Update all locales with the latest Transifex translations

Transifex

.github/ISSUE_TEMPLATE.md

@@ -1,66 +0,0 @@
-<!-- Provide a general summary of the issue in the Title above.
-
-If your issue is not a bug, please use the Feature template instead:
-https://github.com/openfoodfoundation/openfoodnetwork/wiki/Feature-template
-
--->
-## Description
-<!-- Provide a more detailed introduction to the issue itself, and why you consider it to be a bug -->
-
-
-
-## Expected Behavior
-<!-- Tell us what should happen -->
-
-
-
-## Actual Behavior
-<!-- Tell us what happens instead -->
-
-
-
-## Steps to Reproduce
-<!-- Provide an unambiguous set of steps to reproduce this bug -->
-<!-- Include code to reproduce if relevant -->
-
-1.
-2.
-3.
-4.
-
-## Animated Gif/Screenshot
-<!-- Provide a screenshot or brief animated gif reproducing the bug. Linux users can use
-[Peek](https://github.com/phw/peek#ubuntu) while Mac users can use [Recordit](http://recordit.co/) -->
-
-
-
-## Context
-<!-- How has this bug affected you? What were you trying to accomplish? -->
-
-
-
-## Severity
-<!-- Assign a label and explain the impact.
-
-bug-s1: a critical feature is broken: checkout, payments, signup, login
-bug-s2: a non-critical feature is broken, no workaround
-bug-s3: a feature is broken but there is a workaround
-bug-s4: it's annoying, but you can use it
-bug-s5: we can live with it, only a few users impacted
-
-https://github.com/openfoodfoundation/openfoodnetwork/wiki/Bug-severity
--->
-
-
-
-## Your Environment
-<!-- Include relevant details about the environment you experienced the bug in -->
-
-* Version used:
-* Browser name and version:
-* Operating System and version (desktop or mobile):
-
-## Possible Fix
-<!-- Not obligatory, but suggest a fix or reason for the bug -->
-
-

.github/ISSUE_TEMPLATE/bug_report.md

@@ -9,6 +9,7 @@ assignees: ''
 
 ## Description
 <!-- Provide a more detailed introduction to the issue itself, and why you consider it to be a bug -->
+<!-- How has this bug affected you? What were you trying to accomplish? -->
 
 
 ## Expected Behavior
@@ -22,6 +23,8 @@ assignees: ''
 ## Steps to Reproduce
 <!-- Provide an unambiguous set of steps to reproduce this bug -->
 <!-- Include code to reproduce if relevant -->
+<!-- Include links -->
+<!-- Include user ID -->
 
 1.
 2.
@@ -29,13 +32,11 @@ assignees: ''
 4.
 
 ## Animated Gif/Screenshot
-<!-- Provide a screenshot or brief animated gif reproducing the bug. Linux users can use
-[Peek](https://github.com/phw/peek#ubuntu) while Mac users can use [Recordit](http://recordit.co/) -->
-
-
-## Context
-<!-- How has this bug affected you? What were you trying to accomplish? -->
+<!-- Provide a screenshot or brief video reproducing the bug.  -->
+<!-- Please try to have the dev tools opened on the network tab (press F12 to open the devtools of your browser -->
 
+## Workaround
+<!-- Include a workaround for this bug (if relevant) -->
 
 ## Severity
 <!-- Assign a label and explain the impact.
@@ -55,7 +56,6 @@ https://github.com/openfoodfoundation/openfoodnetwork/wiki/Bug-severity
 * Version used:
 * Browser name and version:
 * Operating System and version (desktop or mobile):
-* OFN Platform instance where you discovered the bug, and which version of the software they are using. 
 
 ## Possible Fix
 <!-- Not obligatory, but suggest a fix or reason for the bug -->

.github/ISSUE_TEMPLATE/release-template.md

@@ -0,0 +1,10 @@
+Draft: x
+
+Target commit: x
+
+Build: x
+
+- [ ] Draft
+- [ ] Test
+- [ ] Publish
+- [ ] Deploy

.github/ISSUE_TEMPLATE/story-template.md

@@ -14,5 +14,12 @@ assignees: ''
 **- I want to be able to do:** (specify the desired behavior)
 (Link to others issues or resources to provide context > only if really necessary). -->
 
-## Acceptance Criteria
-<!-- Document the outcomes that need to be achieved before this component can be considered complete. -->
+## Acceptance Criteria & Tests
+<!-- Document the outcomes that need to be achieved before this component can be considered complete.
+ -->
+<!-- Provide an unambiguous set of steps a tester should do to validate the PR that will solve this issue -->
+
+1.
+2. 
+3. 
+4.

.rubocop_manual_todo.yml

@@ -14,8 +14,7 @@
 #     rubocop > rubo.log
 #     # inspect log file to see which cops are failing
 #     # copy cop configurations and add Exclude parameter
-#     grep ExampleCop rubo.log | cut -d ":" -f 1 | sort -u >> .rubocop.yml
-#     # use vim to add `- ` before each line
+#     grep ExampleCop rubo.log | cut -d ":" -f 1 | sort -u | while read f; do echo "  - $f"; done >> .rubocop.yml
 #
 # This process probably doesn't need repeating. Otherwise there is plenty
 # of room for improvements and automation.
@@ -26,21 +25,19 @@ Metrics/LineLength:
   - app/controllers/admin/bulk_line_items_controller.rb
   - app/controllers/admin/contents_controller.rb
   - app/controllers/admin/customers_controller.rb
-  - app/controllers/admin/enterprises_controller.rb
   - app/controllers/admin/enterprise_fees_controller.rb
   - app/controllers/admin/enterprise_groups_controller.rb
   - app/controllers/admin/enterprise_relationships_controller.rb
   - app/controllers/admin/enterprise_roles_controller.rb
+  - app/controllers/admin/enterprises_controller.rb
   - app/controllers/admin/inventory_items_controller.rb
   - app/controllers/admin/manager_invitations_controller.rb
-  - app/controllers/admin/order_cycles_controller.rb
   - app/controllers/admin/product_import_controller.rb
   - app/controllers/admin/proxy_orders_controller.rb
   - app/controllers/admin/schedules_controller.rb
   - app/controllers/admin/subscriptions_controller.rb
   - app/controllers/admin/variant_overrides_controller.rb
   - app/controllers/api/enterprise_attachment_controller.rb
-  - app/controllers/api/order_cycles_controller.rb
   - app/controllers/api/product_images_controller.rb
   - app/controllers/application_controller.rb
   - app/controllers/checkout_controller.rb
@@ -48,19 +45,14 @@ Metrics/LineLength:
   - app/controllers/spree/admin/base_controller_decorator.rb
   - app/controllers/spree/admin/orders_controller_decorator.rb
   - app/controllers/spree/admin/payments_controller_decorator.rb
-  - app/controllers/spree/admin/payment_methods_controller_decorator.rb
   - app/controllers/spree/admin/reports_controller_decorator.rb
-  - app/controllers/spree/api/products_controller_decorator.rb
   - app/controllers/spree/credit_cards_controller.rb
-  - app/controllers/spree/orders_controller_decorator.rb
   - app/controllers/spree/paypal_controller_decorator.rb
   - app/controllers/stripe/callbacks_controller.rb
-  - app/helpers/admin/injection_helper.rb
   - app/helpers/angular_form_builder.rb
   - app/helpers/angular_form_helper.rb
   - app/helpers/checkout_helper.rb
   - app/helpers/enterprises_helper.rb
-  - app/helpers/footer_links_helper.rb
   - app/helpers/injection_helper.rb
   - app/helpers/markdown_helper.rb
   - app/helpers/order_cycles_helper.rb
@@ -89,7 +81,6 @@ Metrics/LineLength:
   - app/models/proxy_order.rb
   - app/models/schedule.rb
   - app/models/spree/ability_decorator.rb
-  - app/models/spree/adjustment_decorator.rb
   - app/models/spree/app_configuration_decorator.rb
   - app/models/spree/calculator/default_tax_decorator.rb
   - app/models/spree/classification_decorator.rb
@@ -100,28 +91,14 @@ Metrics/LineLength:
   - app/models/spree/payment_decorator.rb
   - app/models/spree/payment_method_decorator.rb
   - app/models/spree/product_decorator.rb
-  - app/models/spree/shipment_decorator.rb
   - app/models/spree/shipping_method_decorator.rb
   - app/models/spree/tax_rate_decorator.rb
   - app/models/spree/taxon_decorator.rb
-  - app/models/spree/user_decorator.rb
+  - app/models/spree/user.rb
   - app/models/spree/variant_decorator.rb
   - app/models/subscription.rb
   - app/models/variant_override.rb
   - app/models/variant_override_set.rb
-  - app/overrides/add_enterprise_fees_to_admin_configurations_menu.rb
-  - app/serializers/api/admin/basic_enterprise_serializer.rb
-  - app/serializers/api/admin/enterprise_fee_serializer.rb
-  - app/serializers/api/admin/enterprise_serializer.rb
-  - app/serializers/api/admin/exchange_serializer.rb
-  - app/serializers/api/admin/for_order_cycle/enterprise_serializer.rb
-  - app/serializers/api/admin/index_enterprise_serializer.rb
-  - app/serializers/api/admin/index_order_cycle_serializer.rb
-  - app/serializers/api/admin/line_item_serializer.rb
-  - app/serializers/api/admin/order_cycle_serializer.rb
-  - app/serializers/api/admin/subscription_serializer.rb
-  - app/serializers/api/admin/tag_rule_serializer.rb
-  - app/serializers/api/admin/variant_override_serializer.rb
   - app/services/cart_service.rb
   - app/services/default_stock_location.rb
   - app/services/embedded_page_service.rb
@@ -129,11 +106,6 @@ Metrics/LineLength:
   - app/services/order_factory.rb
   - app/services/subscriptions_count.rb
   - app/services/variants_stock_levels.rb
-  - app/views/json/_groups.rabl
-  - app/views/json/_producer.rabl
-  - app/views/json/partials/_enterprise.rabl
-  - app/views/spree/api/products/bulk_show.v1.rabl
-  - app/views/spree/api/variants/bulk_show.v1.rabl
   - engines/web/app/helpers/web/cookies_policy_helper.rb
   - lib/discourse/single_sign_on.rb
   - lib/open_food_network/available_payment_method_filter.rb
@@ -147,23 +119,16 @@ Metrics/LineLength:
   - lib/open_food_network/order_and_distributor_report.rb
   - lib/open_food_network/order_cycle_form_applicator.rb
   - lib/open_food_network/order_cycle_management_report.rb
-  - lib/open_food_network/order_grouper.rb
-  - lib/open_food_network/orders_and_fulfillments_report.rb
   - lib/open_food_network/payments_report.rb
-  - lib/open_food_network/permalink_generator.rb
-  - lib/open_food_network/products_cache.rb
-  - lib/open_food_network/products_renderer.rb
   - lib/open_food_network/reports/bulk_coop_allocation_report.rb
   - lib/open_food_network/reports/line_items.rb
   - lib/open_food_network/sales_tax_report.rb
-  - lib/open_food_network/users_and_enterprises_report.rb
   - lib/open_food_network/variant_and_line_item_naming.rb
   - lib/open_food_network/xero_invoices_report.rb
   - lib/spree/core/controller_helpers/respond_with_decorator.rb
   - lib/spree/localized_number.rb
   - lib/spree/product_filters.rb
   - lib/stripe/profile_storer.rb
-  - lib/tasks/cache.rake
   - lib/tasks/data.rake
   - lib/tasks/enterprises.rake
   - spec/controllers/admin/bulk_line_items_controller_spec.rb
@@ -180,11 +145,15 @@ Metrics/LineLength:
   - spec/controllers/admin/subscription_line_items_controller_spec.rb
   - spec/controllers/admin/subscriptions_controller_spec.rb
   - spec/controllers/admin/variant_overrides_controller_spec.rb
+  - spec/controllers/api/base_controller_spec.rb
   - spec/controllers/api/logos_controller_spec.rb
   - spec/controllers/api/order_cycles_controller_spec.rb
   - spec/controllers/api/orders_controller_spec.rb
   - spec/controllers/api/product_images_controller_spec.rb
+  - spec/controllers/api/products_controller_spec.rb
   - spec/controllers/api/promo_images_controller_spec.rb
+  - spec/controllers/api/shipments_controller_spec.rb
+  - spec/controllers/api/variants_controller_spec.rb
   - spec/controllers/cart_controller_spec.rb
   - spec/controllers/checkout_controller_spec.rb
   - spec/controllers/enterprises_controller_spec.rb
@@ -197,12 +166,9 @@ Metrics/LineLength:
   - spec/controllers/spree/admin/orders_controller_spec.rb
   - spec/controllers/spree/admin/payment_methods_controller_spec.rb
   - spec/controllers/spree/admin/payments_controller_spec.rb
+  - spec/controllers/spree/admin/products_controller_spec.rb
   - spec/controllers/spree/admin/reports_controller_spec.rb
   - spec/controllers/spree/admin/variants_controller_spec.rb
-  - spec/controllers/spree/api/line_items_controller_spec.rb
-  - spec/controllers/spree/api/products_controller_spec.rb
-  - spec/controllers/spree/api/shipments_controller_spec.rb
-  - spec/controllers/spree/api/variants_controller_spec.rb
   - spec/controllers/spree/credit_cards_controller_spec.rb
   - spec/controllers/spree/orders_controller_spec.rb
   - spec/controllers/spree/user_sessions_controller_spec.rb
@@ -210,7 +176,6 @@ Metrics/LineLength:
   - spec/controllers/stripe/callbacks_controller_spec.rb
   - spec/controllers/stripe/webhooks_controller_spec.rb
   - spec/controllers/user_confirmations_controller_spec.rb
-  - spec/controllers/user_registrations_controller_spec.rb
   - spec/features/admin/adjustments_spec.rb
   - spec/features/admin/bulk_order_management_spec.rb
   - spec/features/admin/bulk_product_update_spec.rb
@@ -235,6 +200,7 @@ Metrics/LineLength:
   - spec/features/admin/shipping_methods_spec.rb
   - spec/features/admin/subscriptions_spec.rb
   - spec/features/admin/tag_rules_spec.rb
+  - spec/features/admin/users_spec.rb
   - spec/features/admin/variant_overrides_spec.rb
   - spec/features/consumer/account/cards_spec.rb
   - spec/features/consumer/account/settings_spec.rb
@@ -262,17 +228,13 @@ Metrics/LineLength:
   - spec/helpers/order_cycles_helper_spec.rb
   - spec/helpers/spree/admin/base_helper_spec.rb
   - spec/jobs/confirm_order_job_spec.rb
-  - spec/jobs/products_cache_integrity_checker_job_spec.rb
-  - spec/jobs/refresh_products_cache_job_spec.rb
   - spec/jobs/subscription_confirm_job_spec.rb
   - spec/jobs/subscription_placement_job_spec.rb
   - spec/lib/open_food_network/address_finder_spec.rb
   - spec/lib/open_food_network/bulk_coop_report_spec.rb
-  - spec/lib/open_food_network/cached_products_renderer_spec.rb
   - spec/lib/open_food_network/customers_report_spec.rb
   - spec/lib/open_food_network/enterprise_fee_applicator_spec.rb
   - spec/lib/open_food_network/enterprise_fee_calculator_spec.rb
-  - spec/lib/open_food_network/enterprise_injection_data_spec.rb
   - spec/lib/open_food_network/group_buy_report_spec.rb
   - spec/lib/open_food_network/lettuce_share_report_spec.rb
   - spec/lib/open_food_network/option_value_namer_spec.rb
@@ -284,8 +246,6 @@ Metrics/LineLength:
   - spec/lib/open_food_network/packing_report_spec.rb
   - spec/lib/open_food_network/permissions_spec.rb
   - spec/lib/open_food_network/products_and_inventory_report_spec.rb
-  - spec/lib/open_food_network/products_cache_spec.rb
-  - spec/lib/open_food_network/products_renderer_spec.rb
   - spec/lib/open_food_network/proxy_order_syncer_spec.rb
   - spec/lib/open_food_network/scope_variant_to_hub_spec.rb
   - spec/lib/open_food_network/subscription_payment_updater_spec.rb
@@ -298,6 +258,7 @@ Metrics/LineLength:
   - spec/mailers/order_mailer_spec.rb
   - spec/mailers/producer_mailer_spec.rb
   - spec/mailers/subscription_mailer_spec.rb
+  - spec/models/calculator/weight_spec.rb
   - spec/models/column_preference_spec.rb
   - spec/models/concerns/order_shipment_spec.rb
   - spec/models/concerns/product_stock_spec.rb
@@ -319,11 +280,11 @@ Metrics/LineLength:
   - spec/models/spree/calculator/price_sack_spec.rb
   - spec/models/spree/classification_spec.rb
   - spec/models/spree/gateway/stripe_connect_spec.rb
-  - spec/models/spree/image_spec.rb
   - spec/models/spree/line_item_spec.rb
   - spec/models/spree/order_spec.rb
   - spec/models/spree/payment_method_spec.rb
   - spec/models/spree/payment_spec.rb
+  - spec/models/spree/product_set_spec.rb
   - spec/models/spree/product_spec.rb
   - spec/models/spree/property_spec.rb
   - spec/models/spree/shipping_method_spec.rb
@@ -342,22 +303,24 @@ Metrics/LineLength:
   - spec/performance/shop_controller_spec.rb
   - spec/requests/checkout/failed_checkout_spec.rb
   - spec/requests/embedded_shopfronts_headers_spec.rb
-  - spec/requests/shop_spec.rb
-  - spec/serializers/admin/customer_serializer_spec.rb
-  - spec/serializers/admin/exchange_serializer_spec.rb
-  - spec/serializers/admin/for_order_cycle/enterprise_serializer_spec.rb
-  - spec/serializers/admin/for_order_cycle/supplied_product_serializer_spec.rb
-  - spec/serializers/admin/subscription_customer_serializer_spec.rb
-  - spec/serializers/admin/variant_override_serializer_spec.rb
+  - spec/serializers/api/admin/customer_serializer_spec.rb
+  - spec/serializers/api/admin/exchange_serializer_spec.rb
+  - spec/serializers/api/admin/for_order_cycle/enterprise_serializer_spec.rb
+  - spec/serializers/api/admin/for_order_cycle/supplied_product_serializer_spec.rb
+  - spec/serializers/api/admin/subscription_customer_serializer_spec.rb
+  - spec/serializers/api/admin/variant_override_serializer_spec.rb
+  - spec/serializers/api/current_order_serializer_spec.rb
   - spec/serializers/api/enterprise_shopfront_serializer_spec.rb
-  - spec/serializers/current_order_serializer_spec.rb
-  - spec/serializers/order_serializer_spec.rb
+  - spec/serializers/api/order_serializer_spec.rb
   - spec/services/cart_service_spec.rb
   - spec/services/embedded_page_service_spec.rb
+  - spec/services/order_cycle_distributed_products_spec.rb
   - spec/services/order_cycle_distributed_variants_spec.rb
   - spec/services/order_cycle_form_spec.rb
   - spec/services/order_factory_spec.rb
   - spec/services/order_syncer_spec.rb
+  - spec/services/product_tag_rules_filterer_spec.rb
+  - spec/services/products_renderer_spec.rb
   - spec/services/subscription_estimator_spec.rb
   - spec/services/subscription_form_spec.rb
   - spec/services/subscription_validator_spec.rb
@@ -378,8 +341,8 @@ Metrics/AbcSize:
   Exclude:
   - app/controllers/admin/bulk_line_items_controller.rb
   - app/controllers/admin/customers_controller.rb
-  - app/controllers/admin/enterprises_controller.rb
   - app/controllers/admin/enterprise_fees_controller.rb
+  - app/controllers/admin/enterprises_controller.rb
   - app/controllers/admin/order_cycles_controller.rb
   - app/controllers/admin/product_import_controller.rb
   - app/controllers/admin/schedules_controller.rb
@@ -387,28 +350,36 @@ Metrics/AbcSize:
   - app/controllers/admin/subscription_line_items_controller.rb
   - app/controllers/admin/subscriptions_controller.rb
   - app/controllers/api/enterprises_controller.rb
-  - app/controllers/api/order_cycles_controller.rb
   - app/controllers/api/product_images_controller.rb
+  - app/controllers/api/products_controller.rb
+  - app/controllers/api/shipments_controller.rb
+  - app/controllers/api/taxons_controller.rb
+  - app/controllers/api/variants_controller.rb
   - app/controllers/base_controller.rb
   - app/controllers/cart_controller.rb
   - app/controllers/checkout_controller.rb
   - app/controllers/discourse_sso_controller.rb
   - app/controllers/enterprises_controller.rb
   - app/controllers/spree/admin/adjustments_controller_decorator.rb
+  - app/controllers/spree/admin/image_settings_controller.rb
   - app/controllers/spree/admin/orders/customer_details_controller_decorator.rb
   - app/controllers/spree/admin/orders_controller_decorator.rb
   - app/controllers/spree/admin/overview_controller_decorator.rb
+  - app/controllers/spree/admin/payment_methods_controller.rb
   - app/controllers/spree/admin/payments_controller_decorator.rb
-  - app/controllers/spree/admin/payment_methods_controller_decorator.rb
   - app/controllers/spree/admin/products_controller_decorator.rb
   - app/controllers/spree/admin/reports_controller_decorator.rb
   - app/controllers/spree/admin/search_controller_decorator.rb
+  - app/controllers/spree/admin/taxons_controller.rb
+  - app/controllers/spree/admin/users_controller.rb
   - app/controllers/spree/admin/variants_controller_decorator.rb
-  - app/controllers/spree/api/products_controller_decorator.rb
-  - app/controllers/spree/api/shipments_controller_decorator.rb
+  - app/controllers/spree/checkout_controller.rb
   - app/controllers/spree/credit_cards_controller.rb
-  - app/controllers/spree/orders_controller_decorator.rb
-  - app/controllers/spree/user_sessions_controller_decorator.rb
+  - app/controllers/spree/orders_controller.rb
+  - app/controllers/spree/user_passwords_controller.rb
+  - app/controllers/spree/user_registrations_controller.rb
+  - app/controllers/spree/user_sessions_controller.rb
+  - app/controllers/spree/users_controller.rb
   - app/controllers/stripe/callbacks_controller.rb
   - app/controllers/user_confirmations_controller.rb
   - app/controllers/user_passwords_controller.rb
@@ -416,6 +387,7 @@ Metrics/AbcSize:
   - app/helpers/checkout_helper.rb
   - app/helpers/i18n_helper.rb
   - app/helpers/order_cycles_helper.rb
+  - app/helpers/spree/admin/navigation_helper_decorator.rb
   - app/helpers/spree/orders_helper.rb
   - app/jobs/subscription_placement_job.rb
   - app/mailers/producer_mailer.rb
@@ -437,6 +409,7 @@ Metrics/AbcSize:
   - app/models/spree/product_decorator.rb
   - app/models/spree/taxon_decorator.rb
   - app/serializers/api/admin/enterprise_serializer.rb
+  - app/serializers/api/admin/order_cycle_serializer.rb
   - app/serializers/api/product_serializer.rb
   - app/serializers/api/variant_serializer.rb
   - app/services/cart_service.rb
@@ -454,90 +427,60 @@ Metrics/AbcSize:
   - lib/open_food_network/order_cycle_form_applicator.rb
   - lib/open_food_network/order_cycle_management_report.rb
   - lib/open_food_network/order_cycle_permissions.rb
-  - lib/open_food_network/orders_and_fulfillments_report.rb
   - lib/open_food_network/packing_report.rb
   - lib/open_food_network/payments_report.rb
   - lib/open_food_network/permissions.rb
   - lib/open_food_network/products_and_inventory_report.rb
+  - lib/open_food_network/rack_request_blocker.rb
   - lib/open_food_network/reports/line_items.rb
   - lib/open_food_network/sales_tax_report.rb
   - lib/open_food_network/users_and_enterprises_report.rb
   - lib/open_food_network/variant_and_line_item_naming.rb
   - lib/open_food_network/xero_invoices_report.rb
+  - lib/spree/api/controller_setup.rb
   - lib/spree/core/controller_helpers/respond_with_decorator.rb
   - lib/spree/localized_number.rb
   - lib/stripe/account_connector.rb
   - lib/tasks/enterprises.rake
   - lib/tasks/sample_data/product_factory.rb
-  - spec/controllers/spree/api/shipments_controller_spec.rb
   - spec/features/admin/product_import_spec.rb
   - spec/features/admin/reports_spec.rb
   - spec/features/admin/subscriptions_spec.rb
-  - spec/features/consumer/shopping/checkout_spec.rb
+  - spec/features/consumer/shopping/checkout_paypal_spec.rb
   - spec/features/consumer/shopping/variant_overrides_spec.rb
   - spec/models/enterprise_spec.rb
   - spec/models/product_importer_spec.rb
+  - spec/services/restart_checkout_spec.rb
   - spec/support/performance_helper.rb
 
