiste Bellet
440e776e3a fee_calculator can be retrieved outside subscription_line_items iteration 2023-03-03 15:05:07 +01:00
filipefurtad0
56b9c28955 Splits test cases into respective context blocks 
Reduces code
 2023-03-03 11:39:03 +00:00
Jean-Baptiste Bellet
c34942dbf0 Display special_instructions of order as emphasized text if present 
+ update spec as well
 2023-03-03 11:12:11 +01:00
Jean-Baptiste Bellet
2814b1f399 Update all locales with the latest Transifex translations v4.2.37 2023-03-03 09:35:40 +01:00
Konrad
0e13e5408f Merge pull request #10467 from abdellani/fix_hub_supplier_can_control_shipping_payment_method 
limit users who can update shipping/payment method of an order cycle
 2023-03-03 09:27:37 +01:00
Maikel Linke
12906d1e13 Explicitely touch instead of noop save 
When calling `save!` without changing any attributes then Rails doesn't
always touch other records because nothing changed. So I changed the
spec to `touch` explicitely and it turns out that everything passes.

Tada, our code seems correct and it was only the spec which seemed
broken in Rails 7.
 2023-03-03 12:51:12 +11:00
Maikel Linke
103bc50bdc Make spec robust on very fast computers 
I didn't observe it but if the spec code would run within the same
millisecond then we wouldn't be able to observe a change to
`updated_at`. Time travel solves this potential problem.
 2023-03-03 12:51:12 +11:00
Maikel Linke
b6cccc2e1d Mark broken specs, possible broken caching 
I found this because Rails 7 converts timestamps to database precision
straight away. While we may have some broken logic in the code, most of
these cases may just be broken spec code. Watch this space.
 2023-03-03 12:34:55 +11:00
Maikel Linke
918e583d01 Account for Rails 7 rounding in time spec 
Storing a timestamp to the database has less accuracy than a Ruby Time
object. So `updated_at` changes after being written and loaded from the
database. Rails 7 accounts for that by rounding it in the model already
before it's written to the database. That made one spec fail.
 2023-03-03 12:34:55 +11:00
Maikel
6371f7eff6 Merge pull request #10474 from abdellani/fix-customer-can-checkout-non-matching-shipping-and-product-categories 
Fix: Customers can checkout with non-matching shipping and product categories
 2023-03-03 11:27:11 +11:00
Filipe
60bea89f5c Merge pull request #10135 from abdellani/fix_when_user_deletes_a_shipping_method_existing_orders_are_updated_with_a_random_shipping_method 
Fix When user deletes a shipping method existing orders are updated with a random shipping method
 2023-03-02 20:03:59 +00:00
Jean-Baptiste Bellet
7b8ccccdc3 display_name can actually be null or empty: consider them as equal 2023-03-02 17:15:57 +01:00
dependabot[bot]
fb01a6e244 Bump devise from 4.8.1 to 4.9.0 
Bumps [devise](https://github.com/heartcombo/devise) from 4.8.1 to 4.9.0.
- [Release notes](https://github.com/heartcombo/devise/releases)
- [Changelog](https://github.com/heartcombo/devise/blob/main/CHANGELOG.md)
- [Commits](https://github.com/heartcombo/devise/compare/v4.8.1...v4.9.0)

---
updated-dependencies:
- dependency-name: devise
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-02 14:47:11 +00:00
jibees
f88689e45f Merge pull request #10469 from openfoodfoundation/dependabot/bundler/sidekiq-7.0.6 
Bump sidekiq from 7.0.5 to 7.0.6
 2023-03-02 15:32:17 +01:00
jibees
1c1a7ffe9b Merge pull request #10444 from openfoodfoundation/dependabot/bundler/devise-i18n-1.10.3 
Bump devise-i18n from 1.10.2 to 1.10.3
 2023-03-02 15:30:01 +01:00
dependabot[bot]
0cae069769 Bump @floating-ui/dom from 1.2.1 to 1.2.3 
Bumps [@floating-ui/dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/dom) from 1.2.1 to 1.2.3.
- [Release notes](https://github.com/floating-ui/floating-ui/releases)
- [Commits](https://github.com/floating-ui/floating-ui/commits/@floating-ui/dom@1.2.3/packages/dom)

---
updated-dependencies:
- dependency-name: "@floating-ui/dom"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-02 12:45:36 +00:00