raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-03-11 03:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
26,587 Commits 16 Branches 456 Tags
31db35675bbcfa7d8f5e107ea3d182cd26410ece
Commit Graph

26587 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
b62f88512f Bump database_cleaner from 2.0.1 to 2.0.2 
Bumps [database_cleaner](https://github.com/DatabaseCleaner/database_cleaner) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/DatabaseCleaner/database_cleaner/releases)
- [Changelog](https://github.com/DatabaseCleaner/database_cleaner/blob/main/History.rdoc)
- [Commits](https://github.com/DatabaseCleaner/database_cleaner/compare/v2.0.1...v2.0.2)

---
updated-dependencies:
- dependency-name: database_cleaner
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 15:24:41 +00:00
jibees
6bdb89d090 Merge pull request #10551 from openfoodfoundation/dependabot/bundler/rubocop-1.48.1 
Bump rubocop from 1.48.0 to 1.48.1
 2023-03-13 16:16:56 +01:00
jibees
a63531c8c2 Merge pull request #10549 from openfoodfoundation/dependabot/bundler/ddtrace-1.10.1 
Bump ddtrace from 1.10.0 to 1.10.1
 2023-03-13 16:15:06 +01:00
jibees
de2a15e3e1 Merge pull request #10548 from openfoodfoundation/dependabot/npm_and_yarn/floating-ui/dom-1.2.4 
Bump @floating-ui/dom from 1.2.3 to 1.2.4
 2023-03-13 16:14:00 +01:00
dependabot[bot]
e5f5d42d59 Bump rubocop from 1.48.0 to 1.48.1 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.48.0 to 1.48.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.48.0...v1.48.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 10:05:22 +00:00
dependabot[bot]
f23de206d9 Bump ddtrace from 1.10.0 to 1.10.1 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-rb) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/DataDog/dd-trace-rb/releases)
- [Changelog](https://github.com/DataDog/dd-trace-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/DataDog/dd-trace-rb/compare/v1.10.0...v1.10.1)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 10:03:01 +00:00
dependabot[bot]
729bcdf291 Bump @floating-ui/dom from 1.2.3 to 1.2.4 
Bumps [@floating-ui/dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/dom) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/floating-ui/floating-ui/releases)
- [Commits](https://github.com/floating-ui/floating-ui/commits/@floating-ui/dom@1.2.4/packages/dom)

---
updated-dependencies:
- dependency-name: "@floating-ui/dom"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 09:58:49 +00:00
Maikel Linke
62d0ce290a Update translations v4.2.38 2023-03-10 11:42:36 +11:00
jibees
96ead52fcc Merge pull request #10536 from openfoodfoundation/dependabot/bundler/rack-2.2.6.3 
Bump rack from 2.2.6.2 to 2.2.6.3
 2023-03-09 14:55:19 +01:00
dependabot[bot]
ff708952ab Bump rack from 2.2.6.2 to 2.2.6.3 
Bumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.3.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/v2.2.6.2...v2.2.6.3)

---
updated-dependencies:
- dependency-name: rack
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-09 02:40:19 +00:00
David Cook
fdeeab5750 Test twitter with (almost) real world example 
I discovered that twitter doesn't have 'www' in the url anymore, no '@' symbol and interestingly no trailing slash. I added back the '@' just so we can test that still.

Using a regex group we can cater for optional www in a single regex.
 2023-03-09 11:22:04 +11:00
David Cook
9e7e176cf9 Accept full URLs 
It looks like the intention was there, so I made it work.
I've included a real world example, but added capitalisation to complete the test.
 2023-03-09 11:21:52 +11:00
Konrad
2daa49406a Merge pull request #10506 from jibees/9868-product-import-empty-variant-names-recorded-differently-leads-to-variant-duplication 
Product import: consider `display_name` with `null` or `empty` as value as equal
 2023-03-08 16:58:32 +01:00
Konrad
125bc3d14b Merge pull request #10514 from jibees/9292-changes-to-incomingoutgoing-products-lists-triggering-failed-to-update-order-cycle-error 
Do not update `estimate_price` of a variant that is not available for the shop on OrderCycle update
 2023-03-08 15:45:11 +01:00
Rachel Arnould
02300d6bb6 Merge pull request #10496 from rioug/10479-split-checkout-fix-user-blocked-at-step1 
[split checkout] Fix bug preventing user from reaching payment step
 2023-03-08 15:44:50 +01:00
Rachel Arnould
aba3968bca Merge pull request #10447 from jibees/9148-no-bulk-delete-possible-on-bom-when-orders-have-multiple-items 
Admin, BOM: can bulk delete line items of an order
 2023-03-08 14:56:25 +01:00
Gaetan Craig-Riou
23c4298519 Fix bug when in specific scenario user couldn't proceed to payment step 
When using a "pick up" shipping method, with a user who doesn't have a shipping address it was impossible to proceed to the payment step because shipping address was invalid.