 Metrics/BlockLength:
   Max: 25
-  ExcludedMethods: ["class_eval", "collection", "context", "describe", "it", "member", "namespace", "resource", "resources"]
+  ExcludedMethods: [
+    "class_eval",
+    "collection",
+    "context",
+    "describe",
+    "feature",
+    "it",
+    "member",
+    "namespace",
+    "resource",
+    "resources",
+    "scenario"
+  ]
   Exclude:
   - lib/tasks/data.rake
-  - lib/tasks/dev.rake
   - spec/controllers/spree/admin/invoices_controller_spec.rb
+  - spec/factories.rb
+  - spec/factories/enterprise_factory.rb
+  - spec/factories/order_cycle_factory.rb
+  - spec/factories/order_factory.rb
+  - spec/factories/product_factory.rb
+  - spec/factories/shipping_method_factory.rb
+  - spec/factories/subscription_factory.rb
   - spec/factories/variant_factory.rb
-  - spec/features/admin/adjustments_spec.rb
-  - spec/features/admin/bulk_order_management_spec.rb
-  - spec/features/admin/bulk_product_update_spec.rb
-  - spec/features/admin/caching_spec.rb
-  - spec/features/admin/content_spec.rb
-  - spec/features/admin/customers_spec.rb
-  - spec/features/admin/enterprise_fees_spec.rb
-  - spec/features/admin/enterprise_groups_spec.rb
-  - spec/features/admin/enterprise_relationships_spec.rb
-  - spec/features/admin/enterprise_roles_spec.rb
-  - spec/features/admin/enterprises/images_spec.rb
-  - spec/features/admin/enterprises/index_spec.rb
-  - spec/features/admin/enterprises_spec.rb
-  - spec/features/admin/enterprise_user_spec.rb
-  - spec/features/admin/multilingual_spec.rb
-  - spec/features/admin/order_cycles_spec.rb
   - spec/features/admin/orders_spec.rb
-  - spec/features/admin/overview_spec.rb
-  - spec/features/admin/payment_method_spec.rb
-  - spec/features/admin/product_import_spec.rb
-  - spec/features/admin/products_spec.rb
-  - spec/features/admin/reports/enterprise_fee_summaries_spec.rb
-  - spec/features/admin/reports_spec.rb
-  - spec/features/admin/schedules_spec.rb
-  - spec/features/admin/shipping_methods_spec.rb
-  - spec/features/admin/subscriptions_spec.rb
-  - spec/features/admin/tag_rules_spec.rb
-  - spec/features/admin/tax_settings_spec.rb
-  - spec/features/admin/users_spec.rb
-  - spec/features/admin/variant_overrides_spec.rb
-  - spec/features/admin/variants_spec.rb
-  - spec/features/consumer/account/cards_spec.rb
-  - spec/features/consumer/account/settings_spec.rb
-  - spec/features/consumer/account_spec.rb
-  - spec/features/consumer/authentication_spec.rb
-  - spec/features/consumer/cookies_spec.rb
-  - spec/features/consumer/external_services_spec.rb
-  - spec/features/consumer/groups_spec.rb
-  - spec/features/consumer/multilingual_spec.rb
-  - spec/features/consumer/producers_spec.rb
-  - spec/features/consumer/registration_spec.rb
-  - spec/features/consumer/shopping/cart_spec.rb
-  - spec/features/consumer/shopping/checkout_auth_spec.rb
-  - spec/features/consumer/shopping/checkout_spec.rb
-  - spec/features/consumer/shopping/embedded_groups_spec.rb
   - spec/features/consumer/shopping/embedded_shopfronts_spec.rb
-  - spec/features/consumer/shopping/orders_spec.rb
-  - spec/features/consumer/shopping/products_spec.rb
-  - spec/features/consumer/shopping/shopping_spec.rb
-  - spec/features/consumer/shopping/variant_overrides_spec.rb
-  - spec/features/consumer/shops_spec.rb
   - spec/lib/open_food_network/group_buy_report_spec.rb
   - spec/models/tag_rule/discount_order_spec.rb
   - spec/spec_helper.rb
@@ -548,11 +491,12 @@ Metrics/BlockLength:
 Metrics/CyclomaticComplexity:
   Max: 6
   Exclude:
-  - app/controllers/admin/enterprises_controller.rb
   - app/controllers/admin/enterprise_fees_controller.rb
+  - app/controllers/admin/enterprises_controller.rb
   - app/controllers/checkout_controller.rb
   - app/controllers/spree/admin/payments_controller_decorator.rb
-  - app/controllers/spree/orders_controller_decorator.rb
+  - app/controllers/spree/admin/taxons_controller.rb
+  - app/controllers/spree/orders_controller.rb
   - app/helpers/checkout_helper.rb
   - app/helpers/i18n_helper.rb
   - app/helpers/order_cycles_helper.rb
@@ -569,7 +513,6 @@ Metrics/CyclomaticComplexity:
   - lib/discourse/single_sign_on.rb
   - lib/open_food_network/bulk_coop_report.rb
   - lib/open_food_network/enterprise_issue_validator.rb
-  - lib/open_food_network/orders_and_fulfillments_report.rb
   - lib/spree/core/controller_helpers/order_decorator.rb
   - lib/spree/core/controller_helpers/respond_with_decorator.rb
   - lib/spree/localized_number.rb
@@ -579,9 +522,11 @@ Metrics/PerceivedComplexity:
   Max: 7
   Exclude:
   - app/controllers/admin/enterprises_controller.rb
+  - app/controllers/api/variants_controller.rb
   - app/controllers/checkout_controller.rb
   - app/controllers/spree/admin/payments_controller_decorator.rb
-  - app/controllers/spree/orders_controller_decorator.rb
+  - app/controllers/spree/admin/taxons_controller.rb
+  - app/controllers/spree/orders_controller.rb
   - app/helpers/checkout_helper.rb
   - app/helpers/i18n_helper.rb
   - app/helpers/order_cycles_helper.rb
@@ -594,7 +539,6 @@ Metrics/PerceivedComplexity:
   - lib/discourse/single_sign_on.rb
   - lib/open_food_network/bulk_coop_report.rb
   - lib/open_food_network/enterprise_issue_validator.rb
-  - lib/open_food_network/orders_and_fulfillments_report.rb
   - lib/spree/core/controller_helpers/order_decorator.rb
   - lib/spree/core/controller_helpers/respond_with_decorator.rb
   - lib/spree/localized_number.rb
@@ -604,25 +548,34 @@ Metrics/MethodLength:
   Max: 10
   Exclude:
   - app/controllers/admin/customers_controller.rb
-  - app/controllers/admin/enterprises_controller.rb
   - app/controllers/admin/enterprise_fees_controller.rb
+  - app/controllers/admin/enterprises_controller.rb
   - app/controllers/admin/manager_invitations_controller.rb
   - app/controllers/admin/order_cycles_controller.rb
   - app/controllers/admin/stripe_accounts_controller.rb
   - app/controllers/admin/subscriptions_controller.rb
+  - app/controllers/api/products_controller.rb
+  - app/controllers/api/shipments_controller.rb
+  - app/controllers/api/taxons_controller.rb
+  - app/controllers/api/variants_controller.rb
   - app/controllers/base_controller.rb
   - app/controllers/cart_controller.rb
   - app/controllers/checkout_controller.rb
   - app/controllers/shop_controller.rb
+  - app/controllers/spree/admin/image_settings_controller.rb
   - app/controllers/spree/admin/orders/customer_details_controller_decorator.rb
+  - app/controllers/spree/admin/payment_methods_controller.rb
   - app/controllers/spree/admin/payments_controller_decorator.rb
-  - app/controllers/spree/admin/payment_methods_controller_decorator.rb
   - app/controllers/spree/admin/products_controller_decorator.rb
   - app/controllers/spree/admin/reports_controller_decorator.rb
   - app/controllers/spree/admin/search_controller_decorator.rb
+  - app/controllers/spree/admin/tax_categories_controller.rb
+  - app/controllers/spree/admin/taxons_controller.rb
+  - app/controllers/spree/admin/users_controller.rb
   - app/controllers/spree/credit_cards_controller.rb
-  - app/controllers/spree/orders_controller_decorator.rb
-  - app/controllers/spree/user_sessions_controller_decorator.rb
+  - app/controllers/spree/orders_controller.rb
+  - app/controllers/spree/user_registrations_controller.rb
+  - app/controllers/spree/user_sessions_controller.rb
   - app/controllers/stripe/callbacks_controller.rb
   - app/controllers/user_confirmations_controller.rb
   - app/controllers/user_passwords_controller.rb
@@ -664,12 +617,10 @@ Metrics/MethodLength:
   - lib/open_food_network/order_cycle_management_report.rb
   - lib/open_food_network/order_cycle_permissions.rb
   - lib/open_food_network/order_grouper.rb
-  - lib/open_food_network/orders_and_fulfillments_report.rb
   - lib/open_food_network/packing_report.rb
   - lib/open_food_network/payments_report.rb
   - lib/open_food_network/permissions.rb
   - lib/open_food_network/products_and_inventory_report.rb
-  - lib/open_food_network/products_renderer.rb
   - lib/open_food_network/rack_request_blocker.rb
   - lib/open_food_network/reports/bulk_coop_allocation_report.rb
   - lib/open_food_network/reports/bulk_coop_supplier_report.rb
@@ -677,11 +628,12 @@ Metrics/MethodLength:
   - lib/open_food_network/sales_tax_report.rb
   - lib/open_food_network/users_and_enterprises_report.rb
   - lib/open_food_network/xero_invoices_report.rb
+  - lib/spree/api/controller_setup.rb
   - lib/spree/core/controller_helpers/respond_with_decorator.rb
   - lib/spree/localized_number.rb
   - lib/stripe/profile_storer.rb
   - lib/tasks/sample_data/product_factory.rb
-  - spec/features/consumer/shopping/checkout_spec.rb
+  - spec/features/consumer/shopping/checkout_paypal_spec.rb
   - spec/features/consumer/shopping/variant_overrides_spec.rb
   - spec/models/product_importer_spec.rb
   - spec/support/request/authentication_workflow.rb
@@ -692,13 +644,18 @@ Metrics/ClassLength:
   - app/controllers/admin/enterprises_controller.rb
   - app/controllers/admin/order_cycles_controller.rb
   - app/controllers/admin/subscriptions_controller.rb
+  - app/controllers/api/products_controller.rb
   - app/controllers/checkout_controller.rb
+  - app/controllers/spree/admin/payment_methods_controller.rb
+  - app/controllers/spree/admin/users_controller.rb
+  - app/controllers/spree/orders_controller.rb
   - app/models/enterprise.rb
   - app/models/order_cycle.rb
   - app/models/product_import/entry_processor.rb
   - app/models/product_import/entry_validator.rb
   - app/models/product_import/product_importer.rb
   - app/models/spree/ability_decorator.rb
+  - app/models/spree/user.rb
   - app/serializers/api/cached_enterprise_serializer.rb
   - app/serializers/api/enterprise_shopfront_serializer.rb
   - app/services/cart_service.rb
@@ -708,24 +665,24 @@ Metrics/ClassLength:
   - lib/open_food_network/order_cycle_form_applicator.rb
   - lib/open_food_network/order_cycle_management_report.rb
   - lib/open_food_network/order_cycle_permissions.rb
-  - lib/open_food_network/orders_and_fulfillments_report.rb
   - lib/open_food_network/packing_report.rb
   - lib/open_food_network/payments_report.rb
   - lib/open_food_network/permissions.rb
-  - lib/open_food_network/products_cache.rb
+  - lib/open_food_network/users_and_enterprises_report.rb
   - lib/open_food_network/xero_invoices_report.rb
 
 Metrics/ModuleLength:
   Max: 100
   Exclude:
+  - app/helpers/admin/injection_helper.rb
+  - app/helpers/injection_helper.rb
   - lib/open_food_network/column_preference_defaults.rb
   - spec/controllers/admin/enterprises_controller_spec.rb
   - spec/controllers/admin/order_cycles_controller_spec.rb
   - spec/controllers/api/order_cycles_controller_spec.rb
   - spec/controllers/api/orders_controller_spec.rb
-  - spec/controllers/spree/api/products_controller_spec.rb
+  - spec/controllers/spree/admin/payment_methods_controller_spec.rb
   - spec/lib/open_food_network/address_finder_spec.rb
-  - spec/lib/open_food_network/cached_products_renderer_spec.rb
   - spec/lib/open_food_network/customers_report_spec.rb
   - spec/lib/open_food_network/enterprise_fee_calculator_spec.rb
   - spec/lib/open_food_network/option_value_namer_spec.rb
@@ -734,7 +691,6 @@ Metrics/ModuleLength:
   - spec/lib/open_food_network/order_grouper_spec.rb
   - spec/lib/open_food_network/permissions_spec.rb
   - spec/lib/open_food_network/products_and_inventory_report_spec.rb
-  - spec/lib/open_food_network/products_cache_spec.rb
   - spec/lib/open_food_network/proxy_order_syncer_spec.rb
   - spec/lib/open_food_network/scope_variant_to_hub_spec.rb
   - spec/lib/open_food_network/subscription_payment_updater_spec.rb
@@ -753,6 +709,5 @@ Metrics/ParameterLists:
   Exclude:
   - app/helpers/angular_form_builder.rb
   - app/models/product_import/entry_processor.rb
-  - app/models/product_import/entry_validator.rb
   - lib/open_food_network/xero_invoices_report.rb
   - spec/features/admin/reports_spec.rb

.rubocop_styleguide.yml

@@ -5,9 +5,10 @@
 # rubocop locally, the default configuration file `.rubocop.yml` loads
 # our "todo lists" to ignore all current violations.
 AllCops:
-  TargetRubyVersion: 2.1
+  TargetRubyVersion: 2.2
   TargetRailsVersion: 3.2
   Exclude:
+    - 'bin/**/*'
     - 'db/**/*'
     - 'config/**/*'
     - 'script/**/*'
@@ -186,7 +187,19 @@ Metrics/AbcSize:
 
