raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-26 20:56:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
25,833 Commits 18 Branches 451 Tags
5f4aed92d81114df87516be076b5162f9511e4e8
Commit Graph

400 Commits

Author SHA1 Message Date
David Cook
7b965718aa Authorise based on user's UID 
And test to make sure the wrong user is not selected.
 2022-11-25 16:14:25 +11:00
David Cook
61e7b59437 Refactor spec 
Ready to expand in the next commit.
 2022-11-25 16:14:20 +11:00
David Cook
ff9544e08b Allow AuthorizationControl to run without Warden 
As explained in 36c44a5487, it's not normally good to change production code to make testing easier.
But this tiny change makes it more robust, and enables much simpler specs.
 2022-11-25 16:01:42 +11:00
Maikel Linke
029c0afaa9 Verify token signature for authenticated login 
We were just logging in any user without password or other verification
before. Now we verify the Keycloak signature and know that the person is
indeed logged in.
 2022-11-25 14:49:36 +11:00
Maikel Linke
33ee03388f Add DFC product update action, not implemented 2022-11-25 14:49:36 +11:00
Maikel Linke
4d49266f0f Allow updates just with auth token 
Rails usually requires an additional CSRF protection token but when it's
not present we ignore the user's session and use only the OIDC auth
token.
 2022-11-25 14:49:36 +11:00
Maikel Linke
aea6f864d9 Update to DFC v1.6 
I just replaced dfc: with dfc-b: where I found this key used in the
prototype. We may need to change more.
 2022-11-25 14:49:36 +11:00
Maikel Linke
4cdb224434 Add missing rdfs prefix to DFC context 2022-11-25 14:49:36 +11:00
Maikel Linke
8d6615aa6b Start to spec DFC auth control 2022-11-25 14:49:36 +11:00
Maikel Linke
b0aa7b7b55 Use Rspec's http matcher for better fail output 
The previous version would just say that it expected true and got false.
The specific matcher tells us which code it expected and which code it
found.
 2022-11-25 14:49:36 +11:00
Maikel Linke
c90d2c7f9a Spec DFC authorisation with real token 
Our code doesn't actually verify the token yet but at least we are not
mocking it all anymore.
 2022-11-25 14:49:36 +11:00
Maikel Linke
63c1cd7bff Remove invalid id attribute from DFC offer 
This one is a bit confusing. The attribute changes throughout the
different versions of the ontology and the DFC examples are not in line
with the specification. WIP I guess.

The previous nil attribute failed JSON-LD validation and DFC examples
just contain the reference as I did it now. But I think that we will
need to update it again vor DFC-v1.7.
 2022-11-25 14:49:36 +11:00
Maikel Linke
ee3ec15bc4 Update URL to DFC ontology 2022-11-25 14:49:36 +11:00
Maikel Linke
b9a43df7fe Include DFC version in API URL 
And let the OFN app decide under which name to mount the DFC engine.
It simplifies the code and will make it more flexible to introduce other
versions in the future.
 2022-11-25 14:49:36 +11:00
Maikel Linke
fd274447fe Simplify DFC authentication code 2022-11-25 14:49:36 +11:00
Maikel Linke
52a98989e0 Allow logged in users to access DFC API 
It makes testing in development so much easier.
 2022-11-25 14:49:36 +11:00
Maikel Linke
96193a27a4 Simplify DFC authorisation control 
I want to add other ways to authenticate for easier testing and possibly
more integrations. It will be easier to just test if we got a user or
not instead of testing pre-conditions to that as well.
 2022-11-25 14:49:36 +11:00
Maikel Linke
2630fde763 Update dfc_provider for Active Storage images 2022-11-25 14:49:36 +11:00
Maikel Linke
a501bc9687 Encapsulate dfc_provider in api routing 
Move /api/v0/dfc_provider to /api/dfc_provider. Before it got redirected
to v0 which caused some errors.
 2022-11-25 14:49:36 +11:00
filipefurtad0
1fd09617cb Changes cookies_spec from feature to system spec 2022-08-11 10:44:22 +01:00
Sebastian Castro
42da443901 Report Refactor 3: Enterprise FeeSummary 
This one as actually not really been refactored, too much work to rewrite it so I just encapsulated the result within the new methods definitions
 2022-05-12 16:54:14 +02:00
Sebastian Castro
5f78fdce8b Reports Refactor 2: Move all code to lib/reporting 2022-05-12 16:54:13 +02:00
Sebastian Castro
2985d2af15 Report Refactor 1 Cleaning 
clean no longer used methods
Remove no longer needed require
Delete files not used
Fix Linting
 2022-05-12 16:54:13 +02:00
Sebastian Castro
e9513f6172 Report Refactor 1: Enterprise Fee Summary 
Disable enterprise fee summary spec for now

Will need to write them again
 2022-05-12 16:54:13 +02:00
GeorgeThoppil
2046317f16 Allow update of subscriptions containing deleted products 2022-04-21 20:23:34 -04:00
Cillian O'Ruanaidh
7446dfb0b7 Don't allow subscriptions with no quantity to be saved 
Before you could save a subscription even if the line item(s) it contained had 0 quantity.