To fix this, we ensure that "ship_address_same_as_billing" parameter is set to true when using a "pick up" shipping method.

use distributor address when shipping method doesn't require a ship address ; in doing this we follow the same logic as the legacy checkout
 2023-03-08 10:49:37 +01:00
Rachel Arnould
d7047bb4cc Merge pull request #10513 from jibees/10505-add-shopper-comment-to-order-detail-summary 
SplitCheckout: Display special_instructions of the order as emphasized text if present on summary page
 2023-03-08 10:30:40 +01:00
Rachel Arnould
1ce029d8e4 Merge pull request #10497 from jibees/10495-split-checkout-label-of-checkbox-save-card-for-future-use-is-clickable-but-not-active 
SplitCheckout: Make label clickable to check/uncheck checkbox on step 2
 2023-03-08 10:20:00 +01:00
jibees
eb7d20d74d Merge pull request #10530 from mkllnk/flaky-service-spec 
Stabilise spec with deterministic order
 2023-03-08 09:04:29 +01:00
Maikel Linke
c4ba1e6616 Stabilise spec with deterministic order 
The ids were returned in random order before.
 2023-03-08 13:14:40 +11:00
Maikel
f97ccb4203 Merge pull request #10525 from openfoodfoundation/dependabot/bundler/ddtrace-1.10.0 
Bump ddtrace from 1.9.0 to 1.10.0
 2023-03-08 12:09:04 +11:00
Maikel
df8283661d Merge pull request #10487 from mkllnk/time-spec 
Prepare caching spec for Rails 7
 2023-03-08 11:37:44 +11:00
Maikel
d9ee56b4a5 Merge pull request #10524 from mkllnk/dfc-urls 
Configure host for dfc_provider engine globally
 2023-03-08 11:13:48 +11:00
dependabot[bot]
2230a1f179 Bump ddtrace from 1.9.0 to 1.10.0 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-rb) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/DataDog/dd-trace-rb/releases)
- [Changelog](https://github.com/DataDog/dd-trace-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/DataDog/dd-trace-rb/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-07 09:58:38 +00:00
Maikel Linke
a9c8d9f304 Configure host for dfc_provider engine globally 
Passing the parameter all the time was pretty inconvenient.
 2023-03-07 16:39:02 +11:00
David Cook
9d5ca2255b Apply suggestions from code review 
Co-authored-by: Maikel <maikel@email.org.au>
 2023-03-07 15:38:50 +11:00
David Cook
00a823b2fc 6. Add webhook endpoints to user developer settings screen 
Allowing creation and deleting via the user association.
It probably won't be much effort to allow editing and multiple records, but I cut it down to the minimum needed to avoid any further delays.

I couldn't find a way to test a failure in the destroy method, but decided to keep the condition because I thought it was worth having.
 2023-03-07 15:38:50 +11:00
David Cook
3d81a6e280 Prevent creating duplicate webhook notifications [migration] 
Using the clever concurrency testing borrowed from SubscriptionPlacementJob, but I thought a shorter pause time (just 100ms) would be sufficient.

I considered doing this with a new 'state' field (upcoming/open/close), but decided to keep it simple.
 2023-03-07 15:38:50 +11:00
David Cook
739df4be01 4. OrderCycleOpenedJob triggers webhook 2023-03-07 15:38:50 +11:00
David Cook
b91cabc510 Also send webhook payloads for distributor owners 
But not supplier owners.
 2023-03-07 15:38:50 +11:00
David Cook
ba152f12ee 3. Add OrderCycleWebhookService to create webhook payloads for an order cycle event 2023-03-07 15:38:50 +11:00
David Cook
778baba118 User may have many WebhookEndpoints [migration] 
Although we won't be allowing multiple in the this PR, we certainly plan to in the future.