 Metrics/BlockLength:
   Max: 25
-  ExcludedMethods: ["class_eval", "collection", "context", "describe", "it", "member", "namespace", "resource", "resources"]
+  ExcludedMethods: [
+    "class_eval",
+    "collection",
+    "context",
+    "describe",
+    "feature",
+    "it",
+    "member",
+    "namespace",
+    "resource",
+    "resources",
+    "scenario"
+  ]
 
 Metrics/BlockNesting:
   Max: 3

.rubocop_todo.yml

@@ -1,37 +1,11 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --exclude-limit 1400`
-# on 2019-07-23 14:09:18 +0100 using RuboCop version 0.57.2.
+# on 2019-11-10 18:40:51 +0000 using RuboCop version 0.68.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyleAlignWith, AutoCorrect, Severity.
-# SupportedStylesAlignWith: start_of_line, def
-Layout/DefEndAlignment:
-  Exclude:
-    - 'app/models/order_updater.rb'
-
-# Offense count: 4
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyleAlignWith, AutoCorrect, Severity.
-# SupportedStylesAlignWith: keyword, variable, start_of_line
-Layout/EndAlignment:
-  Exclude:
-    - 'app/controllers/admin/order_cycles_controller.rb'
-    - 'app/controllers/api/order_cycles_controller.rb'
-    - 'app/serializers/api/admin/for_order_cycle/supplied_product_serializer.rb'
-    - 'app/serializers/api/admin/order_cycle_serializer.rb'
-
-# Offense count: 2
-# Cop supports --auto-correct.
-# Configuration parameters: IndentationWidth.
-# SupportedStyles: special_inside_parentheses, consistent, align_braces
-Layout/IndentHash:
-  EnforcedStyle: consistent
-
 # Offense count: 4
 Lint/AmbiguousOperator:
   Exclude:
@@ -46,10 +20,16 @@ Lint/DuplicateMethods:
     - 'lib/discourse/single_sign_on.rb'
     - 'lib/open_food_network/subscription_summary.rb'
 
-# Offense count: 8
+# Offense count: 1
+Lint/DuplicatedKey:
+  Exclude:
+    - 'spec/models/calculator/weight_spec.rb'
+
+# Offense count: 10
 Lint/IneffectiveAccessModifier:
   Exclude:
     - 'app/models/column_preference.rb'
+    - 'app/models/spree/user.rb'
     - 'app/services/mail_configuration.rb'
     - 'lib/open_food_network/feature_toggle.rb'
     - 'spec/lib/open_food_network/reports/report_spec.rb'
@@ -66,16 +46,11 @@ Lint/ShadowingOuterLocalVariable:
     - 'spec/models/model_set_spec.rb'
 
 # Offense count: 2
+# Configuration parameters: AllowKeywordBlockArguments.
 Lint/UnderscorePrefixedVariableName:
   Exclude:
     - 'spec/support/cancan_helper.rb'
 
-# Offense count: 1
-# Cop supports --auto-correct.
-Lint/UnneededCopDisableDirective:
-  Exclude:
-    - 'app/models/product_import/entry_validator.rb'
-
 # Offense count: 5
 # Configuration parameters: ContextCreatingMethods, MethodCreatingMethods.
 Lint/UselessAccessModifier:
@@ -86,51 +61,21 @@ Lint/UselessAccessModifier:
     - 'lib/open_food_network/reports/bulk_coop_report.rb'
     - 'spec/lib/open_food_network/reports/report_spec.rb'
 
-# Offense count: 8
+# Offense count: 1
 # Configuration parameters: CheckForMethodsWithNoSideEffects.
 Lint/Void:
   Exclude:
     - 'app/serializers/api/enterprise_serializer.rb'
-    - 'spec/features/admin/bulk_product_update_spec.rb'
-    - 'spec/features/consumer/shopping/checkout_spec.rb'
-    - 'spec/features/consumer/shopping/shopping_spec.rb'
-    - 'spec/features/consumer/shopping/variant_overrides_spec.rb'
-
-# Offense count: 15
-Metrics/AbcSize:
-  Max: 36
-
-# Offense count: 13
-# Configuration parameters: CountComments, ExcludedMethods.
-Metrics/BlockLength:
-  Max: 115
-
-# Offense count: 2
-# Configuration parameters: CountComments.
-Metrics/ClassLength:
-  Max: 169
 
 # Offense count: 1
-Metrics/CyclomaticComplexity:
-  Max: 8
-
-# Offense count: 8
-# Configuration parameters: CountComments.
-Metrics/MethodLength:
-  Max: 31
-
-# Offense count: 2
 # Configuration parameters: CountComments.
 Metrics/ModuleLength:
-  Max: 208
+  Max: 141
 
-# Offense count: 2
-Metrics/PerceivedComplexity:
-  Max: 11
-
-# Offense count: 7
+# Offense count: 8
 Naming/AccessorMethodName:
   Exclude:
+    - 'app/controllers/spree/admin/taxonomies_controller.rb'
     - 'app/models/spree/adjustment_decorator.rb'
     - 'app/models/spree/order_decorator.rb'
     - 'spec/support/request/shop_workflow.rb'
@@ -144,6 +89,8 @@ Naming/HeredocDelimiterNaming:
     - 'app/models/content_configuration.rb'
 
 # Offense count: 4
+# Configuration parameters: EnforcedStyleForLeadingUnderscores.
+# SupportedStylesForLeadingUnderscores: disallowed, required, optional
 Naming/MemoizedInstanceVariableName:
   Exclude:
     - 'app/controllers/spree/admin/payments_controller_decorator.rb'
@@ -176,12 +123,11 @@ Naming/PredicateName:
     - 'lib/open_food_network/packing_report.rb'
     - 'lib/tasks/data.rake'
 
-# Offense count: 11
+# Offense count: 8
 # Configuration parameters: MinNameLength, AllowNamesEndingInNumbers, AllowedNames, ForbiddenNames.
-# AllowedNames: io, id, to, by, on, in, at
+# AllowedNames: io, id, to, by, on, in, at, ip, db
 Naming/UncommunicativeMethodParamName:
   Exclude:
-    - 'app/helpers/admin/injection_helper.rb'
     - 'app/helpers/spree/admin/base_helper_decorator.rb'
     - 'app/helpers/spree/base_helper_decorator.rb'
     - 'app/services/subscription_validator.rb'
@@ -190,25 +136,6 @@ Naming/UncommunicativeMethodParamName:
     - 'spec/lib/open_food_network/reports/report_spec.rb'
     - 'spec/mailers/producer_mailer_spec.rb'
 
-# Offense count: 3
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: snake_case, camelCase
-Naming/VariableName:
-  Exclude:
-    - 'app/helpers/admin/injection_helper.rb'
-
-# Offense count: 4
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: snake_case, normalcase, non_integer
-Naming/VariableNumber:
-  Exclude:
-    - 'spec/lib/open_food_network/products_and_inventory_report_spec.rb'
-
-# Offense count: 1
-Performance/Caller:
-  Exclude:
-    - 'app/controllers/application_controller.rb'
-
 # Offense count: 1
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: strict, flexible
@@ -216,7 +143,7 @@ Rails/Date:
   Exclude:
     - 'app/models/order_cycle.rb'
 
-# Offense count: 8
+# Offense count: 7
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: slashes, arguments
 Rails/FilePath:
@@ -225,7 +152,6 @@ Rails/FilePath:
     - 'spec/features/admin/bulk_product_update_spec.rb'
     - 'spec/features/admin/content_spec.rb'
     - 'spec/models/content_configuration_spec.rb'
-    - 'spec/models/spree/image_spec.rb'
     - 'spec/models/spree/variant_spec.rb'
     - 'spec/spec_helper.rb'
 
@@ -241,7 +167,7 @@ Rails/HasAndBelongsToMany:
     - 'app/models/spree/concerns/payment_method_distributors.rb'
     - 'app/models/spree/line_item_decorator.rb'
 
-# Offense count: 25
+# Offense count: 26
 # Configuration parameters: Include.
 # Include: app/models/**/*.rb
 Rails/HasManyOrHasOneDependent:
@@ -254,7 +180,7 @@ Rails/HasManyOrHasOneDependent:
     - 'app/models/spree/payment_method_decorator.rb'
     - 'app/models/spree/property_decorator.rb'
     - 'app/models/spree/shipping_method_decorator.rb'
-    - 'app/models/spree/user_decorator.rb'
+    - 'app/models/spree/user.rb'
     - 'app/models/spree/variant_decorator.rb'
     - 'app/models/subscription.rb'
 
@@ -268,20 +194,13 @@ Rails/OutputSafety:
     - 'lib/spree/money_decorator.rb'
     - 'spec/features/admin/orders_spec.rb'
 
-# Offense count: 15
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: strict, flexible
-Rails/TimeZone:
+# Offense count: 9
+Rails/ReflectionClassName:
   Exclude:
-    - 'app/controllers/api/statuses_controller.rb'
-    - 'app/jobs/heartbeat_job.rb'
-    - 'lib/open_food_network/rack_request_blocker.rb'
-    - 'lib/open_food_network/users_and_enterprises_report.rb'
-    - 'spec/controllers/api/statuses_controller_spec.rb'
-    - 'spec/jobs/heartbeat_job_spec.rb'
-    - 'spec/lib/open_food_network/products_cache_refreshment_spec.rb'
-    - 'spec/lib/open_food_network/products_cache_spec.rb'
-    - 'spec/models/enterprise_relationship_spec.rb'
+    - 'app/models/customer.rb'
+    - 'app/models/distributor_shipping_method.rb'
+    - 'app/models/enterprise_role.rb'
+    - 'app/models/subscription.rb'
 
 # Offense count: 1
 # Configuration parameters: Environments.
@@ -290,21 +209,13 @@ Rails/UnknownEnv:
   Exclude:
     - 'app/models/spree/app_configuration_decorator.rb'
 
-# Offense count: 1
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: braces, no_braces, context_dependent
-Style/BracesAroundHashParameters:
-  Exclude:
-    - 'spec/spec_helper.rb'
-
 # Offense count: 2
 Style/CaseEquality:
   Exclude:
     - 'app/helpers/angular_form_helper.rb'
     - 'spec/models/spree/payment_spec.rb'
 
-# Offense count: 78
+# Offense count: 76
 # Cop supports --auto-correct.
 # Configuration parameters: AutoCorrect, EnforcedStyle.
 # SupportedStyles: nested, compact
@@ -394,26 +305,13 @@ Style/CommentedKeyword:
   Exclude:
     - 'app/controllers/application_controller.rb'
 
-# Offense count: 4
+# Offense count: 2
 # Cop supports --auto-correct.
 # Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions.
 # SupportedStyles: assign_to_condition, assign_inside_condition
 Style/ConditionalAssignment:
   Exclude:
-    - 'app/controllers/spree/api/products_controller.rb'
-    - 'app/controllers/spree/api/taxons_controller.rb'
-    - 'app/controllers/spree/api/variants_controller.rb'
-
-# Offense count: 2
-Style/DateTime:
-  Exclude:
-    - 'lib/open_food_network/users_and_enterprises_report.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-Style/EachWithObject:
-  Exclude:
-    - 'app/controllers/spree/api/base_controller.rb'
+    - 'app/controllers/api/taxons_controller.rb'
 
 # Offense count: 5
 # Configuration parameters: EnforcedStyle.
@@ -424,7 +322,7 @@ Style/FormatStringToken:
     - 'lib/open_food_network/sales_tax_report.rb'
     - 'spec/models/enterprise_spec.rb'
 
-# Offense count: 68
+# Offense count: 61
 # Configuration parameters: MinBodyLength.
 Style/GuardClause:
   Exclude:
@@ -438,27 +336,22 @@ Style/GuardClause:
     - 'app/controllers/spree/admin/adjustments_controller_decorator.rb'
     - 'app/controllers/spree/admin/base_controller_decorator.rb'
     - 'app/controllers/spree/admin/orders_controller_decorator.rb'
-    - 'app/controllers/spree/admin/products_controller_decorator.rb'
     - 'app/controllers/spree/admin/resource_controller_decorator.rb'
     - 'app/controllers/spree/admin/variants_controller_decorator.rb'
-    - 'app/controllers/spree/api/base_controller.rb'
     - 'app/controllers/spree/checkout_controller.rb'
     - 'app/controllers/spree/orders_controller.rb'
     - 'app/controllers/spree/paypal_controller_decorator.rb'
-    - 'app/jobs/products_cache_integrity_checker_job.rb'
     - 'app/models/enterprise.rb'
     - 'app/models/enterprise_group.rb'
     - 'app/models/producer_property.rb'
     - 'app/models/spree/classification_decorator.rb'
     - 'app/models/spree/order_decorator.rb'
-    - 'app/models/spree/preference_decorator.rb'
+    - 'app/models/spree/price_decorator.rb'
     - 'app/models/spree/product_decorator.rb'
-    - 'app/models/spree/user_decorator.rb'
     - 'app/services/advance_order_service.rb'
     - 'app/services/order_syncer.rb'
     - 'lib/discourse/single_sign_on.rb'
     - 'lib/open_food_network/order_cycle_form_applicator.rb'
-    - 'lib/open_food_network/products_renderer.rb'
     - 'lib/open_food_network/rack_request_blocker.rb'
     - 'lib/open_food_network/variant_and_line_item_naming.rb'
     - 'lib/spree/core/controller_helpers/order_decorator.rb'
@@ -467,23 +360,13 @@ Style/GuardClause:
     - 'spec/support/request/distribution_helper.rb'
     - 'spec/support/request/shop_workflow.rb'
 
-# Offense count: 6
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle, UseHashRocketsWithSymbolValues, PreferHashRocketsForNonAlnumEndingSymbols.
-# SupportedStyles: ruby19, hash_rockets, no_mixed_keys, ruby19_no_mixed_keys
-Style/HashSyntax:
-  Exclude:
-    - 'app/controllers/spree/api/base_controller.rb'
-    - 'app/controllers/spree/checkout_controller.rb'
-    - 'app/controllers/spree/orders_controller.rb'
-
 # Offense count: 4
 Style/IfInsideElse:
   Exclude:
     - 'app/controllers/admin/column_preferences_controller.rb'
     - 'app/controllers/admin/variant_overrides_controller.rb'
+    - 'app/controllers/api/taxons_controller.rb'
     - 'app/controllers/spree/admin/products_controller_decorator.rb'
-    - 'app/controllers/spree/api/taxons_controller.rb'
 
 # Offense count: 1
 Style/MissingRespondToMissing:
@@ -499,15 +382,14 @@ Style/MixinUsage:
     - 'spec/lib/open_food_network/order_cycle_management_report_spec.rb'
     - 'spec/lib/open_food_network/packing_report_spec.rb'
 
-# Offense count: 2
-Style/NestedTernaryOperator:
+# Offense count: 1
+Style/MultipleComparison:
   Exclude:
-    - 'app/views/spree/api/products/bulk_show.v1.rabl'
-    - 'app/views/spree/api/variants/bulk_show.v1.rabl'
+    - 'spec/models/product_importer_spec.rb'
 
-# Offense count: 10
+# Offense count: 9
 # Cop supports --auto-correct.
-# Configuration parameters: AutoCorrect, EnforcedStyle.
+# Configuration parameters: AutoCorrect, EnforcedStyle, IgnoredMethods.
 # SupportedStyles: predicate, comparison
 Style/NumericPredicate:
   Exclude:
@@ -516,34 +398,17 @@ Style/NumericPredicate:
     - 'app/models/spree/calculator/flexi_rate_decorator.rb'
     - 'app/models/spree/line_item_decorator.rb'
     - 'app/models/spree/order_decorator.rb'
-    - 'lib/open_food_network/integrity_checker.rb'
     - 'lib/open_food_network/rack_request_blocker.rb'
     - 'lib/open_food_network/xero_invoices_report.rb'
     - 'lib/spree/money_decorator.rb'
 
-# Offense count: 15
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle, AllowInnerSlashes.
-# SupportedStyles: slashes, percent_r, mixed
-Style/RegexpLiteral:
-  Exclude:
-    - 'app/helpers/groups_helper.rb'
-    - 'app/helpers/html_helper.rb'
-    - 'app/models/enterprise.rb'
-    - 'app/models/enterprise_group.rb'
-    - 'app/models/spree/preference_decorator.rb'
-    - 'lib/discourse/single_sign_on.rb'
-    - 'spec/mailers/subscription_mailer_spec.rb'
-    - 'spec/models/content_configuration_spec.rb'
-
-# Offense count: 244
+# Offense count: 235
 Style/Send:
   Exclude:
     - 'app/controllers/spree/checkout_controller.rb'
     - 'app/models/spree/shipping_method_decorator.rb'
     - 'spec/controllers/admin/subscriptions_controller_spec.rb'
     - 'spec/controllers/checkout_controller_spec.rb'
-    - 'spec/controllers/shop_controller_spec.rb'
     - 'spec/controllers/spree/admin/base_controller_spec.rb'
     - 'spec/controllers/spree/orders_controller_spec.rb'
     - 'spec/helpers/order_cycles_helper_spec.rb'
@@ -557,20 +422,18 @@ Style/Send:
     - 'spec/lib/open_food_network/order_cycle_form_applicator_spec.rb'
     - 'spec/lib/open_food_network/permissions_spec.rb'
     - 'spec/lib/open_food_network/products_and_inventory_report_spec.rb'
-    - 'spec/lib/open_food_network/products_cache_spec.rb'
-    - 'spec/lib/open_food_network/products_renderer_spec.rb'
     - 'spec/lib/open_food_network/sales_tax_report_spec.rb'
     - 'spec/lib/open_food_network/subscription_payment_updater_spec.rb'
     - 'spec/lib/open_food_network/subscription_summarizer_spec.rb'
     - 'spec/lib/open_food_network/tag_rule_applicator_spec.rb'
     - 'spec/lib/open_food_network/xero_invoices_report_spec.rb'
     - 'spec/lib/stripe/webhook_handler_spec.rb'
+    - 'spec/models/calculator/weight_spec.rb'
     - 'spec/models/enterprise_spec.rb'
     - 'spec/models/exchange_spec.rb'
     - 'spec/models/spree/gateway/stripe_connect_spec.rb'
     - 'spec/models/spree/order_spec.rb'
     - 'spec/models/spree/payment_spec.rb'
-    - 'spec/models/spree/preference_spec.rb'
     - 'spec/models/spree/tax_rate_spec.rb'
     - 'spec/models/tag_rule/discount_order_spec.rb'
     - 'spec/models/tag_rule/filter_order_cycles_spec.rb'
@@ -578,6 +441,7 @@ Style/Send:
     - 'spec/models/tag_rule/filter_products_spec.rb'
     - 'spec/models/tag_rule/filter_shipping_methods_spec.rb'
     - 'spec/services/cart_service_spec.rb'
+    - 'spec/services/products_renderer_spec.rb'
     - 'spec/spec_helper.rb'
     - 'spec/support/localized_number_helper.rb'
     - 'spec/support/matchers/delegate_matchers.rb'
@@ -586,9 +450,3 @@ Style/Send:
 Style/StructInheritance:
   Exclude:
     - 'lib/open_food_network/enterprise_fee_applicator.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-Style/UnlessElse:
-  Exclude:
-    - 'app/controllers/spree/api/variants_controller.rb'

.ruby-version

@@ -1 +1 @@
-2.1.5
+2.2.10

CONTRIBUTING.md

@@ -19,6 +19,10 @@ If you want to run the whole test suite, we recommend using a free CI service to
 
     bundle exec rspec spec
 
+## Which issue to pick first?
+
+We have curated all issues interesting for new members of the community within the [Welcome New Developers project board][welcome-dev]. Have a look and pick the one you would prefer working on!
+
 ## Internationalisation (i18n)
 
 The locale `en` is maintained in the source code, but other locales are managed at [Transifex][ofn-transifex]. Read more about [internationalisation][i18n] in the developer wiki.
@@ -62,3 +66,4 @@ From here, your pull request will progress through the [Review, Test, Merge & De
 [slack-dev]: https://openfoodnetwork.slack.com/messages/C2GQ45KNU
 [ofn-transifex]: https://www.transifex.com/open-food-foundation/open-food-network/
 [i18n]: https://github.com/openfoodfoundation/openfoodnetwork/wiki/i18n
+[welcome-dev]: https://github.com/openfoodfoundation/openfoodnetwork/projects/27

Dockerfile

@@ -6,16 +6,19 @@ RUN apt-get update && apt-get install -y curl git build-essential software-prope
 # Setup ENV variables
 ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:$PATH
 ENV RBENV_ROOT /usr/local/src/rbenv
-ENV RUBY_VERSION 2.1.5
 ENV CONFIGURE_OPTS --disable-install-doc
+ENV BUNDLE_PATH /bundles
+
+WORKDIR /usr/src/app
+COPY .ruby-version .
 
