The headers in the request were not being populated correctly in the test, so the #api_key method was not functioning as intended.
Fixes:
48) Api::BaseController cannot make a request to the API with an invalid API key
Failure/Error: expect(json_response).to eq( "error" => "Invalid API key (fake_key) specified." )
expected: {"error"=>"Invalid API key (fake_key) specified."}
got: {"products"=>[]}
(compared using ==)
Diff:
@@ -1,2 +1,2 @@
-"error" => "Invalid API key (fake_key) specified.",
+"products" => [],
# ./spec/controllers/api/base_controller_spec.rb:40:in `block (3 levels) in <top (required)>'
This will happen if user deletes a saved credit card used previously. In this case, the admin payment details page will render empty details and the payment amount
Some depreacted calls to #find_by_* had previously been updated elsewhere, but the spec was still checking if the object received the #find_by_shipping_method_id message.
Fixes:
85) OrderShipment#select_shipping_method when order has a shipment when shipping_method_id is not valid for the order returns nil
Failure/Error: expect(shipment.shipping_rates).to receive(:find_by_shipping_method_id).with(invalid_shipping_method_id) { nil }
(#<ActiveRecord::Associations::CollectionProxy []>).find_by_shipping_method_id(1312)
expected: 1 time with arguments: (1312)
received: 0 times
# ./spec/models/concerns/order_shipment_spec.rb:53:in `block (5 levels) in <top (required)>'
DEPRECATION WARNING: TestCase#process now expects the HTTP method as second argument: process(action, http_method, params, session, flash). (called from api_process at /home/user/Github/openfoodnetwork/spec/support/controller_hacks.rb:22)
This process mimicks the existing process of generating a token on the connected account from a card on the platform account. In the Payment Intents API we need to create a payment method in the connected account, a token is not enough
If we had multiple failed payments and then a successful payment, the
order confirmation was displaying the payment method of the first failed
payment. That was confusing and is now changed to the last payment
method.
Don't allow for HTML and potentially bad scripts. But this also prevents
accidental display errors. If someone wrote, "We only take <cash>", it
would mess with the site.