The migration helper add_reference couldn't handle the custom column name, so I had to put it together manually.
 2023-03-07 15:38:50 +11:00
David Cook
85c98c6d3e 2. Add model WebhookEndpoint [migration] 
This will store the URL for each user that wants a notification.

We probably don't need URL validation (it's not done on Enterprise for example). It could be validated by browser input, and anyway will be validated if the webhook actually works or not.

Inspired by Keygen: https://keygen.sh/blog/how-to-build-a-webhook-system-in-rails-using-sidekiq/
 2023-03-07 15:38:50 +11:00
David Cook
de9546587a Prevent webhooks to private addresses (SSRF) [add gem] 
Best reviewed with whitespace hidden.

Unfortunately the spec isn't allowed in CI. But it worked on my environment, I promise.
I chose `xit` so that it doesn't run unnecessarily. Perhaps we could use `pending` instead, which would execute, and notify us if it suddenly started working one day. But I doubt it.
 2023-03-07 15:38:50 +11:00
David Cook
9741935955 Raise error on server error 
And thus retry later.
I tried to test that it actually retries, or ensuring the job remained in the queue to be retried, but couldn't get it to work.
 2023-03-07 15:38:50 +11:00
David Cook
9d19f37fec 1. Add WebhookDeliveryJob 
This job is responsible for delivering a payload for one webhook event only. It allows the action to run asynchronously (and not slow down the calling process).
 2023-03-07 15:38:50 +11:00
David Cook
718ac0ab80 Add Faraday for making HTTP requests [add gem] 
It's the most popular and flexible option, so should be able to cater for our future needs best.
 2023-03-07 15:38:47 +11:00
Maikel Linke
797b98d686 Remove Rails 5.0 controller spec workaround 
We added a method to work around a bug. But that's not needed any more.
 2023-03-07 08:46:36 +11:00
Maikel Linke
3dc3ebe584 Correctly include order id in return auth spec 
The route to update a return authorization must include the order number
as id:

    /admin/orders/:order_id/return_authorizations/:id(.:format)

The spec only worked because the controller's ivars were not reset
between requests and the order was already set. But Rails 7 will reset
the ivars and it failed finding the order without a given id.
 2023-03-07 08:46:36 +11:00
Jean-Baptiste Bellet
a7644f8e8b Update spec: can edit OC even if variant in subscription has been deleted 2023-03-06 17:12:09 +01:00
jibees
5dd2737811 Merge pull request #10517 from openfoodfoundation/dependabot/bundler/rubocop-1.48.0 
Bump rubocop from 1.47.0 to 1.48.0
 2023-03-06 15:23:25 +01:00
filipefurtad0
6d05d57846 Fixes spec when introducing invalid instagram link 
It seems that only the slash at the end of the address is making it invalid, which does not correspond to the error message. This is a separate issue.
 2023-03-06 15:02:49 +01:00
Jean-Baptiste Bellet
d9b534b829 + update spec as well 2023-03-06 14:52:32 +01:00
Jean-Baptiste Bellet
ac739108a2 Improve readability by generating search string for ransack 2023-03-06 11:31:36 +01:00
dependabot[bot]
a78768c291 Bump rubocop from 1.47.0 to 1.48.0 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.47.0 to 1.48.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.47.0...v1.48.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 10:02:43 +00:00
binarygit
ae166ae220 Fix: User does not get stuck when going backwards while creating new ent 2023-03-06 09:29:04 +01:00
binarygit
533f7048bf [Enterprise->Create] Show correct error message when user inputs url in instagram field 2023-03-06 09:29:04 +01:00
Maikel
b9a7ff903f Merge pull request #10494 from filipefurtad0/test_xlsx_reports 
Adds coverage for CSV and XLSX file download
 2023-03-06 15:00:56 +11:00
Maikel
fc6b61fc87 Merge pull request #10503 from openfoodfoundation/dependabot/npm_and_yarn/floating-ui/dom-1.2.3 
Bump @floating-ui/dom from 1.2.1 to 1.2.3
 2023-03-06 11:52:38 +11:00