 # Rbenv & Ruby part
 RUN git clone https://github.com/rbenv/rbenv.git ${RBENV_ROOT} && \
     git clone https://github.com/rbenv/ruby-build.git ${RBENV_ROOT}/plugins/ruby-build && \
     ${RBENV_ROOT}/plugins/ruby-build/install.sh && \
     echo 'eval "$(rbenv init -)"' >> /etc/profile.d/rbenv.sh && \
-    rbenv install $RUBY_VERSION && \
-    rbenv global $RUBY_VERSION && \
+    rbenv install $(cat .ruby-version) && \
+    rbenv global $(cat .ruby-version) && \
     gem install bundler --version=1.17.2
 
 # Postgres
@@ -24,8 +27,4 @@ RUN sh -c "echo 'deb https://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main'
     apt-get update && \
     apt-get install -yqq --no-install-recommends postgresql-client-9.5 libpq-dev
 
-ENV BUNDLE_PATH /bundles
-
 COPY . /usr/src/app/
-
-WORKDIR /usr/src/app

GETTING_STARTED.md

@@ -11,7 +11,7 @@ The following guides are located in the wiki and provide more OS-specific step-b
 ### Dependencies
 
 * Rails 3.2.x
-* Ruby 2.1.5
+* Ruby 2.1.9
 * PostgreSQL database
 * PhantomJS (for testing)
 * See Gemfile for a list of gems required

Gemfile

@@ -1,9 +1,9 @@
 source 'https://rubygems.org'
-ruby "2.1.5"
+ruby "2.2.10"
 git_source(:github) { |repo_name| "https://github.com/#{repo_name}.git" }
 
 gem 'i18n', '~> 0.6.11'
-gem 'i18n-js', '~> 3.3.0'
+gem 'i18n-js', '~> 3.5.0'
 gem 'rails', '~> 3.2.22'
 gem 'rails-i18n', '~> 3.0.0'
 gem 'rails_safe_tasks', '~> 1.0'
@@ -15,12 +15,12 @@ gem 'nokogiri', '>= 1.6.7.1'
 gem "order_management", path: "./engines/order_management"
 gem 'web', path: './engines/web'
 
-gem 'pg'
+gem 'activerecord-postgresql-adapter'
+gem 'pg', '~> 0.21.0'
 
 # OFN-maintained and patched version of Spree v2.0.4. See
 # https://github.com/openfoodfoundation/openfoodnetwork/wiki/Spree-2.0-upgrade
 # for details.
-gem 'spree_api', github: 'openfoodfoundation/spree', branch: '2-0-4-stable'
 gem 'spree_backend', github: 'openfoodfoundation/spree', branch: '2-0-4-stable'
 gem 'spree_core', github: 'openfoodfoundation/spree', branch: '2-0-4-stable'
 
@@ -39,7 +39,7 @@ gem 'activemerchant', '~> 1.78'
 gem 'devise', '~> 2.2.5'
 gem 'devise-encryptable', '0.2.0'
 gem 'jwt', '~> 2.2'
-gem 'oauth2', '~> 1.4.1' # Used for Stripe Connect
+gem 'oauth2', '~> 1.4.2' # Used for Stripe Connect
 
 gem 'daemons'
 gem 'delayed_job_active_record'
@@ -84,8 +84,7 @@ gem 'paper_trail', '~> 5.2.3'
 gem 'paperclip', '~> 3.4.1'
 gem 'rack-rewrite'
 gem 'rack-ssl', require: 'rack/ssl'
-gem 'roadie-rails', '~> 1.1.1'
-gem 'skylight', '< 2.0'
+gem 'roadie-rails', '~> 1.3.0'
 gem 'spinjs-rails'
 
 gem 'combine_pdf'
@@ -99,13 +98,18 @@ gem 'roo-xls', '~> 1.1.0'
 
 gem 'whenever', require: false
 
+gem 'test-unit', '~> 3.3'
+
 # Gems used only for assets and not required
 # in production environments by default.
 group :assets do
   gem 'coffee-rails', '~> 3.2.1'
   gem 'compass-rails'
 
-  gem 'therubyracer', '=0.12.0'
+  gem 'mini_racer', '0.1.15'
+  # Previously we found that libv8 6.7.288.46.1 breakis the compilation of mini_racer.
+  # Now we see that we need to set the version explicitly. Nothing else depends on libv8.
+  gem 'libv8', '6.3.292.48.1'
 
   gem 'uglifier', '>= 1.0.3'
 
@@ -134,7 +138,7 @@ group :test, :development do
   gem 'capybara', '>= 2.15.4'
   gem 'database_cleaner', '0.7.1', require: false
   gem "factory_bot_rails", require: false
-  gem 'fuubar', '~> 2.4.1'
+  gem 'fuubar', '~> 2.5.0'
   gem 'json_spec', '~> 1.1.4'
   gem 'knapsack'
   gem 'letter_opener', '>= 1.4.1'
@@ -157,11 +161,6 @@ end
 group :development do
   gem 'byebug', '~> 9.0.0' # 9.1 requires ruby 2.2
   gem 'debugger-linecache'
-  gem 'guard'
-  gem 'guard-livereload'
-  gem 'guard-rails'
-  gem 'guard-rspec', '~> 4.7.3'
-  gem 'listen', '3.0.8' # 3.1.0 requires ruby 2.2
   gem "newrelic_rpm", "~> 3.0"
   gem 'pry-byebug', '>= 3.4.3'
   gem 'rubocop', '>= 0.49.1'
@@ -173,5 +172,5 @@ group :development do
   # greater than 1.0.9, so we just required the latest available version here.
   gem 'eventmachine', '>= 1.2.3'
 
-  gem 'rack-mini-profiler', '< 1.0.0'
+  gem 'rack-mini-profiler', '< 2.0.0'
 end

Gemfile.lock

@@ -129,8 +129,10 @@ GEM
       activesupport (= 3.2.22.5)
       arel (~> 3.0.2)
       tzinfo (~> 0.3.29)
-    activerecord-import (1.0.2)
+    activerecord-import (1.0.3)
       activerecord (>= 3.2)
+    activerecord-postgresql-adapter (0.0.1)
+      pg
     activeresource (3.2.22.5)
       activemodel (= 3.2.22.5)
       activesupport (= 3.2.22.5)
@@ -164,7 +166,7 @@ GEM
     bcrypt-ruby (3.1.5)
       bcrypt (>= 3.1.3)
     blockenspiel (0.5.0)
-    bugsnag (6.12.0)
+    bugsnag (6.12.2)
       concurrent-ruby (~> 1.0)
     builder (3.0.4)
     byebug (9.0.6)
@@ -214,7 +216,7 @@ GEM
     connection_pool (2.2.2)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
-    css_parser (1.6.0)
+    css_parser (1.7.0)
       addressable
     daemons (1.3.1)
     dalli (2.7.10)
@@ -223,7 +225,7 @@ GEM
       activerecord (>= 3.2.0, < 5.0)
       fog (~> 1.0)
       rails (>= 3.2.0, < 5.0)
-    ddtrace (0.26.0)
+    ddtrace (0.29.0)
       msgpack
     debugger-linecache (1.2.0)
     deface (1.0.2)
@@ -252,9 +254,6 @@ GEM
     diffy (3.3.0)
     docile (1.3.2)
     dry-inflector (0.1.2)
-    em-websocket (0.5.1)
-      eventmachine (>= 0.12.9)
-      http_parser.rb (~> 0.6.0)
     erubis (2.7.0)
     eventmachine (1.2.7)
     excon (0.62.0)
@@ -427,48 +426,25 @@ GEM
     foundation-rails (5.5.2.1)
       railties (>= 3.1.0)
       sass (>= 3.3.0, < 3.5)
-    fuubar (2.4.1)
+    fuubar (2.5.0)
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
     geocoder (1.1.8)
     gmaps4rails (1.5.6)
-    guard (2.15.0)
-      formatador (>= 0.2.4)
-      listen (>= 2.7, < 4.0)
-      lumberjack (>= 1.0.12, < 2.0)
-      nenv (~> 0.1)
-      notiffany (~> 0.0)
-      pry (>= 0.9.12)
-      shellany (~> 0.0)
-      thor (>= 0.18.1)
-    guard-compat (1.2.1)
-    guard-livereload (2.5.2)
-      em-websocket (~> 0.5)
-      guard (~> 2.8)
-      guard-compat (~> 1.0)
-      multi_json (~> 1.8)
-    guard-rails (0.7.2)
-      guard (~> 2.11)
-      guard-compat (~> 1.0)
-    guard-rspec (4.7.3)
-      guard (~> 2.1)
-      guard-compat (~> 1.1)
-      rspec (>= 2.99.0, < 4.0)
     haml (4.0.7)
       tilt
     hashdiff (1.0.0)
     highline (1.6.18)
     hike (1.2.3)
-    http_parser.rb (0.6.0)
     httparty (0.16.2)
       multi_xml (>= 0.5.2)
     i18n (0.6.11)
-    i18n-js (3.3.0)
+    i18n-js (3.5.0)
       i18n (>= 0.6.6)
     immigrant (0.3.6)
       activerecord (>= 3.0)
     ipaddress (0.8.3)
-    jaro_winkler (1.5.1)
+    jaro_winkler (1.5.4)
     journey (1.0.4)
     jquery-migrate-rails (1.2.1)
     jquery-rails (3.0.4)
@@ -491,11 +467,7 @@ GEM
       addressable (~> 2.3)
     letter_opener (1.7.0)
       launchy (~> 2.2)
-    libv8 (3.16.14.19)
-    listen (3.0.8)
-      rb-fsevent (~> 0.9, >= 0.9.4)
-      rb-inotify (~> 0.9, >= 0.9.7)
-    lumberjack (1.0.13)
+    libv8 (6.3.292.48.1)
     mail (2.5.5)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
@@ -503,25 +475,23 @@ GEM
     mime-types (1.25.1)
     mini_mime (1.0.1)
     mini_portile2 (2.1.0)
+    mini_racer (0.1.15)
+      libv8 (~> 6.3)
     momentjs-rails (2.20.1)
       railties (>= 3.1)
     money (5.1.1)
       i18n (~> 0.6.0)
     msgpack (1.3.1)
-    multi_json (1.13.1)
+    multi_json (1.14.1)
     multi_xml (0.6.0)
     multipart-post (2.1.1)
-    nenv (0.3.0)
     net-http-persistent (3.1.0)
       connection_pool (~> 2.2)
     newrelic_rpm (3.18.1.330)
     nokogiri (1.6.8.1)
       mini_portile2 (~> 2.1.0)
-    notiffany (0.1.1)
-      nenv (~> 0.1)
-      shellany (~> 0.0)
-    oauth2 (1.4.1)
-      faraday (>= 0.8, < 0.16.0)
+    oauth2 (1.4.2)
+      faraday (>= 0.8, < 2.0)
       jwt (>= 1.0, < 3.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
@@ -537,10 +507,10 @@ GEM
       activesupport (>= 3.0.0)
       cocaine (~> 0.5.0)
       mime-types
-    parallel (1.11.2)
+    parallel (1.18.0)
     paranoia (1.3.4)
       activerecord (~> 3.1)
-    parser (2.5.1.0)
+    parser (2.6.5.0)
       ast (~> 2.4.0)
     paypal-sdk-core (0.2.10)
       multi_json (~> 1.0)
@@ -551,7 +521,7 @@ GEM
     polyamorous (0.5.0)
       activerecord (~> 3.0)
     polyglot (0.3.5)
-    powerpack (0.1.1)
+    power_assert (1.1.5)
     pry (0.12.2)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
@@ -564,7 +534,7 @@ GEM
     rack (1.4.7)
     rack-cache (1.9.0)
       rack (>= 0.4)
-    rack-mini-profiler (0.10.7)
+    rack-mini-profiler (1.0.0)
       rack (>= 1.2.0)
     rack-protection (1.5.5)
       rack
@@ -594,7 +564,7 @@ GEM
       thor (>= 0.14.6, < 2.0)
     rainbow (3.0.0)
     raindrops (0.19.0)
-    rake (12.3.3)
+    rake (13.0.0)
     ransack (0.7.2)
       actionpack (~> 3.0)
       activerecord (~> 3.0)
@@ -610,14 +580,13 @@ GEM
     rdoc (3.12.2)
       json (~> 1.4)
     redcarpet (3.5.0)
-    ref (2.0.0)
     request_store (1.4.1)
       rack (>= 1.4)
     roadie (3.4.0)
       css_parser (~> 1.4)
       nokogiri (~> 1.5)
-    roadie-rails (1.1.1)
-      railties (>= 3.0, < 5.1)
+    roadie-rails (1.3.0)
+      railties (>= 3.0, < 5.3)
       roadie (~> 3.1)
     roo (2.7.1)
       nokogiri (~> 1)
@@ -626,41 +595,40 @@ GEM
       nokogiri
       roo (>= 2.0.0beta1, < 3)
       spreadsheet (> 0.9.0)
-    rspec (3.8.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-    rspec-core (3.8.0)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.2)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.0)
+      rspec-support (~> 3.9.0)
+    rspec-expectations (3.9.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-mocks (3.8.0)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-rails (3.8.2)
+      rspec-support (~> 3.9.0)
+    rspec-rails (3.9.0)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-      rspec-support (~> 3.8.0)
-    rspec-retry (0.6.1)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+      rspec-support (~> 3.9.0)
+    rspec-retry (0.6.2)
       rspec-core (> 3.3)
-    rspec-support (3.8.0)
-    rubocop (0.57.2)
+    rspec-support (3.9.0)
+    rubocop (0.68.1)
       jaro_winkler (~> 1.5.1)
       parallel (~> 1.10)
-      parser (>= 2.5)
-      powerpack (~> 0.1)
+      parser (>= 2.5, != 2.5.1.1)
       rainbow (>= 2.2.2, < 4.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (~> 1.0, >= 1.0.1)
+      unicode-display_width (>= 1.4.0, < 1.6)
     ruby-ole (1.2.12.1)
     ruby-progressbar (1.10.1)
     ruby-rc4 (0.1.5)
-    rubyzip (1.2.2)
+    rubyzip (1.3.0)
     safe_yaml (1.0.5)
     sass (3.3.14)
     sass-rails (3.2.6)
@@ -673,10 +641,9 @@ GEM
     selenium-webdriver (3.141.0)
       childprocess (~> 0.5)
       rubyzip (~> 1.2, >= 1.2.2)
-    shellany (0.0.1)
     shoulda-matchers (2.8.0)
       activesupport (>= 3.0.0)
-    simplecov (0.17.0)
+    simplecov (0.17.1)
       docile (~> 1.1)
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
@@ -685,8 +652,6 @@ GEM
       rack (~> 1.4)
       rack-protection (~> 1.4)
       tilt (>= 1.3, < 3)
-    skylight (1.7.2)
-      activesupport (>= 3.0.0)
     spinjs-rails (1.4)
       rails (>= 3.1)
     spreadsheet (1.1.7)
@@ -704,9 +669,8 @@ GEM
     stripe (4.24.0)
       faraday (~> 0.13)
       net-http-persistent (~> 3.0)
-    therubyracer (0.12.0)
-      libv8 (~> 3.16.14.0)
-      ref
+    test-unit (3.3.4)
+      power_assert
     thor (0.20.3)
     tilt (1.4.1)
     timecop (0.9.1)
@@ -719,9 +683,9 @@ GEM
       railties (> 3.2.8, < 4.0.0)
       sprockets (>= 2.2.0)
     tzinfo (0.3.55)
-    uglifier (4.1.20)
+    uglifier (4.2.0)
       execjs (>= 0.3.0, < 3)
-    unicode-display_width (1.3.2)
+    unicode-display_width (1.5.0)
     unicorn (5.5.1)
       kgio (~> 2.6)
       raindrops (~> 0.7)
@@ -739,14 +703,14 @@ GEM
       nokogiri (~> 1.6)
       rubyzip (~> 1.0)
       selenium-webdriver (~> 3.0)
-    webmock (3.7.1)
+    webmock (3.7.6)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
     whenever (0.11.0)
       chronic (>= 0.6.3)
     wicked_pdf (1.1.0)
-    wkhtmltopdf-binary (0.12.4)
+    wkhtmltopdf-binary (0.12.5)
     xml-simple (1.1.5)
     xpath (2.1.0)
       nokogiri (~> 1.3)
@@ -758,6 +722,7 @@ DEPENDENCIES
   active_model_serializers (= 0.8.4)
   activemerchant (~> 1.78)
   activerecord-import
+  activerecord-postgresql-adapter
   acts-as-taggable-on (~> 3.4)
   andand
   angular-rails-templates (~> 0.3.0)
@@ -793,16 +758,12 @@ DEPENDENCIES
   foundation-icons-sass-rails
   foundation-rails
   foundation_rails_helper!
-  fuubar (~> 2.4.1)
+  fuubar (~> 2.5.0)
   geocoder
   gmaps4rails
-  guard
-  guard-livereload
-  guard-rails
-  guard-rspec (~> 4.7.3)
   haml
   i18n (~> 0.6.11)
-  i18n-js (~> 3.3.0)
+  i18n-js (~> 3.5.0)
   immigrant
   jquery-migrate-rails
   jquery-rails (= 3.0.4)
@@ -811,27 +772,28 @@ DEPENDENCIES
   kaminari (~> 0.14.1)
   knapsack
   letter_opener (>= 1.4.1)
-  listen (= 3.0.8)
+  libv8 (= 6.3.292.48.1)
+  mini_racer (= 0.1.15)
   momentjs-rails
   newrelic_rpm (~> 3.0)
   nokogiri (>= 1.6.7.1)
-  oauth2 (~> 1.4.1)
+  oauth2 (~> 1.4.2)
   ofn-qz!
   oj
   order_management!
   paper_trail (~> 5.2.3)
   paperclip (~> 3.4.1)
-  pg
+  pg (~> 0.21.0)
   pry-byebug (>= 3.4.3)
   rabl
-  rack-mini-profiler (< 1.0.0)
+  rack-mini-profiler (< 2.0.0)
   rack-rewrite
   rack-ssl
   rails (~> 3.2.22)
   rails-i18n (~> 3.0.0)
   rails_safe_tasks (~> 1.0)
   redcarpet
-  roadie-rails (~> 1.1.1)
+  roadie-rails (~> 1.3.0)
   roo (~> 2.7.0)
   roo-xls (~> 1.1.0)
   rspec-rails (>= 3.5.2)
@@ -843,9 +805,7 @@ DEPENDENCIES
   shoulda-matchers
   simple_form!
   simplecov
-  skylight (< 2.0)
   spinjs-rails
-  spree_api!
   spree_backend!
   spree_core!
   spree_i18n!
@@ -853,7 +813,7 @@ DEPENDENCIES
   spring (= 1.7.2)
   spring-commands-rspec
   stripe
-  therubyracer (= 0.12.0)
+  test-unit (~> 3.3)
   timecop
   truncate_html
   turbo-sprockets-rails3
@@ -868,7 +828,7 @@ DEPENDENCIES
   wkhtmltopdf-binary
 
