raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-27 21:06:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,022 Commits 18 Branches 451 Tags
ff799b6e82a77ceb352d5b43972d64f03e34ba9d
Commit Graph

517 Commits

Author SHA1 Message Date
Luis Ramos
384ca310a3 Merge branch 'master' into 3-0-stable-apr3 2020-04-03 18:26:26 +01:00
Luis Ramos
e64d573337 Revert accidental push of a byebug statement with the direct translations push to master 🙈 2020-04-03 12:06:39 +01:00
Luis Ramos
7858a26e5e Update all locales with the latest Transifex translations 2020-04-03 12:03:40 +01:00
Matt-Yorkley
375b4648dc Add pagination to Bulk Order Management 2020-03-29 19:54:47 +02:00
Matt-Yorkley
0cc5cbd1d2 Merge pull request #5038 from luisramos0/strong_params_prod 
[Spree 2.1] Implement strong params in products, variants, variant_overrides and resource controllers
 2020-03-25 18:35:58 +01:00
Luis Ramos
6b62c8aafd Extract permitted attributes to separate service 2020-03-25 10:52:23 +00:00
Luis Ramos
e5f56c19c0 Switch to using PermittedAttributes::Address instead of spree version of it that will be removed later 2020-03-25 10:52:23 +00:00
Luis Ramos
22a005df47 Add needed permitted attributes to admin/customers_controller 2020-03-25 10:51:55 +00:00
Luis Ramos
9b0d7b9604 Ammend customers_controller to include ship address attributes permit and also permit #update with specific attributes 2020-03-25 10:51:55 +00:00
Luis Ramos
4fd3026bd8 Add strong parameters permits to some controllers 2020-03-25 10:51:55 +00:00
Luis Ramos
fec5e1d84e Add needed param to enterprises controller 2020-03-25 10:51:55 +00:00
Luis Ramos
ad9e5d979a Permit extra needed params in enterprises controller 2020-03-25 10:51:55 +00:00
Luis Ramos
29a457575b Permit specific params in enterprise_groups controller 2020-03-25 10:51:55 +00:00
Luis Ramos
5c179a0932 Ammend strong params on enterprise controller to cover create action 2020-03-25 10:51:55 +00:00
Luis Ramos
34488e5f63 Handle strong params in enterprise_roles controller 2020-03-25 10:51:55 +00:00
Luis Ramos
6ba3a3c373 Handle strong params in admin/enterprises_controller 2020-03-25 10:51:55 +00:00
Matt-Yorkley
d847560d7c Fix rubocop issues 2020-03-25 10:15:03 +01:00
Pau Pérez Fabregat
a72957e3c3 Merge pull request #4827 from luisramos0/strong_params 
[Spree 2.1] Implement Strong Parameters in various controllers
 2020-03-25 10:07:14 +01:00
Pau Pérez Fabregat
2c487c2592 Merge pull request #5037 from luisramos0/strong_params_subs 
[Spree 2.1] Implement strong params in subscriptions controller
 2020-03-25 09:50:47 +01:00
Luis Ramos
4e43535512 Add missing permitted attribute 2020-03-21 20:30:34 +00:00
Luis Ramos
3ccd58d50b Fix a problem in the permit list to allow a list to be taken 2020-03-21 20:30:34 +00:00
Luis Ramos
5a0319213f Fix schedules controller permitted attributes 2020-03-21 20:30:34 +00:00
Luis Ramos
8c5dfea92f Fix strong params in order_cycles and schedules controllers 2020-03-21 20:30:34 +00:00
Luis Ramos
b99d4ab627 Permit specific params in schedules controller 2020-03-21 20:30:34 +00:00
Luis Ramos
e23267156d Improve inventory_items_controller strong params by not using permit! 2020-03-21 20:30:34 +00:00
Luis Ramos
913ea5b883 Handle strong parameters in bulk_line_items controller 2020-03-21 20:30:34 +00:00
Luis Ramos
d496a4bdc8 Add strong parameters permits to some controllers 2020-03-21 20:30:34 +00:00
Luis Ramos
a261ae118d Add missing permitted attributes to variant overrides controller 2020-03-21 19:14:26 +00:00
Luis Ramos
7320b38b93 Add missing attributes to variant override controller 2020-03-21 19:14:26 +00:00
Luis Ramos
0151b5ee9a Permit extra needed params in variant overrides controller 2020-03-21 19:14:26 +00:00
Luis Ramos
5b37e89738 Handle strong params in variant_overrides_controller 
We use a simpler way to permit on array within params here and change products_controller to the same style
 2020-03-21 19:14:26 +00:00
Luis Ramos
79b0867507 Extract permitted attributes to separate service 2020-03-21 19:08:37 +00:00
Luis Ramos
58c83d056d Add missing permitted attributes to subscriptions controller 2020-03-21 18:57:37 +00:00
Luis Ramos
c3897b2f1c Handle strong params in subscriptions controller 2020-03-21 18:57:37 +00:00
Luis Ramos
d7cfda8385 Handle strong params in subscription_line_items controller 2020-03-21 18:57:37 +00:00
Luis Ramos
fd2cf7295e Extract permitted_attributes from order_cycle_controller into a specific service 2020-03-21 16:17:20 +00:00
Luis Ramos
57f8fa26ab Fix strong params in order_cycles 2020-03-21 14:45:51 +00:00
Luis Ramos
1a46e7b7ee Improve strong params implementation on order_cycle controller and fix corresponding specs 2020-03-21 14:45:51 +00:00
Luis Ramos
905811ccb3 Handle strong params in admin order_cycles controller 2020-03-21 14:45:51 +00:00
Matt-Yorkley
7baa875a91 Fix big N+1 issues in enterprises#edit for superadmin 
The page is usable now as superadmin. Roughly 10x faster...
 2020-03-19 23:41:47 +01:00
Luis Ramos
eccaaca907 Merge pull request #4930 from luisramos0/3-0-stable-mar6 
Merge master into 3-0-stable
 2020-03-17 14:49:30 +00:00
Luis Ramos
32a4355f09 Merge branch 'master' into 3-0-stable-mar6 2020-03-12 16:54:09 +00:00
Luis Ramos
014e22a7ad Fix problem with misssing params in schedules controller and adapt its spec 2020-03-09 16:04:59 +00:00
Luis Ramos
af8369ae1b Remove 5 years old debug code 
This reverts ab9bc7b1dc, it can be added if the issue happens again
 2020-03-03 10:56:57 +00:00
Pau Pérez Fabregat
d03d1c0cc2 Merge pull request #4832 from Matt-Yorkley/3-0-more_strong_params 
[Spree 2.1] Add strong_params to admin/enterprise_relationships_controller.rb
 2020-02-28 10:41:05 +01:00
Matt-Yorkley
90d1a5e605 Add strong params to admin/column_preferences_controller.rb 
Fixes failures such as:

  119) Admin::ColumnPreferencesController bulk_update json where I don't own the preferences submitted prevents me from updating the column preferences
       Failure/Error: raise ActiveModel::ForbiddenAttributesError, params.to_s

       ActiveModel::ForbiddenAttributesError:
         {"action_name"=>"enterprises_index", "column_preferences"=>[{"id"=>1, "user_id"=>2716, "action_name"=>"enterprises_index", "column_name"=>"name", "visible"=>false}, {"id"=>nil, "user_id"=>2716, "action_name"=>"enterprises_index", "column_name"=>"producer", "visible"=>true}, {"id"=>nil, "user_id"=>2716, "action_name"=>"enterprises_index", "column_name"=>"status", "visible"=>true}], "format"=>"json", "controller"=>"admin/column_preferences", "action"=>"bulk_update"}
       # ./app/controllers/application_controller.rb:16:in `print_params'
       # ./spec/controllers/admin/column_preferences_controller_spec.rb:28:in `block (5 levels) in <top (required)>'
       # ------------------
       # --- Caused by: ---
       # ActiveModel::ForbiddenAttributesError:
       #   ActiveModel::ForbiddenAttributesError
       #   ./app/models/model_set.rb:24:in `block in collection_attributes='
 2020-02-23 14:52:06 +01:00
Matt-Yorkley
fccc8037f0 Add strong_params to enterprise_relationships_controller.rb 
Fixes specs such as:

  31)
  As an Administrator
  I want to manage relationships between enterprises
 as a site administrator creating a relationship
      Failure/Error: raise ActiveModel::ForbiddenAttributesError, params.to_s

      ActiveModel::ForbiddenAttributesError:
        {"enterprise_relationship"=>{"parent_id"=>284, "child_id"=>285, "permissions_list"=>["add_to_order_cycle", "edit_profile", "create_variant_overrides"]}, "action"=>"create", "controller"=>"admin/enterprise_relationships"}
      # ./app/controllers/application_controller.rb:16:in `print_params'
      # ./lib/open_food_network/rack_request_blocker.rb:36:in `call'
      # ------------------
      # --- Caused by: ---
      # ActiveModel::ForbiddenAttributesError:
      #   ActiveModel::ForbiddenAttributesError
      #   ./app/controllers/admin/enterprise_relationships_controller.rb:10:in `create'
 2020-02-23 14:26:14 +01:00
Matt-Yorkley
df1299b290 Fix user not yet loaded in prepend_before_filter 2020-02-22 11:06:51 +00:00
Matt-Yorkley
c0ecdb9e3a Fix deprecated #includes in join without reference 
DEPRECATION WARNING: It looks like you are eager loading table(s) (one of: variant_overrides, enterprises, enterprise_roles) that are referenced in a string SQL snippet. For example:

    Post.includes(:comments).where("comments.title = 'foo'")

Currently, Active Record recognizes the table in the string, and knows to JOIN the comments table to the query, rather than loading comments in a separate query. However, doing this without writing a full-blown SQL parser is inherently flawed. Since we don't want to write an SQL parser, we are removing this functionality. From now on, you must explicitly tell Active Record when you are referencing a table from a string:

    Post.includes(:comments).where("comments.title = 'foo'").references(:comments)

If you don't rely on implicit join references you can disable the feature entirely by setting `config.active_record.disable_implicit_join_references = true`. (called from collection at /home/user/Github/openfoodnetwork/app/controllers/admin/variant_overrides_controller.rb:77)
 2020-02-22 11:06:51 +00:00
Matt-Yorkley
53645517af Update deprecated #find_by_* methods 2020-02-22 11:06:51 +00:00