For #8903
 2022-03-17 11:54:24 +00:00
Maikel Linke
e6b4f462ef Revert "Add rubocop config to allow specs to be 300 lines long" 
This reverts commit 0b51d8b297.

I think that this config was complicated in the setup and potentially
confusing to have different rules in different places.

It's better to fix those spec files by either making them smaller or
removing the `module` block in the spec. We can reference the modules
explicitely where needed.
 2022-02-25 12:05:04 +11:00
Maikel Linke
b999673dfc Remove old version of relaxed styled guide 
We had an old version under "contested settings" and it looks like some
of them were modified. I hope that our new, separate file will
discourage manual tweaks.

We can include the relaxed rules from a gem as well. Let's see if we
need that complexity one day.
 2022-02-25 10:51:54 +11:00
François Turbelin
23776c7a3e Fix more specs 2022-02-16 10:23:23 +11:00
Filipe
30c1d89525 Merge pull request #8822 from Matt-Yorkley/split-checkout-payment-total 
[Split Checkout] Move setting of payment total during checkout into OrderUpdater
 2022-02-09 16:21:47 +00:00
Matt-Yorkley
31e6405125 Handle setting of payment amount during checkout in OrderUpdater 2022-02-01 11:39:07 +00:00
Matt-Yorkley
794e0e0326 Delete old login modal code 2022-01-29 14:49:23 +00:00
Filipe
53b96896a9 Merge pull request #8779 from mkllnk/7872-remove-stripe-connect 
Upgrade old Stripe Connect payment methods to Stripe SCA and remove Stripe Connect
 2022-01-26 11:57:26 +00:00
Matt-Yorkley
8ec7d3b651 Fix use of deprecated keyword args syntax in reports 2022-01-24 14:11:08 +00:00
Maikel Linke
ee85b9654d Remove references to StripeConnect class 2022-01-24 12:35:45 +11:00
Matt-Yorkley
5a2c14e79a Use new return URL when authorizing Stripe payments in backoffice or subs 2022-01-14 19:41:08 +00:00
Matt-Yorkley
3f3bfadb59 Simplify StripeScaPaymentAuthorize and clarify both return URL types (checkout and off-session) 2022-01-14 19:41:08 +00:00
Filipe
13d04c367d Merge pull request #8636 from Matt-Yorkley/stripe-auth-emails 
Stripe auth email sending; quick tidy up
 2022-01-04 11:01:47 +00:00
Filipe
b256696544 Merge pull request #8549 from mkllnk/deprecate-stripe-connect 
Hide old "Stripe" (StripeConnect) payment method type, keep new Stripe SCA
 2021-12-23 21:33:42 +00:00
Maikel Linke
178d296c9f Adapt specs to use stripe_sca_payment_method 
There are still some specs directly related to StripeConnect and I left
them for now.
 2021-12-20 15:00:14 +11:00
Maikel Linke
60adaf3646 Disallow StripeConnect in subscriptions 2021-12-20 15:00:14 +11:00
Matt-Yorkley
68af9b6e80 Only email the hub about authorization required when necessary 
This is needed in subscriptions, but in the backoffice the hub manager gets a notification in the UI, so the email is not needed.
 2021-12-17 19:03:23 +00:00
Cillian O'Ruanaidh
84eaafb822 Add a :captured_at column on payments to store when they are captured 
Fixes #8611.
 2021-12-17 14:45:47 +00:00
Matt-Yorkley
542e3ad1aa Reuse StripeScaPaymentAuthorize in Admin::PaymentsController 2021-12-16 20:42:19 +00:00
Matt-Yorkley
dbe4d61e57 Add explanatory note for "off-session" payment processing 2021-12-16 17:57:53 +00:00
Matt-Yorkley
6b683d600f Break up #call! with some readable comment-methods 2021-12-16 17:22:56 +00:00
Matt-Yorkley
bbdbf387b7 Combine SendAuthorizationEmails and StripeScaPaymentAuthorize 2021-12-16 17:13:16 +00:00
Matt-Yorkley
87fe341b5b Remove dead code: Order#backordered? 2021-12-05 15:17:27 +00:00
Matt-Yorkley
3e02023bf8 Move handling of unused payments to Order::Updater 
An order can be set to paid in various cases that are unrelated to the order being finalized, so this bit of logic needs to be called at the point the order actually gets paid.
 2021-11-15 15:42:04 +00:00
Maikel
a3c31f7d86 Revert "Kill stripe connect" 2021-09-20 08:39:34 +10:00