 RUBY VERSION
-   ruby 2.1.5p273
+   ruby 2.2.10p489
 
 BUNDLED WITH
    1.17.2

Guardfile

@@ -1,11 +0,0 @@
-# A sample Guardfile
-# More info at https://github.com/guard/guard#readme
-
-guard 'livereload' do
-  watch(%r{app/views/.+\.(erb|haml|slim)$})
-  watch(%r{app/helpers/.+\.rb})
-  watch(%r{public/.+\.(css|js|html)})
-
-  # Rails Assets Pipeline
-  watch(%r{(app|vendor)(/assets/\w+/(.+\.(css|js|html|png|jpg))).*}) { |m| "/assets/#{m[3]}" }
-end

README.md

@@ -1,23 +1,22 @@
 [![Build Status](https://semaphoreci.com/api/v1/openfoodfoundation/openfoodnetwork-2/branches/master/badge.svg)](https://semaphoreci.com/openfoodfoundation/openfoodnetwork-2)
 [![Code Climate](https://codeclimate.com/github/openfoodfoundation/openfoodnetwork.png)](https://codeclimate.com/github/openfoodfoundation/openfoodnetwork)
-[![View performance data on Skylight](https://badges.skylight.io/status/EiXQ6sSKij8y.svg)](https://oss.skylight.io/app/applications/EiXQ6sSKij8y)
 
 # Open Food Network
 
-The Open Food Network is an online marketplace for local food. It enables a network of independent online food stores that connect farmers and food hubs (including coops, online farmers' markets, independent food businesses etc);  with individuals and local businesses. It gives farmers and food hubs an easier and fairer way to distribute their food.
+The Open Food Network is an online marketplace for local food. It enables a network of independent online food stores that connects farmers and food hubs (including co-ops, online farmers markets, independent food businesses, etc) with individuals and local businesses. It gives farmers and food hubs an easier and fairer way to distribute their food.
 
 Supported by the Open Food Foundation and a network of global affiliates, we are proudly open source and not-for-profit - we're trying to seriously disrupt the concentration of power in global agri-food systems, and we need as many smart people working together on this as possible.
 
 We're part of global movement - get involved!
 
-* Join the conversation [on Slack][slack-invite]. Make sure you introduce yourself in the #general channel
+* Join the conversation [on Slack][slack-invite]. Make sure you introduce yourself in the #general channel.
 * Head to [https://openfoodnetwork.org](https://openfoodnetwork.org) for more information about the global OFN project.
 * Check out the [User Guide](https://guide.openfoodnetwork.org/) for a list of features and tutorials.
 * Join our [discussion forum](https://community.openfoodnetwork.org).
 
 ## Contributing
 
-If you are interested in contributing to the OFN in any capacity, please introducing yourself [on Slack][slack-invite], and have a look through our [Contributor Guide][contributor-guide]
+If you are interested in contributing to the OFN in any capacity, please introduce yourself [on Slack][slack-invite], and have a look through our [Contributor Guide][contributor-guide].
 
 Our [GETTING_STARTED](GETTING_STARTED.md) and [CONTRIBUTING](CONTRIBUTING.md) guides are the best place to start for developers looking to set up a development environment and make contributions to the codebase.
 
@@ -36,7 +35,7 @@ We use [BrowserStack](https://www.browserstack.com/) as a manual testing tool. B
 Copyright (c) 2012 - 2019 Open Food Foundation, released under the AGPL licence.
 
 [survey]: https://docs.google.com/a/eaterprises.com.au/forms/d/1zxR5vSiU9CigJ9cEaC8-eJLgYid8CR8er7PPH9Mc-30/edit#
-[slack-invite]: https://openfoodnetwork.org/slack-invite
+[slack-invite]: https://join.slack.com/t/openfoodnetwork/shared_invite/enQtNzY3NDEwNzM2MDM0LWFmNGRhNDUwYzNmNWNkYmFkMzgxNDg1OTg1ODNjNWY4Y2FhNDIwNmE4ZWI0OThiMGNmZjFkODczNGZiYTJmNWI
 [contributor-guide]: https://ofn-user-guide.gitbook.io/ofn-contributor-guide/who-are-we
 [ofn-install]: https://github.com/openfoodfoundation/ofn-install
 [super-admin-guide]: https://ofn-user-guide.gitbook.io/ofn-super-admin-guide

app/assets/javascripts/admin/bulk_product_update.js.coffee

@@ -1,4 +1,4 @@
-angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout, $filter, $http, $window, BulkProducts, DisplayProperties, DirtyProducts, VariantUnitManager, StatusMessage, producers, Taxons, SpreeApiAuth, Columns, tax_categories, RequestMonitor) ->
+angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout, $filter, $http, $window, BulkProducts, DisplayProperties, DirtyProducts, VariantUnitManager, StatusMessage, producers, Taxons, Columns, tax_categories, RequestMonitor) ->
   $scope.StatusMessage = StatusMessage
 
   $scope.columns = Columns.columns
@@ -39,12 +39,7 @@ angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout
   $scope.DisplayProperties = DisplayProperties
 
   $scope.initialise = ->
-    SpreeApiAuth.authorise()
-    .then ->
-      $scope.spree_api_key_ok = true
-      $scope.fetchProducts()
-    .catch (message) ->
-      $scope.api_error_msg = message
+    $scope.fetchProducts()
 
   $scope.$watchCollection '[query, producerFilter, categoryFilter, importDateFilter, per_page]', ->
     $scope.page = 1 # Reset page when changing filters for new search
@@ -108,9 +103,15 @@ angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout
     $scope.categoryFilter = "0"
     $scope.importDateFilter = "0"
 
+  confirm_unsaved_changes = () ->
+    (DirtyProducts.count() > 0 and confirm(t("unsaved_changes_confirmation"))) or (DirtyProducts.count() == 0)
+  
+  editProductUrl = (product, variant) ->
+    "/admin/products/" + product.permalink_live + ((if variant then "/variants/" + variant.id else "")) + "/edit"
+
   $scope.editWarn = (product, variant) ->
-    if (DirtyProducts.count() > 0 and confirm(t("unsaved_changes_confirmation"))) or (DirtyProducts.count() == 0)
-      window.location = "/admin/products/" + product.permalink_live + ((if variant then "/variants/" + variant.id else "")) + "/edit"
+    if confirm_unsaved_changes()
+      window.open(editProductUrl(product, variant), "_blank")
 
 
   $scope.toggleShowAllVariants = ->

app/assets/javascripts/admin/index_utils/services/spree_api_auth.js.coffee

@@ -1,16 +0,0 @@
-angular.module("admin.indexUtils").factory "SpreeApiAuth", ($q, $http, SpreeApiKey) ->
-  new class SpreeApiAuth
-    authorise: ->
-      deferred = $q.defer()
-
-      $http.get("/api/users/authorise_api?token=" + SpreeApiKey)
-      .success (response) ->
-        if response?.success == "Use of API Authorised"
-          $http.defaults.headers.common["X-Spree-Token"] = SpreeApiKey
-          deferred.resolve()
-
-      .error (response) ->
-        error = response?.error || t('js.unauthorized')
-        deferred.reject(error)
-
-      deferred.promise

app/assets/javascripts/admin/order_cycles/controllers/create.js.coffee

@@ -1,92 +1,12 @@
 angular.module('admin.orderCycles')
-  .controller 'AdminCreateOrderCycleCtrl', ($scope, $filter, $window, OrderCycle, Enterprise, EnterpriseFee, Schedules, RequestMonitor, ocInstance, StatusMessage) ->
-    $scope.enterprises = Enterprise.index(coordinator_id: ocInstance.coordinator_id)
-    $scope.supplier_enterprises = Enterprise.producer_enterprises
-    $scope.distributor_enterprises = Enterprise.hub_enterprises
-    $scope.supplied_products = Enterprise.supplied_products
-    $scope.enterprise_fees = EnterpriseFee.index(coordinator_id: ocInstance.coordinator_id)
-    $scope.schedules = Schedules.index({enterprise_id: ocInstance.coordinator_id})
+  .controller 'AdminCreateOrderCycleCtrl', ($scope, $controller, $filter, $window, OrderCycle, Enterprise, EnterpriseFee, Schedules, RequestMonitor, ocInstance, StatusMessage) ->
+    $controller('AdminOrderCycleBasicCtrl', {$scope: $scope, ocInstance: ocInstance})
 
-    $scope.OrderCycle = OrderCycle
     $scope.order_cycle = OrderCycle.new({ coordinator_id: ocInstance.coordinator_id})
-
-    $scope.StatusMessage = StatusMessage
-
-    $scope.$watch 'order_cycle_form.$dirty', (newValue) ->
-      StatusMessage.display 'notice', t("admin.unsaved_changes") if newValue
-
-    $scope.$watch 'order_cycle_form.$valid', (isValid) ->
-      StatusMessage.setValidation(isValid)
-
-    $scope.loaded = ->
-      Enterprise.loaded && EnterpriseFee.loaded && OrderCycle.loaded && !RequestMonitor.loading
-
-    $scope.suppliedVariants = (enterprise_id) ->
-      Enterprise.suppliedVariants(enterprise_id)
-
-    $scope.exchangeSelectedVariants = (exchange) ->
-      OrderCycle.exchangeSelectedVariants(exchange)
-
-    $scope.setExchangeVariants = (exchange, variants, selected) ->
-      OrderCycle.setExchangeVariants(exchange, variants, selected)
-
-    $scope.enterpriseTotalVariants = (enterprise) ->
-      Enterprise.totalVariants(enterprise)
-
-    $scope.productSuppliedToOrderCycle = (product) ->
-      OrderCycle.productSuppliedToOrderCycle(product)
-
-    $scope.variantSuppliedToOrderCycle = (variant) ->
-      OrderCycle.variantSuppliedToOrderCycle(variant)
-
-    $scope.incomingExchangeVariantsFor = (enterprise_id) ->
-      $filter('filterExchangeVariants')(OrderCycle.incomingExchangesVariants(), $scope.order_cycle.visible_variants_for_outgoing_exchanges[enterprise_id])
-
-    $scope.exchangeDirection = (exchange) ->
-      OrderCycle.exchangeDirection(exchange)
-
-    $scope.enterprisesWithFees = ->
-      $scope.enterprises[id] for id in OrderCycle.participatingEnterpriseIds() when $scope.enterpriseFeesForEnterprise(id).length > 0
-
-    $scope.enterpriseFeesForEnterprise = (enterprise_id) ->
-      EnterpriseFee.forEnterprise(parseInt(enterprise_id))
-
-    $scope.addSupplier = ($event) ->
-      $event.preventDefault()
-      OrderCycle.addSupplier($scope.new_supplier_id)
-
-    $scope.addDistributor = ($event) ->
-      $event.preventDefault()
-      OrderCycle.addDistributor($scope.new_distributor_id)
-
-    $scope.removeExchange = ($event, exchange) ->
-      $event.preventDefault()
-      OrderCycle.removeExchange(exchange)
-      $scope.order_cycle_form.$dirty = true
-
-    $scope.addCoordinatorFee = ($event) ->
-      $event.preventDefault()
-      OrderCycle.addCoordinatorFee()
-
-    $scope.removeCoordinatorFee = ($event, index) ->
-      $event.preventDefault()
-      OrderCycle.removeCoordinatorFee(index)
-
-    $scope.addExchangeFee = ($event, exchange) ->
-      $event.preventDefault()
-      OrderCycle.addExchangeFee(exchange)
-
-    $scope.removeExchangeFee = ($event, exchange, index) ->
-      $event.preventDefault()
-      OrderCycle.removeExchangeFee(exchange, index)
-
-    $scope.removeDistributionOfVariant = (variant_id) ->
-      OrderCycle.removeDistributionOfVariant(variant_id)
+    $scope.enterprises = Enterprise.index(coordinator_id: ocInstance.coordinator_id)
+    $scope.enterprise_fees = EnterpriseFee.index(coordinator_id: ocInstance.coordinator_id)
 
     $scope.submit = ($event, destination) ->
       $event.preventDefault()
       StatusMessage.display 'progress', t('js.saving')
       OrderCycle.create(destination)
-
-    $scope.cancel = (destination) ->
-      $window.location = destination

app/assets/javascripts/admin/order_cycles/controllers/edit.js.coffee

@@ -1,91 +1,17 @@
 angular.module('admin.orderCycles')
-  .controller 'AdminEditOrderCycleCtrl', ($scope, $filter, $location, $window, OrderCycle, Enterprise, EnterpriseFee, StatusMessage, Schedules, RequestMonitor, ocInstance) ->
+  .controller 'AdminEditOrderCycleCtrl', ($scope, $controller, $filter, $location, $window, OrderCycle, Enterprise, EnterpriseFee, StatusMessage, Schedules, RequestMonitor, ocInstance) ->
+    $controller('AdminOrderCycleBasicCtrl', {$scope: $scope, ocInstance: ocInstance})
+
     order_cycle_id = $location.absUrl().match(/\/admin\/order_cycles\/(\d+)/)[1]
-    $scope.enterprises = Enterprise.index(order_cycle_id: order_cycle_id)
-    $scope.supplier_enterprises = Enterprise.producer_enterprises
-    $scope.distributor_enterprises = Enterprise.hub_enterprises
-    $scope.supplied_products = Enterprise.supplied_products
-    $scope.enterprise_fees = EnterpriseFee.index(order_cycle_id: order_cycle_id)
-    $scope.schedules = Schedules.index({enterprise_id: ocInstance.coordinator_id})
-
-    $scope.OrderCycle = OrderCycle
     $scope.order_cycle = OrderCycle.load(order_cycle_id)
-
-    $scope.StatusMessage = StatusMessage
-
-    $scope.$watch 'order_cycle_form.$dirty', (newValue) ->
-      StatusMessage.display 'notice', t("admin.unsaved_changes") if newValue
-
-    $scope.$watch 'order_cycle_form.$valid', (isValid) ->
-      StatusMessage.setValidation(isValid)
-
-    $scope.loaded = ->
-      Enterprise.loaded && EnterpriseFee.loaded && OrderCycle.loaded && !RequestMonitor.loading
-
-    $scope.suppliedVariants = (enterprise_id) ->
-      Enterprise.suppliedVariants(enterprise_id)
-
-    $scope.exchangeSelectedVariants = (exchange) ->
-      OrderCycle.exchangeSelectedVariants(exchange)
-
-    $scope.setExchangeVariants = (exchange, variants, selected) ->
-      OrderCycle.setExchangeVariants(exchange, variants, selected)
-
-    $scope.enterpriseTotalVariants = (enterprise) ->
-      Enterprise.totalVariants(enterprise)
-
-    $scope.productSuppliedToOrderCycle = (product) ->
-      OrderCycle.productSuppliedToOrderCycle(product)
-
-    $scope.variantSuppliedToOrderCycle = (variant) ->
-      OrderCycle.variantSuppliedToOrderCycle(variant)
-
-    $scope.incomingExchangeVariantsFor = (enterprise_id) ->
-      $filter('filterExchangeVariants')(OrderCycle.incomingExchangesVariants(), $scope.order_cycle.visible_variants_for_outgoing_exchanges[enterprise_id])
-
-    $scope.exchangeDirection = (exchange) ->
-      OrderCycle.exchangeDirection(exchange)
-
-    $scope.enterprisesWithFees = ->
-      $scope.enterprises[id] for id in OrderCycle.participatingEnterpriseIds() when $scope.enterpriseFeesForEnterprise(id).length > 0
-
-    $scope.enterpriseFeesForEnterprise = (enterprise_id) ->
-      EnterpriseFee.forEnterprise(parseInt(enterprise_id))
-
-    $scope.addSupplier = ($event) ->
-      $event.preventDefault()
-      OrderCycle.addSupplier($scope.new_supplier_id)
-
-    $scope.addDistributor = ($event) ->
-      $event.preventDefault()
-      OrderCycle.addDistributor($scope.new_distributor_id)
-
-    $scope.removeExchange = ($event, exchange) ->
-      $event.preventDefault()
-      OrderCycle.removeExchange(exchange)
-      $scope.order_cycle_form.$dirty = true
-
-    $scope.addCoordinatorFee = ($event) ->
-      $event.preventDefault()
-      OrderCycle.addCoordinatorFee()
+    $scope.enterprises = Enterprise.index(order_cycle_id: order_cycle_id)
+    $scope.enterprise_fees = EnterpriseFee.index(order_cycle_id: order_cycle_id)
 
     $scope.removeCoordinatorFee = ($event, index) ->
       $event.preventDefault()
       OrderCycle.removeCoordinatorFee(index)
       $scope.order_cycle_form.$dirty = true
 
-    $scope.addExchangeFee = ($event, exchange) ->
-      $event.preventDefault()
-      OrderCycle.addExchangeFee(exchange)
-
-    $scope.removeExchangeFee = ($event, exchange, index) ->
-      $event.preventDefault()
-      OrderCycle.removeExchangeFee(exchange, index)
-      $scope.order_cycle_form.$dirty = true
-
-    $scope.removeDistributionOfVariant = (variant_id) ->
-      OrderCycle.removeDistributionOfVariant(variant_id)
-
     $scope.submit = (destination) ->
       $event.preventDefault()
       StatusMessage.display 'progress', t('js.saving')
@@ -94,6 +20,3 @@ angular.module('admin.orderCycles')
       $event.preventDefault()
       StatusMessage.display 'progress', t('js.saving')
       OrderCycle.update(destination, $scope.order_cycle_form)
-
-    $scope.cancel = (destination) ->
-      $window.location = destination

app/assets/javascripts/admin/order_cycles/controllers/incoming_controller.js.coffee

@@ -0,0 +1,5 @@
+angular.module('admin.orderCycles').controller 'AdminOrderCycleIncomingCtrl', ($scope, $controller, $location, Enterprise, ocInstance) ->
+  $controller('AdminOrderCycleExchangesCtrl', {$scope: $scope, ocInstance: ocInstance, $location: $location})
+
+  $scope.enterpriseTotalVariants = (enterprise) ->
+    Enterprise.totalVariants(enterprise)

app/assets/javascripts/admin/order_cycles/controllers/order_cycle_basic_controller.js.coffee

@@ -0,0 +1,40 @@
+angular.module('admin.orderCycles')
+  .controller 'AdminOrderCycleBasicCtrl', ($scope, $filter, $window, OrderCycle, Enterprise, EnterpriseFee, Schedules, RequestMonitor, ocInstance, StatusMessage) ->
+    $scope.StatusMessage = StatusMessage
+    $scope.OrderCycle = OrderCycle
+
+    $scope.$watch 'order_cycle_form.$dirty', (newValue) ->
+      StatusMessage.display 'notice', t("admin.unsaved_changes") if newValue
+
+    $scope.$watch 'order_cycle_form.$valid', (isValid) ->
+      StatusMessage.setValidation(isValid)
+
+    $scope.loaded = ->
+      Enterprise.loaded && EnterpriseFee.loaded && OrderCycle.loaded && !RequestMonitor.loading
+
+    $scope.enterpriseFeesForEnterprise = (enterprise_id) ->
+      EnterpriseFee.forEnterprise(parseInt(enterprise_id))
+
+    $scope.cancel = (destination) ->
+      $window.location = destination
+
+    # Used in panels/exchange_supplied_products.html
+    $scope.suppliedVariants = (enterprise_id) ->
+      Enterprise.suppliedVariants(enterprise_id)
+
+    # Used in panels/exchange_supplied_products.html and panels/exchange_distributed_products.html
+    $scope.setExchangeVariants = (exchange, variants, selected) ->
+      OrderCycle.setExchangeVariants(exchange, variants, selected)
+
+    # The following methods are specific to the general settings pages:
+    #   - simple create, simple edit and general settings pages
+
+    $scope.schedules = Schedules.index({enterprise_id: ocInstance.coordinator_id})
+
+    $scope.addCoordinatorFee = ($event) ->
+      $event.preventDefault()
+      OrderCycle.addCoordinatorFee()
+
+    $scope.removeCoordinatorFee = ($event, index) ->
+      $event.preventDefault()
+      OrderCycle.removeCoordinatorFee(index)

app/assets/javascripts/admin/order_cycles/controllers/order_cycle_exchanges_controller.js.coffee

@@ -0,0 +1,46 @@
+angular.module('admin.orderCycles')
+  .controller 'AdminOrderCycleExchangesCtrl', ($scope, $controller, $filter, $window, $location, $timeout, OrderCycle, Enterprise, EnterpriseFee, Schedules, RequestMonitor, ocInstance, StatusMessage) ->
+    $controller('AdminEditOrderCycleCtrl', {$scope: $scope, ocInstance: ocInstance, $location: $location})
+
+    $scope.supplier_enterprises = Enterprise.producer_enterprises
+    $scope.distributor_enterprises = Enterprise.hub_enterprises
+    $scope.supplied_products = Enterprise.supplied_products
+
+    $scope.exchangeSelectedVariants = (exchange) ->
+      OrderCycle.exchangeSelectedVariants(exchange)
+
+    $scope.exchangeDirection = (exchange) ->
+      OrderCycle.exchangeDirection(exchange)
+
+    $scope.enterprisesWithFees = ->
+      $scope.enterprises[id] for id in OrderCycle.participatingEnterpriseIds() when $scope.enterpriseFeesForEnterprise(id).length > 0
+
+    $scope.removeExchange = ($event, exchange) ->
+      $event.preventDefault()
+      OrderCycle.removeExchange(exchange)
+      $scope.order_cycle_form.$dirty = true
+
+    $scope.addExchangeFee = ($event, exchange) ->
+      $event.preventDefault()
+      OrderCycle.addExchangeFee(exchange)
+
+    $scope.removeExchangeFee = ($event, exchange, index) ->
+      $event.preventDefault()
+      OrderCycle.removeExchangeFee(exchange, index)
+      $scope.order_cycle_form.$dirty = true
+
+    $scope.addSupplier = ($event) ->
+      $event.preventDefault()
+      OrderCycle.addSupplier($scope.new_supplier_id)
+
+    $scope.addDistributor = ($event) ->
+      $event.preventDefault()
+      OrderCycle.addDistributor($scope.new_distributor_id)
+
+    $scope.setPickupTimeFieldDirty = (index) ->
+      $timeout ->
+        pickup_time_field_name = "order_cycle_outgoing_exchange_" + index + "_pickup_time"
+        $scope.order_cycle_form[pickup_time_field_name].$setDirty()
+
+    $scope.removeDistributionOfVariant = (variant_id) ->
+      OrderCycle.removeDistributionOfVariant(variant_id)

app/assets/javascripts/admin/order_cycles/controllers/outgoing_controller.js.coffee

@@ -0,0 +1,16 @@
+angular.module('admin.orderCycles').controller 'AdminOrderCycleOutgoingCtrl', ($scope, $controller, $filter, $location, OrderCycle, ocInstance, StatusMessage) ->
+  $controller('AdminOrderCycleExchangesCtrl', {$scope: $scope, ocInstance: ocInstance, $location: $location})
+
+  $scope.productSuppliedToOrderCycle = (product) ->
+    OrderCycle.productSuppliedToOrderCycle(product)
+
+  $scope.variantSuppliedToOrderCycle = (variant) ->
+    OrderCycle.variantSuppliedToOrderCycle(variant)
+
+  $scope.incomingExchangeVariantsFor = (enterprise_id) ->
+    $filter('filterExchangeVariants')(OrderCycle.incomingExchangesVariants(), $scope.order_cycle.visible_variants_for_outgoing_exchanges[enterprise_id])
+
+  $scope.submit = ($event, destination) ->
+    $event.preventDefault()
+    StatusMessage.display 'progress', t('js.saving')
+    OrderCycle.update(destination, $scope.order_cycle_form) if OrderCycle.confirmNoDistributors()

app/assets/javascripts/admin/order_cycles/controllers/simple_create.js.coffee

@@ -1,19 +1,12 @@
-angular.module('admin.orderCycles').controller "AdminSimpleCreateOrderCycleCtrl", ($scope, $window, OrderCycle, Enterprise, EnterpriseFee, StatusMessage, Schedules, RequestMonitor, ocInstance) ->
-  $scope.StatusMessage = StatusMessage
-  $scope.OrderCycle = OrderCycle
-  $scope.schedules = Schedules.index({enterprise_id: ocInstance.coordinator_id})
+angular.module('admin.orderCycles').controller "AdminSimpleCreateOrderCycleCtrl", ($scope, $controller, $window, OrderCycle, Enterprise, EnterpriseFee, StatusMessage, Schedules, RequestMonitor, ocInstance) ->
+  $controller('AdminOrderCycleBasicCtrl', {$scope: $scope, ocInstance: ocInstance})
+
   $scope.order_cycle = OrderCycle.new {coordinator_id: ocInstance.coordinator_id}, =>
     # TODO: make this a get method, which only fetches one enterprise
     $scope.enterprises = Enterprise.index {coordinator_id: ocInstance.coordinator_id}, (enterprises) =>
       $scope.init(enterprises)
     $scope.enterprise_fees = EnterpriseFee.index(coordinator_id: ocInstance.coordinator_id)
 
-  $scope.$watch 'order_cycle_form.$dirty', (newValue) ->
-      StatusMessage.display 'notice', t("admin.unsaved_changes") if newValue
-
-  $scope.$watch 'order_cycle_form.$valid', (isValid) ->
-    StatusMessage.setValidation(isValid)
-
   $scope.init = (enterprises) ->
     enterprise = enterprises[Object.keys(enterprises)[0]]
     OrderCycle.addSupplier enterprise.id
@@ -26,33 +19,10 @@ angular.module('admin.orderCycles').controller "AdminSimpleCreateOrderCycleCtrl"
 
     OrderCycle.order_cycle.coordinator_id = enterprise.id
 
-  $scope.loaded = ->
-    Enterprise.loaded && EnterpriseFee.loaded && OrderCycle.loaded && !RequestMonitor.loading
-
   $scope.removeDistributionOfVariant = angular.noop
 
-  $scope.setExchangeVariants = (exchange, variants, selected) ->
-    OrderCycle.setExchangeVariants(exchange, variants, selected)
-
-  $scope.suppliedVariants = (enterprise_id) ->
-    Enterprise.suppliedVariants(enterprise_id)
-
-  $scope.addCoordinatorFee = ($event) ->
-    $event.preventDefault()
-    OrderCycle.addCoordinatorFee()
-
-  $scope.removeCoordinatorFee = ($event, index) ->
-    $event.preventDefault()
-    OrderCycle.removeCoordinatorFee(index)
-
-  $scope.enterpriseFeesForEnterprise = (enterprise_id) ->
-    EnterpriseFee.forEnterprise(parseInt(enterprise_id))
-
   $scope.submit = ($event, destination) ->
     $event.preventDefault()
     StatusMessage.display 'progress', t('js.saving')
     OrderCycle.mirrorIncomingToOutgoingProducts()
-    OrderCycle.create(destination)
-
-  $scope.cancel = (destination) ->
-      $window.location = destination
+    OrderCycle.create(destination) if OrderCycle.confirmNoDistributors()

app/assets/javascripts/admin/order_cycles/controllers/simple_edit.js.coffee

@@ -1,51 +1,21 @@
-angular.module('admin.orderCycles').controller "AdminSimpleEditOrderCycleCtrl", ($scope, $location, $window, OrderCycle, Enterprise, EnterpriseFee, Schedules, RequestMonitor, StatusMessage, ocInstance) ->
+angular.module('admin.orderCycles').controller "AdminSimpleEditOrderCycleCtrl", ($scope, $controller, $location, $window, OrderCycle, Enterprise, EnterpriseFee, Schedules, RequestMonitor, StatusMessage, ocInstance) ->
+  $controller('AdminOrderCycleBasicCtrl', {$scope: $scope, ocInstance: ocInstance})
+
   $scope.orderCycleId = ->
     $location.absUrl().match(/\/admin\/order_cycles\/(\d+)/)[1]
 
-  $scope.StatusMessage = StatusMessage
   $scope.enterprises = Enterprise.index(order_cycle_id: $scope.orderCycleId())
   $scope.enterprise_fees = EnterpriseFee.index(order_cycle_id: $scope.orderCycleId())
-  $scope.schedules = Schedules.index({enterprise_id: ocInstance.coordinator_id})
-  $scope.OrderCycle = OrderCycle
   $scope.order_cycle = OrderCycle.load $scope.orderCycleId(), (order_cycle) =>
     $scope.init()
 
-  $scope.$watch 'order_cycle_form.$dirty', (newValue) ->
-      StatusMessage.display 'notice', t("admin.unsaved_changes") if newValue
-
-  $scope.$watch 'order_cycle_form.$valid', (isValid) ->
-    StatusMessage.setValidation(isValid)
-
-  $scope.loaded = ->
-    Enterprise.loaded && EnterpriseFee.loaded && OrderCycle.loaded && !RequestMonitor.loading
-
   $scope.init = ->
     $scope.outgoing_exchange = OrderCycle.order_cycle.outgoing_exchanges[0]
 
-  $scope.enterpriseFeesForEnterprise = (enterprise_id) ->
-    EnterpriseFee.forEnterprise(parseInt(enterprise_id))
-
   $scope.removeDistributionOfVariant = angular.noop
 
-  $scope.setExchangeVariants = (exchange, variants, selected) ->
-    OrderCycle.setExchangeVariants(exchange, variants, selected)
-
-  $scope.suppliedVariants = (enterprise_id) ->
-    Enterprise.suppliedVariants(enterprise_id)
-
-  $scope.addCoordinatorFee = ($event) ->
-    $event.preventDefault()
-    OrderCycle.addCoordinatorFee()
-
-  $scope.removeCoordinatorFee = ($event, index) ->
-    $event.preventDefault()
-    OrderCycle.removeCoordinatorFee(index)
-
   $scope.submit = ($event, destination) ->
     $event.preventDefault()
     StatusMessage.display 'progress', t('js.saving')
     OrderCycle.mirrorIncomingToOutgoingProducts()
-    OrderCycle.update(destination, $scope.order_cycle_form)
-
-  $scope.cancel = (destination) ->
-    $window.location = destination
+    OrderCycle.update(destination, $scope.order_cycle_form) if OrderCycle.confirmNoDistributors()

app/assets/javascripts/admin/order_cycles/services/order_cycle.js.coffee

@@ -148,10 +148,12 @@ angular.module('admin.orderCycles').factory 'OrderCycle', ($resource, $window, S
       this.order_cycle
 
     create: (destination) ->
-      return unless @confirmNoDistributors()
       oc = new OrderCycleResource({order_cycle: this.dataForSubmit()})
       oc.$create (data) ->
-        $window.location = destination
+        if destination? && destination.length != 0
+          $window.location = destination
+        else if data.edit_path?
+          $window.location = data.edit_path
       , (response) ->
         if response.data.errors?
           StatusMessage.display('failure', response.data.errors[0])
@@ -159,7 +161,6 @@ angular.module('admin.orderCycles').factory 'OrderCycle', ($resource, $window, S
           StatusMessage.display('failure', t('js.order_cycles.create_failure'))
 
     update: (destination, form) ->
-      return unless @confirmNoDistributors()
       oc = new OrderCycleResource({order_cycle: this.dataForSubmit()})
       oc.$update {order_cycle_id: this.order_cycle.id, reloading: (if destination? then 1 else 0)}, (data) =>
         form.$setPristine() if form
@@ -173,7 +174,6 @@ angular.module('admin.orderCycles').factory 'OrderCycle', ($resource, $window, S
         else
           StatusMessage.display('failure', t('js.order_cycles.update_failure'))
 
-
     confirmNoDistributors: ->
       if @order_cycle.outgoing_exchanges.length == 0
         confirm t('js.order_cycles.no_distributors')

app/assets/javascripts/admin/variant_overrides/controllers/variant_overrides_controller.js.coffee

@@ -1,4 +1,4 @@
-angular.module("admin.variantOverrides").controller "AdminVariantOverridesCtrl", ($scope, $http, $timeout, Indexer, Columns, Views, SpreeApiAuth, PagedFetcher, StatusMessage, RequestMonitor, hubs, producers, hubPermissions, InventoryItems, VariantOverrides, DirtyVariantOverrides) ->
+angular.module("admin.variantOverrides").controller "AdminVariantOverridesCtrl", ($scope, $http, $timeout, Indexer, Columns, Views, PagedFetcher, StatusMessage, RequestMonitor, hubs, producers, hubPermissions, InventoryItems, VariantOverrides, DirtyVariantOverrides) ->
   $scope.hubs = Indexer.index hubs
   $scope.hub_id = if hubs.length == 1 then hubs[0].id else null
   $scope.products = []
@@ -39,13 +39,7 @@ angular.module("admin.variantOverrides").controller "AdminVariantOverridesCtrl",
     $scope.producerFilter != 0 || $scope.query != ''
 
   $scope.initialise = ->
-    SpreeApiAuth.authorise()
-    .then ->
-      $scope.spree_api_key_ok = true
-      $scope.fetchProducts()
-    .catch (message) ->
-      $scope.api_error_msg = message
-
+    $scope.fetchProducts()
 
   $scope.fetchProducts = ->
     url = "/api/products/overridable?page=::page::;per_page=100"

app/assets/javascripts/darkswarm/controllers/order_cycle_controller.js.coffee

@@ -1,4 +1,4 @@
-Darkswarm.controller "OrderCycleCtrl", ($scope, $timeout, OrderCycle) ->
+Darkswarm.controller "OrderCycleCtrl", ($scope, $rootScope, $timeout, OrderCycle) ->
   $scope.order_cycle = OrderCycle.order_cycle
   $scope.OrderCycle = OrderCycle
 
@@ -6,11 +6,12 @@ Darkswarm.controller "OrderCycleCtrl", ($scope, $timeout, OrderCycle) ->
   # This is a hack. We should probably write our own "popover" directive
   # That takes an expression instead of a trigger, and binds to that
   $timeout =>
+    $rootScope.$broadcast 'orderCycleSelected'
     if !$scope.OrderCycle.selected()
       $("#order_cycle_id").trigger("openTrigger")
 
 
-Darkswarm.controller "OrderCycleChangeCtrl", ($scope, $timeout, OrderCycle, Products, Variants, Cart, ChangeableOrdersAlert) ->
+Darkswarm.controller "OrderCycleChangeCtrl", ($scope, $rootScope, $timeout, OrderCycle, Products, Variants, Cart, ChangeableOrdersAlert) ->
   # Track previous order cycle id for use with revertOrderCycle()
   $scope.previous_order_cycle_id = OrderCycle.order_cycle.order_cycle_id
   $scope.$watch 'order_cycle.order_cycle_id', (newValue, oldValue)->
@@ -32,3 +33,4 @@ Darkswarm.controller "OrderCycleChangeCtrl", ($scope, $timeout, OrderCycle, Prod
     Products.update()
     Cart.reloadFinalisedLineItems()
     ChangeableOrdersAlert.reload()
+    $rootScope.$broadcast 'orderCycleSelected'

app/assets/javascripts/darkswarm/controllers/products_controller.js.coffee

@@ -1,41 +1,65 @@
-Darkswarm.controller "ProductsCtrl", ($scope, $filter, $rootScope, Products, OrderCycle, FilterSelectorsService, Cart, Taxons, Properties) ->
+Darkswarm.controller "ProductsCtrl", ($scope, $filter, $rootScope, Products, OrderCycle, OrderCycleResource, FilterSelectorsService, Cart, Dereferencer, Taxons, Properties, currentHub, $timeout) ->
   $scope.Products = Products
   $scope.Cart = Cart
   $scope.query = ""
   $scope.taxonSelectors = FilterSelectorsService.createSelectors()
   $scope.propertySelectors = FilterSelectorsService.createSelectors()
   $scope.filtersActive = true
-  $scope.limit = 10
+  $scope.page = 1
+  $scope.per_page = 10
   $scope.order_cycle = OrderCycle.order_cycle
-  # $scope.infiniteDisabled = true
+  $scope.supplied_taxons = null
+  $scope.supplied_properties = null
 
-  # All of this logic basically just replicates the functionality filtering an ng-repeat
-  # except that it allows us to filter a separate list before rendering, meaning that
-  # we can get much better performance when applying filters by resetting the limit on the
-  # number of products being rendered each time a filter is changed.
+  $rootScope.$on "orderCycleSelected", ->
+    $scope.update_filters()
+    $scope.clearAll()
 
-  $scope.$watch "Products.loading", (newValue, oldValue) ->
-    $scope.updateFilteredProducts()
-    $scope.$broadcast("loadFilterSelectors") if !newValue
+  $scope.update_filters = ->
+    order_cycle_id = OrderCycle.order_cycle.order_cycle_id
 
-  $scope.incrementLimit = ->
-    if $scope.limit < Products.products.length
-      $scope.limit += 10
-      $scope.updateVisibleProducts()
+    return unless order_cycle_id
 
-  $scope.$watch 'query', -> $scope.updateFilteredProducts()
-  $scope.$watchCollection 'activeTaxons', -> $scope.updateFilteredProducts()
-  $scope.$watchCollection 'activeProperties', -> $scope.updateFilteredProducts()
+    params = {
+      id: order_cycle_id,
+      distributor: currentHub.id
+    }
+    OrderCycleResource.taxons params, (data)=>
+      $scope.supplied_taxons = {}
+      data.map( (taxon) ->
+        $scope.supplied_taxons[taxon.id] = Taxons.taxons_by_id[taxon.id]
+      )
+    OrderCycleResource.properties params, (data)=>
+      $scope.supplied_properties = {}
+      data.map( (property) ->
+        $scope.supplied_properties[property.id] = Properties.properties_by_id[property.id]
+      )
 
-  $scope.updateFilteredProducts = ->
-    $scope.limit = 10
-    f1 = $filter('products')(Products.products, $scope.query)
-    f2 = $filter('taxons')(f1, $scope.activeTaxons)
-    $scope.filteredProducts = $filter('properties')(f2, $scope.activeProperties)
-    $scope.updateVisibleProducts()
+  $scope.loadMore = ->
+    if ($scope.page * $scope.per_page) <= Products.products.length
+      $scope.loadMoreProducts()
 
-  $scope.updateVisibleProducts = ->
-    $scope.visibleProducts = $filter('limitTo')($scope.filteredProducts, $scope.limit)
+  $scope.$watch 'query', (newValue, oldValue) -> $scope.loadProducts() if newValue != oldValue
+  $scope.$watchCollection 'activeTaxons', (newValue, oldValue) -> $scope.loadProducts() if newValue != oldValue
+  $scope.$watchCollection 'activeProperties', (newValue, oldValue) -> $scope.loadProducts() if newValue != oldValue
+
+  $scope.loadProducts = ->
+    $scope.page = 1
+    Products.update($scope.queryParams())
+
+  $scope.loadMoreProducts = ->
+    Products.update($scope.queryParams($scope.page + 1), true)
+    $scope.page += 1
+
+  $scope.queryParams = (page = null) ->
+    {
+      id: $scope.order_cycle.order_cycle_id,
+      page: page || $scope.page,
+      per_page: $scope.per_page,
+      'q[name_or_meta_keywords_or_supplier_name_cont]': $scope.query,
+      'q[properties_id_or_supplier_properties_id_in_any][]': $scope.activeProperties,
+      'q[primary_taxon_id_in_any][]': $scope.activeTaxons
+    }
 
   $scope.searchKeypress = (e)->
     code = e.keyCode || e.which

app/assets/javascripts/darkswarm/services/order_cycle_resource.js.coffee

@@ -0,0 +1,21 @@
+Darkswarm.factory 'OrderCycleResource', ($resource) ->
+  $resource('/api/order_cycles/:id', {}, {
+    'products':
+      method: 'GET'
+      isArray: true
+      url: '/api/order_cycles/:id/products'
+      params:
+        id: '@id'
+    'taxons':
+      method: 'GET'
+      isArray: true
+      url: '/api/order_cycles/:id/taxons'
+      params:
+        id: '@id'
+    'properties':
+      method: 'GET'
+      isArray: true
+      url: '/api/order_cycles/:id/properties'
+      params:
+        id: '@id'
+  })

app/assets/javascripts/darkswarm/services/products.js.coffee

@@ -1,26 +1,34 @@
-Darkswarm.factory 'Products', ($resource, Shopfront, Dereferencer, Taxons, Properties, Cart, Variants) ->
+Darkswarm.factory 'Products', (OrderCycleResource, OrderCycle, Shopfront, currentHub, Dereferencer, Taxons, Properties, Cart, Variants) ->
   new class Products
     constructor: ->
       @update()
 
-    # TODO: don't need to scope this into object
-    # Already on object as far as controller scope is concerned
-    products: null
+    products: []
+    fetched_products: []
     loading: true
 
-    update: =>
+    update: (params = {}, load_more = false) =>
       @loading = true
-      @products = []
-      $resource("/shop/products").query (products)=>
-        @products = products
+      order_cycle_id = OrderCycle.order_cycle.order_cycle_id
 
+      if order_cycle_id == undefined
+        @loading = false
+        return
+
+      params['id'] = order_cycle_id
+      params['distributor'] = currentHub.id
+
+      OrderCycleResource.products params, (data)=>
+        @products = [] unless load_more
+        @fetched_products = data
         @extend()
         @dereference()
         @registerVariants()
+        @products = @products.concat(@fetched_products)
         @loading = false
 
     extend: ->
-      for product in @products
+      for product in @fetched_products
         if product.variants?.length > 0
           prices = (v.price for v in product.variants)
           product.price = Math.min.apply(null, prices)
@@ -30,7 +38,7 @@ Darkswarm.factory 'Products', ($resource, Shopfront, Dereferencer, Taxons, Prope
         product.largeImage = product.images[0]?.large_url if product.images
 
     dereference: ->
-      for product in @products
+      for product in @fetched_products
         product.supplier = Shopfront.producers_by_id[product.supplier.id]
         Dereferencer.dereference product.taxons, Taxons.taxons_by_id
 
@@ -40,7 +48,7 @@ Darkswarm.factory 'Products', ($resource, Shopfront, Dereferencer, Taxons, Prope
     # May return different objects! If the variant has already been registered
     # by another service, we fetch those
     registerVariants: ->
-      for product in @products
+      for product in @fetched_products
         if product.variants
           product.variant_names = ""
           product.variants = for variant in product.variants

app/assets/javascripts/templates/admin/panels/exchange_distributed_products.html.haml

@@ -11,7 +11,7 @@
 
     .exchange-products
       -# Scope product list based on permissions the current user has to view variants in this exchange
-      .exchange-product{'ng-repeat' => 'product in supplied_products | filter:productSuppliedToOrderCycle | visibleProducts:exchange:order_cycle.visible_variants_for_outgoing_exchanges | orderBy:"name"' }
+      .exchange-product{'ng-repeat' => 'product in supplied_products | filter:productSuppliedToOrderCycle | visibleProducts:exchange:order_cycle.visible_variants_for_outgoing_exchanges' }
         .exchange-product-details
           %label
             %img{'ng-src' => '{{ product.image_url }}'}

app/assets/javascripts/templates/admin/panels/exchange_supplied_products.html.haml

@@ -13,31 +13,11 @@
       -# No need to scope product list based on permissions, because if an incoming exchange is visible,
       -# then all of the variants within it should be visible. May change in the future?
       .exchange-product{'ng-repeat' => 'product in enterprises[exchange.enterprise_id].supplied_products'}
-
         .exchange-product-details
           %label
-            %input{ type: 'checkbox', name: 'order_cycle_incoming_exchange_{{ $parent.$index }}_variants_{{ product.master_id }}',
-              value: 1,
-              'ng-hide' => 'product.variants.length > 0',
-              'ng-model' => 'exchange.variants[product.master_id]',
-              'ofn-sync-distributions' => '{{ product.master_id }}',
-              'id' => 'order_cycle_incoming_exchange_{{ $parent.$index }}_variants_{{ product.master_id }}',
-              'ng-disabled' => 'product.variants.length > 0 || !order_cycle.editable_variants_for_incoming_exchanges.hasOwnProperty(exchange.enterprise_id) || order_cycle.editable_variants_for_incoming_exchanges[exchange.enterprise_id].indexOf(product.master_id) < 0' }
             %img{'ng-src' => '{{ product.image_url }}'}
             {{ product.name }}
 
-        -# When the master variant is in the order cycle but the product has variants, we want to
-        -# be able to remove the master variant, since it serves no purpose. Display a checkbox to do so.
-        .exchange-product-variant{'ng-show' => 'exchange.variants[product.master_id] && product.variants.length > 0'}
-          %label
-            %input{ type: 'checkbox', name: 'order_cycle_incoming_exchange_{{ $parent.$index }}_variants_{{ product.master_id }}',
-              value: 1,
-              'ng-model' => 'exchange.variants[product.master_id]',
-              'ofn-sync-distributions' => '{{ product.master_id }}',
-              'id' => 'order_cycle_incoming_exchange_{{ $parent.$index }}_variants_{{ product.master_id }}',
-              'ng-disabled' => '!order_cycle.editable_variants_for_incoming_exchanges.hasOwnProperty(exchange.enterprise_id) || order_cycle.editable_variants_for_incoming_exchanges[exchange.enterprise_id].indexOf(product.master_id) < 0' }
-            {{ 'admin.obsolete_master' | t }}
-
         .exchange-product-variant{'ng-repeat' => 'variant in product.variants'}
           %label
             %input{ type: 'checkbox', name: 'order_cycle_incoming_exchange_{{ $parent.$parent.$index }}_variants_{{ variant.id }}',

app/assets/javascripts/templates/shop_variant.html.haml

@@ -17,7 +17,7 @@
   .small-4.medium-2.large-2.columns.variant-price
     .table-cell.price
       %i.ofn-i_009-close
-      {{  ::variant.price_with_fees | localizeCurrency }}
+      {{ variant.price_with_fees | localizeCurrency }}
 
       -# Now in a template in app/assets/javascripts/templates !
       %price-breakdown{"price-breakdown" => "_", variant: "variant",

app/assets/stylesheets/admin/components/wizard_progress.css.scss

@@ -19,6 +19,9 @@ ul.wizard-progress {
 		line-height: 30px;
 		padding: 0 25px 0 40px;
 		position: relative;
+		a {
+		  color: #494949;
+		}
 		&:first-child {
 			padding-left: 25px;
 			border-top-left-radius: 3px;
@@ -62,6 +65,9 @@ ul.wizard-progress {
 		&.current {
 			background-color: $color_selected;
 			color: #fff;
+			a {
+			  color: #fff;
+			}
 			&:after {
 				background-color: $color_selected;
 			}

app/assets/stylesheets/admin/openfoodnetwork.css.scss

@@ -255,6 +255,9 @@ text-angular {
       background-color: #4583bf;
     }
   }
+  a {
+    color: $spree-green
+  }
 }
 
 span.required {

app/controllers/admin/bulk_line_items_controller.rb

@@ -4,9 +4,17 @@ module Admin
     #
     def index
       order_params = params[:q].andand.delete :order
-      orders = OpenFoodNetwork::Permissions.new(spree_current_user).editable_orders.ransack(order_params).result
-      line_items = OpenFoodNetwork::Permissions.new(spree_current_user).editable_line_items.where(order_id: orders).ransack(params[:q])
-      render_as_json line_items.result.reorder('order_id ASC, id ASC')
+
+      orders = OpenFoodNetwork::Permissions.new(spree_current_user).
+        editable_orders.ransack(order_params).result
+
+      line_items = OpenFoodNetwork::Permissions.new(spree_current_user).
+        editable_line_items.where(order_id: orders).
+        includes(variant: { option_values: :option_type }).
+        ransack(params[:q]).result.
+        reorder('spree_line_items.order_id ASC, spree_line_items.id ASC')
+
+      render_as_json line_items
     end
 
     # PUT /admin/bulk_line_items/:id.json

app/controllers/admin/cache_settings_controller.rb

@@ -1,27 +0,0 @@
-require 'open_food_network/products_cache_integrity_checker'
-
-module Admin
-  class CacheSettingsController < Spree::Admin::BaseController
-    def edit
-      @results = Exchange.cachable.map do |exchange|
-        checker = OpenFoodNetwork::ProductsCacheIntegrityChecker
-          .new(exchange.receiver, exchange.order_cycle)
-
-        {
-          distributor: exchange.receiver,
-          order_cycle: exchange.order_cycle,
-          status: checker.ok?,
-          diff: checker.diff
-        }
-      end
-    end
-
-    def update
-      Spree::Config.set(params[:preferences])
-
-      respond_to do |format|
-        format.html { redirect_to main_app.edit_admin_cache_settings_path }
-      end
-    end
-  end
-end

app/controllers/admin/customers_controller.rb

@@ -63,6 +63,7 @@ module Admin
 
     def collection
       return Customer.where("1=0") unless json_request? && params[:enterprise_id].present?
+
       enterprise = Enterprise.managed_by(spree_current_user).find_by_id(params[:enterprise_id])
       Customer.of(enterprise)
     end

app/controllers/admin/enterprises_controller.rb

@@ -148,7 +148,8 @@ module Admin
 
         unless enterprises.empty?
           enterprises.includes(
-            supplied_products: [:supplier, :variants, master: [:images]]
+            supplied_products:
+              [:supplier, master: [:images], variants: { option_values: :option_type }]
           )
         end
       when :index

app/controllers/admin/order_cycles_controller.rb

@@ -2,6 +2,7 @@ module Admin
   class OrderCyclesController < ResourceController
     include OrderCyclesHelper
 
+    prepend_before_filter :set_order_cycle_id, only: [:incoming, :outgoing]
     before_filter :load_data_for_index, only: :index
     before_filter :require_coordinator, only: :new
     before_filter :remove_protected_attrs, only: [:update]
@@ -12,7 +13,10 @@ module Admin
       respond_to do |format|
         format.html
         format.json do
-          render_as_json @collection, ams_prefix: params[:ams_prefix], current_user: spree_current_user, subscriptions_count: SubscriptionsCount.new(@collection)
+          render_as_json @collection,
+                         ams_prefix: params[:ams_prefix],
+                         current_user: spree_current_user,
+                         subscriptions_count: SubscriptionsCount.new(@collection)
         end
       end
     end
@@ -40,12 +44,17 @@ module Admin
 
       if @order_cycle_form.save
         flash[:notice] = I18n.t(:order_cycles_create_notice)
-        render json: { success: true }
+        render json: { success: true,
+                       edit_path: main_app.admin_order_cycle_incoming_path(@order_cycle) }
       else
         render json: { errors: @order_cycle.errors.full_messages }, status: :unprocessable_entity
       end
     end
 
+    def set_order_cycle_id
+      params[:id] = params[:order_cycle_id]
+    end
+
     def update
       @order_cycle_form = OrderCycleForm.new(@order_cycle, params, spree_current_user)
 
@@ -62,7 +71,10 @@ module Admin
 
     def bulk_update
       if order_cycle_set.andand.save
-        render_as_json @order_cycles, ams_prefix: 'index', current_user: spree_current_user, subscriptions_count: SubscriptionsCount.new(@collection)
+        render_as_json @order_cycles,
+                       ams_prefix: 'index',
+                       current_user: spree_current_user,
+                       subscriptions_count: SubscriptionsCount.new(@collection)
       else
         order_cycle = order_cycle_set.collection.find{ |oc| oc.errors.present? }
         render json: { errors: order_cycle.errors.full_messages }, status: :unprocessable_entity
@@ -72,14 +84,16 @@ module Admin
     def clone
       @order_cycle = OrderCycle.find params[:id]
       @order_cycle.clone!
-      redirect_to main_app.admin_order_cycles_path, notice: I18n.t(:order_cycles_clone_notice, name: @order_cycle.name)
+      redirect_to main_app.admin_order_cycles_path,
+                  notice: I18n.t(:order_cycles_clone_notice, name: @order_cycle.name)
     end
 
     # Send notifications to all producers who are part of the order cycle
     def notify_producers
       Delayed::Job.enqueue OrderCycleNotificationJob.new(params[:id].to_i)
 
-      redirect_to main_app.admin_order_cycles_path, notice: I18n.t(:order_cycles_email_to_producers_notice)
+      redirect_to main_app.admin_order_cycles_path,
+                  notice: I18n.t(:order_cycles_email_to_producers_notice)
     end
 
     protected
@@ -87,20 +101,9 @@ module Admin
     def collection
       return Enterprise.where("1=0") unless json_request?
       return order_cycles_from_set if params[:order_cycle_set]
-      ocs = if params[:as] == "distributor"
-              OrderCycle.preload(:schedules).ransack(params[:q]).result.
-                involving_managed_distributors_of(spree_current_user).order('updated_at DESC')
-            elsif params[:as] == "producer"
-              OrderCycle.preload(:schedules).ransack(params[:q]).result.
-                involving_managed_producers_of(spree_current_user).order('updated_at DESC')
-            else
-              OrderCycle.preload(:schedules).ransack(params[:q]).result.accessible_by(spree_current_user)
-      end
 
-      ocs.undated |
-        ocs.soonest_closing |
-        ocs.soonest_opening |
-        ocs.closed
+      ocs = order_cycles
+      ocs.undated | ocs.soonest_closing | ocs.soonest_opening | ocs.closed
     end
 
     def collection_actions
@@ -109,21 +112,60 @@ module Admin
 
     private
 
+    def order_cycles
+      if params[:as] == "distributor"
+        order_cycles_as_distributor
+      elsif params[:as] == "producer"
+        order_cycles_as_producer
+      else
+        order_cycles_as_both
+      end
+    end
+
+    def order_cycles_as_distributor
+      OrderCycle.
+        preload(:schedules).
+        ransack(params[:q]).
+        result.
+        involving_managed_distributors_of(spree_current_user).
+        order('updated_at DESC')
+    end
+
+    def order_cycles_as_producer
+      OrderCycle.
+        preload(:schedules).
+        ransack(params[:q]).
+        result.
+        involving_managed_producers_of(spree_current_user).
+        order('updated_at DESC')
+    end
+
+    def order_cycles_as_both
+      OrderCycle.
+        preload(:schedules).
+        ransack(params[:q]).
+        result.
+        accessible_by(spree_current_user)
+    end
+
     def load_data_for_index
       if json_request?
-        # Split ransack params into all those that currently exist and new ones to limit returned ocs to recent or undated
+        # Split ransack params into all those that currently exist and new ones
+        #   to limit returned ocs to recent or undated
         orders_close_at_gt = params[:q].andand.delete(:orders_close_at_gt) || 31.days.ago
         params[:q] = {
-          g: [params.delete(:q) || {}, { m: 'or', orders_close_at_gt: orders_close_at_gt, orders_close_at_null: true }]
+          g: [params.delete(:q) || {}, { m: 'or',
+                                         orders_close_at_gt: orders_close_at_gt,
+                                         orders_close_at_null: true }]
         }
         @collection = collection
       end
     end
 
     def require_coordinator
-      if params[:coordinator_id] && @order_cycle.coordinator = permitted_coordinating_enterprises_for(@order_cycle).find_by_id(params[:coordinator_id])
-        return
-      end
+      @order_cycle.coordinator =
+        permitted_coordinating_enterprises_for(@order_cycle).find_by_id(params[:coordinator_id])
+      return if params[:coordinator_id] && @order_cycle.coordinator
 
       available_coordinators = permitted_coordinating_enterprises_for(@order_cycle)
       case available_coordinators.count
@@ -133,7 +175,9 @@ module Admin
       when 1
         @order_cycle.coordinator = available_coordinators.first
       else
-        flash[:error] = I18n.t(:order_cycles_no_permission_to_create_error) if params[:coordinator_id]
+        if params[:coordinator_id]
+          flash[:error] = I18n.t(:order_cycles_no_permission_to_create_error)
+        end
         render :set_coordinator
       end
     end
@@ -157,7 +201,9 @@ module Admin
       params[:order_cycle].delete :coordinator_id
 
       unless Enterprise.managed_by(spree_current_user).include?(@order_cycle.coordinator)
-        params[:order_cycle].delete_if{ |k, _v| [:name, :orders_open_at, :orders_close_at].include? k.to_sym }
+        params[:order_cycle].delete_if do |k, _v|
+          [:name, :orders_open_at, :orders_close_at].include? k.to_sym
+        end
       end
     end
 
@@ -181,7 +227,9 @@ module Admin
 
     def require_order_cycle_set_params
       return if params[:order_cycle_set]
-      render json: { errors: t('admin.order_cycles.bulk_update.no_data') }, status: :unprocessable_entity
+
+      render json: { errors: t('admin.order_cycles.bulk_update.no_data') },
+             status: :unprocessable_entity
     end
 
     def ams_prefix_whitelist

app/controllers/admin/product_import_controller.rb

@@ -23,11 +23,13 @@ module Admin
 
     def validate_data
       return unless process_data('validate')
+
       render json: @importer.import_results, response: 200
     end
 
     def save_data
       return unless process_data('save')
+
       render json: @importer.save_results, response: 200
     end
 

app/controllers/admin/schedules_controller.rb

@@ -31,6 +31,7 @@ module Admin
 
     def collection
       return Schedule.where("1=0") unless json_request?
+
       if params[:enterprise_id]
         filter_schedules_by_enterprise_id(permissions.visible_schedules, params[:enterprise_id])
       else
@@ -49,6 +50,7 @@ module Admin
 
     def check_editable_order_cycle_ids
       return unless params[:schedule][:order_cycle_ids]
+
       requested = params[:schedule][:order_cycle_ids]
       @existing_order_cycle_ids = @schedule.persisted? ? @schedule.order_cycle_ids : []
       permitted = OrderCycle.where(id: params[:schedule][:order_cycle_ids] | @existing_order_cycle_ids).merge(OrderCycle.managed_by(spree_current_user)).pluck(:id)
@@ -61,19 +63,23 @@ module Admin
 
     def check_dependent_subscriptions
       return if Subscription.where(schedule_id: @schedule).empty?
+
       render json: { errors: [t('admin.schedules.destroy.associated_subscriptions_error')] }, status: :conflict
     end
 
     def permissions
       return @permissions unless @permission.nil?
+
       @permissions = OpenFoodNetwork::Permissions.new(spree_current_user)
     end
 
     def sync_subscriptions
       return unless params[:schedule][:order_cycle_ids]
+
       removed_ids = @existing_order_cycle_ids - @schedule.order_cycle_ids
       new_ids = @schedule.order_cycle_ids - @existing_order_cycle_ids
       return unless removed_ids.any? || new_ids.any?
+
       subscriptions = Subscription.where(schedule_id: @schedule)
       syncer = OpenFoodNetwork::ProxyOrderSyncer.new(subscriptions)
       syncer.sync!

app/controllers/admin/stripe_accounts_controller.rb

@@ -27,8 +27,10 @@ module Admin
 
     def status
       return render json: { status: :stripe_disabled } unless Spree::Config.stripe_connect_enabled
+
       stripe_account = StripeAccount.find_by_enterprise_id(params[:enterprise_id])
       return render json: { status: :account_missing } unless stripe_account
+
       authorize! :status, stripe_account
 
       begin

app/controllers/admin/stripe_connect_settings_controller.rb

@@ -8,6 +8,7 @@ module Admin
 
     def edit
       return @stripe_account = { status: :empty_api_key_error_html } if Stripe.api_key.blank?
+
       attrs = %i[id business_name charges_enabled]
       @obfuscated_secret_key = obfuscated_secret_key
       @stripe_account = Stripe::Account.retrieve.to_hash.slice(*attrs).merge(status: :ok)

app/controllers/admin/subscription_line_items_controller.rb

@@ -36,17 +36,20 @@ module Admin
 
     def ensure_shop
       return if @shop
+
       render json: { errors: ['Unauthorised'] }, status: :unauthorized
     end
 
     def ensure_variant
       return if @variant
+
       error = "#{@shop.name} is not permitted to sell the selected product"
       render json: { errors: [error] }, status: :unprocessable_entity
     end
 
     def price_estimate
       return unless @order_cycle
+
       fee_calculator = OpenFoodNetwork::EnterpriseFeeCalculator.new(@shop, @order_cycle)
       OpenFoodNetwork::ScopeVariantToHub.new(@shop).scope(@variant)
       @variant.price + fee_calculator.indexed_fees_for(@variant)

app/controllers/admin/subscriptions_controller.rb

@@ -80,6 +80,7 @@ module Admin
 
     def permissions
       return @permissions unless @permissions.nil?
+
       @permissions = OpenFoodNetwork::Permissions.new(spree_current_user)
     end
 
@@ -126,14 +127,17 @@ module Admin
 
     def check_for_open_orders
       return if params[:open_orders] == 'cancel'
+
       @open_orders_to_keep = @subscription.proxy_orders.placed_and_open.pluck(:id)
       return if @open_orders_to_keep.empty? || params[:open_orders] == 'keep'
+
       render json: { errors: { open_orders: t('admin.subscriptions.confirm_cancel_open_orders_msg') } }, status: :conflict
     end
 
     def check_for_canceled_orders
       return if params[:canceled_orders] == 'notified'
       return if @subscription.proxy_orders.active.canceled.empty?
+
       render json: { errors: { canceled_orders: t('admin.subscriptions.resume_canceled_orders_msg') } }, status: :conflict
     end
 

app/controllers/api/base_controller.rb

@@ -1,16 +1,44 @@
 # Base controller for OFN's API
-# Includes the minimum machinery required by ActiveModelSerializers
+require_dependency 'spree/api/controller_setup'
+
 module Api
-  class BaseController < Spree::Api::BaseController
-    # Need to include these because Spree::Api::BaseContoller inherits
-    # from ActionController::Metal rather than ActionController::Base
-    # and they are required by ActiveModelSerializers
+  class BaseController < ActionController::Metal
+    include Spree::Api::ControllerSetup
+    include Spree::Core::ControllerHelpers::SSL
+    include ::ActionController::Head
+
+    respond_to :json
+
+    attr_accessor :current_api_user
+
+    before_filter :set_content_type
+    before_filter :authenticate_user
+    after_filter  :set_jsonp_format
+
+    rescue_from Exception, with: :error_during_processing
+    rescue_from CanCan::AccessDenied, with: :unauthorized
+    rescue_from ActiveRecord::RecordNotFound, with: :not_found
+
+    helper Spree::Api::ApiHelpers
+
+    ssl_allowed
+
+    # Include these because we inherit from ActionController::Metal
+    #   rather than ActionController::Base and these are required for AMS
     include ActionController::Serialization
     include ActionController::UrlFor
     include Rails.application.routes.url_helpers
+
     use_renderers :json
     check_authorization
 
+    def set_jsonp_format
+      return unless params[:callback] && request.get?
+
+      self.response_body = "#{params[:callback]}(#{response_body})"
+      headers["Content-Type"] = 'application/javascript'
+    end
+
     def respond_with_conflict(json_hash)
       render json: json_hash, status: :conflict
     end
@@ -19,16 +47,63 @@ module Api
 
     # Use logged in user (spree_current_user) for API authentication (current_api_user)
     def authenticate_user
-      @current_api_user = try_spree_current_user
-      super
+      return if @current_api_user = try_spree_current_user
+
+      if api_key.blank?
+        # An anonymous user
+        @current_api_user = Spree.user_class.new
+        return
+      end
+
+      return if @current_api_user = Spree.user_class.find_by_spree_api_key(api_key.to_s)
+
+      invalid_api_key
     end
 
-    # Allows API access without authentication, but only for OFN controllers which inherit
-    # from Api::BaseController. @current_api_user will now initialize an empty Spree::User
-    # unless one is present. We now also apply devise's `check_authorization`. See here for
-    # details: https://github.com/CanCanCommunity/cancancan/wiki/Ensure-Authorization
-    def requires_authentication?
-      false
+    def set_content_type
+      content_type = case params[:format]
+                     when "json"
+                       "application/json"
+                     when "xml"
+                       "text/xml"
+                     end
+      headers["Content-Type"] = content_type
+    end
+
+    def error_during_processing(exception)
+      render(text: { exception: exception.message }.to_json,
+             status: :unprocessable_entity) && return
+    end
+
+    def current_ability
+      Spree::Ability.new(current_api_user)
+    end
+
+    def api_key
+      request.headers["X-Spree-Token"] || params[:token]
+    end
+    helper_method :api_key
+
+    def invalid_resource!(resource)
+      @resource = resource
+      render(json: { error: I18n.t(:invalid_resource, scope: "spree.api"),
+                     errors: @resource.errors },
+             status: :unprocessable_entity)
+    end
+
+    def invalid_api_key
+      render(json: { error: I18n.t(:invalid_api_key, key: api_key, scope: "spree.api") },
+             status: :unauthorized) && return
+    end
+
+    def unauthorized
+      render(json: { error: I18n.t(:unauthorized, scope: "spree.api") },
+             status: :unauthorized) && return
+    end
+
+    def not_found
+      render(json: { error: I18n.t(:resource_not_found, scope: "spree.api") },
+             status: :not_found) && return
     end
   end
 end

app/controllers/api/enterprise_attachment_controller.rb

@@ -27,6 +27,7 @@ module Api
     def load_enterprise
       @enterprise = Enterprise.find_by_permalink(params[:enterprise_id].to_s)
       raise UnknownEnterpriseAuthorizationActionError if enterprise_authorize_action.blank?
+
       authorize!(enterprise_authorize_action, @enterprise)
     end
 

app/controllers/api/order_cycles_controller.rb

@@ -0,0 +1,88 @@
+module Api
+  class OrderCyclesController < BaseController
+    include EnterprisesHelper
+    respond_to :json
+
+    skip_authorization_check
+
+    def products
+      products = ProductsRenderer.new(
+        distributor,
+        order_cycle,
+        customer,
+        search_params
+      ).products_json
+
+      render json: products
+    rescue ProductsRenderer::NoProducts
+      render status: :not_found, json: ''
+    end
+
+    def taxons
+      taxons = Spree::Taxon.
+        joins(:products).
+        where(spree_products: { id: distributed_products }).
+        select('DISTINCT spree_taxons.*')
+
+      render json: ActiveModel::ArraySerializer.new(taxons, each_serializer: Api::TaxonSerializer)
+    end
+
+    def properties
+      render json: ActiveModel::ArraySerializer.new(
+        product_properties | producer_properties, each_serializer: Api::PropertySerializer
+      )
+    end
+
+    private
+
+    def product_properties
+      Spree::Property.
+        joins(:products).
+        where(spree_products: { id: distributed_products }).
+        select('DISTINCT spree_properties.*')
+    end
+
+    def producer_properties
+      producers = Enterprise.
+        joins(:supplied_products).
+        where(spree_products: { id: distributed_products })
+
+      Spree::Property.
+        joins(:producer_properties).
+        where(producer_properties: { producer_id: producers }).
+        select('DISTINCT spree_properties.*')
+    end
+
+    def search_params
+      permitted_search_params = params.slice :q, :page, :per_page
+
+      if permitted_search_params.key? :q
+        permitted_search_params[:q].slice!(*permitted_ransack_params)
+      end
+
+      permitted_search_params
+    end
+
+    def permitted_ransack_params
+      [:name_or_meta_keywords_or_supplier_name_cont,
+       :properties_id_or_supplier_properties_id_in_any,
+       :primary_taxon_id_in_any]
+    end
+
+    def distributor
+      Enterprise.find_by_id(params[:distributor])
+    end
+
+    def order_cycle
+      OrderCycle.find_by_id(params[:id])
+    end
+
+    def customer
+      @current_api_user.andand.customer_of(distributor) || nil
+    end
+
+    def distributed_products
+      OrderCycleDistributedProducts.new(distributor, order_cycle, customer).products_relation
+    end
+  end
+end

app/controllers/api/orders_controller.rb

@@ -1,5 +1,10 @@
 module Api
   class OrdersController < BaseController
+    def show
+      authorize! :read, order
+      render json: order, serializer: Api::OrderDetailedSerializer, current_order: order
+    end
+
     def index
       authorize! :admin, Spree::Order
 
@@ -19,5 +24,12 @@ module Api
         each_serializer: Api::Admin::OrderSerializer
       )
     end
+
+    def order
+      @order ||= Spree::Order.
+        where(number: params[:id]).
+        includes(line_items: { variant: [:product, :stock_items, :default_price] }).
+        first!
+    end
   end
 end

app/controllers/api/products_controller.rb

@@ -19,7 +19,7 @@ module Api
       @product = Spree::Product.new(params[:product])
       begin
         if @product.save
-          render json: @product, serializer: Api::Admin::ProductSerializer, status: 201
+          render json: @product, serializer: Api::Admin::ProductSerializer, status: :created
         else
           invalid_resource!(@product)
         end
@@ -33,7 +33,7 @@ module Api
       authorize! :update, Spree::Product
       @product = find_product(params[:id])
       if @product.update_attributes(params[:product])
-        render json: @product, serializer: Api::Admin::ProductSerializer, status: 200
+        render json: @product, serializer: Api::Admin::ProductSerializer, status: :ok
       else
         invalid_resource!(@product)
       end
@@ -44,10 +44,9 @@ module Api
       @product = find_product(params[:id])
       @product.update_attribute(:deleted_at, Time.zone.now)
       @product.variants_including_master.update_all(deleted_at: Time.zone.now)
-      render json: @product, serializer: Api::Admin::ProductSerializer, status: 204
+      render json: @product, serializer: Api::Admin::ProductSerializer, status: :no_content
     end
 
-    # TODO: This should be named 'managed'. Is the action above used? Maybe we should remove it.
     def bulk_products
       product_query = OpenFoodNetwork::Permissions.new(current_api_user).
         editable_products.merge(product_scope)
@@ -77,7 +76,7 @@ module Api
       @product = find_product(params[:product_id])
       authorize! :delete, @product
       @product.destroy
-      render json: @product, serializer: Api::Admin::ProductSerializer, status: 204
+      render json: @product, serializer: Api::Admin::ProductSerializer, status: :no_content
     end
 
     # POST /api/products/:product_id/clone
@@ -89,15 +88,18 @@ module Api
 
       @product = original_product.duplicate
 
-      render json: @product, serializer: Api::Admin::ProductSerializer, status: 201
+      render json: @product, serializer: Api::Admin::ProductSerializer, status: :created
     end
 
     private
 
-    # Copied and modified from SpreeApi::BaseController to allow
-    # enterprise users to access inactive products
+    def find_product(id)
+      product_scope.find_by_permalink!(id.to_s)
+    rescue ActiveRecord::RecordNotFound
+      product_scope.find(id)
+    end
+
     def product_scope
-      # This line modified
       if current_api_user.has_spree_role?("admin") || current_api_user.enterprises.present?
         scope = Spree::Product
         if params[:show_deleted]
@@ -107,7 +109,15 @@ module Api
         scope = Spree::Product.active
       end
 
-      scope.includes(:master)
+      scope.includes(product_query_includes)
+    end
+
+    def product_query_includes
+      [
+        master: [:images],
+        variants: [:default_price, :stock_locations, :stock_items, :variant_overrides,
+                   { option_values: :option_type }]
+      ]
     end
 
     def paged_products_for_producers(producers)
@@ -127,6 +137,9 @@ module Api
 
       render text: {
         products: serializer,
+        # This line is used by the PagedFetcher JS service (inventory).
+        pages: products.num_pages,
+        # This hash is used by the BulkProducts JS service.
         pagination: pagination_data(products)
       }.to_json
     end

app/controllers/api/shipments_controller.rb

@@ -0,0 +1,105 @@
+require 'open_food_network/scope_variant_to_hub'
+
+module Api
+  class ShipmentsController < Api::BaseController
+    respond_to :json
+
+    before_filter :find_order
+    before_filter :find_and_update_shipment, only: [:ship, :ready, :add, :remove]
+
+    def create
+      variant = scoped_variant(params[:variant_id])
+      quantity = params[:quantity].to_i
+      @shipment = get_or_create_shipment(params[:stock_location_id])
+
+      @order.contents.add(variant, quantity, nil, @shipment)
+
+      @shipment.refresh_rates
+      @shipment.save!
+
+      render json: @shipment.reload, serializer: Api::ShipmentSerializer, status: :ok
+    end
+
+    def update
+      authorize! :read, Spree::Shipment
+      @shipment = @order.shipments.find_by_number!(params[:id])
+      params[:shipment] ||= []
+      unlock = params[:shipment].delete(:unlock)
+
+      if unlock == 'yes'
+        @shipment.adjustment.open
+      end
+
+      @shipment.update_attributes(params[:shipment])
+
+      if unlock == 'yes'
+        @shipment.adjustment.close
+      end
+
+      render json: @shipment.reload, serializer: Api::ShipmentSerializer, status: :ok
+    end
+
+    def ready
+      authorize! :read, Spree::Shipment
+      unless @shipment.ready?
+        if @shipment.can_ready?
+          @shipment.ready!
+        else
+          render(json: { error: I18n.t(:cannot_ready, scope: "spree.api.shipment") },
+                 status: :unprocessable_entity) && return
+        end
+      end
+      render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
+    end
+
+    def ship
+      authorize! :read, Spree::Shipment
+      unless @shipment.shipped?
+        @shipment.ship!
+      end
+      render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
+    end
+
+    def add
+      variant = scoped_variant(params[:variant_id])
+      quantity = params[:quantity].to_i
+
+      @order.contents.add(variant, quantity, nil, @shipment)
+
+      render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
+    end
+
+    def remove
+      variant = scoped_variant(params[:variant_id])
+      quantity = params[:quantity].to_i
+
+      @order.contents.remove(variant, quantity, @shipment)
+      @shipment.reload if @shipment.persisted?
+
+      render json: @shipment, serializer: Api::ShipmentSerializer, status: :ok
+    end
+
+    private
+
+    def find_order
+      @order = Spree::Order.find_by_number!(params[:order_id])
+      authorize! :read, @order
+    end
+
+    def find_and_update_shipment
+      @shipment = @order.shipments.find_by_number!(params[:id])
+      @shipment.update_attributes(params[:shipment])
+      @shipment.reload
+    end
+
+    def scoped_variant(variant_id)
+      variant = Spree::Variant.find(variant_id)
+      OpenFoodNetwork::ScopeVariantToHub.new(@order.distributor).scope(variant)
+      variant
+    end
+
+    def get_or_create_shipment(stock_location_id)
+      @order.shipment || @order.shipments.create(stock_location_id: stock_location_id)
+    end
+  end
+end

app/controllers/api/statuses_controller.rb

@@ -10,7 +10,7 @@ module Api
 
     def job_queue_alive?
       Spree::Config.last_job_queue_heartbeat_at.present? &&
-        Time.parse(Spree::Config.last_job_queue_heartbeat_at) > 6.minutes.ago
+        Time.parse(Spree::Config.last_job_queue_heartbeat_at).in_time_zone > 6.minutes.ago
     end
   end
 end

app/controllers/api/taxonomies_controller.rb

@@ -0,0 +1,12 @@
+module Api
+  class TaxonomiesController < Api::BaseController
+    respond_to :json
+
+    skip_authorization_check only: :jstree
+
+    def jstree
+      @taxonomy = Spree::Taxonomy.find(params[:id])
+      render json: @taxonomy.root, serializer: Api::TaxonJstreeSerializer
+    end
+  end
+end

app/controllers/api/taxons_controller.rb

@@ -0,0 +1,72 @@
+module Api
+  class TaxonsController < Api::BaseController
+    respond_to :json
+
+    skip_authorization_check only: [:index, :show, :jstree]
+
+    def index
+      if taxonomy
+        @taxons = taxonomy.root.children
+      else
+        if params[:ids]
+          @taxons = Spree::Taxon.where(id: params[:ids].split(","))
+        else
+          @taxons = Spree::Taxon.ransack(params[:q]).result
+        end
+      end
+      render json: @taxons, each_serializer: Api::TaxonSerializer
+    end
+
+    def jstree
+      @taxon = taxon
+      render json: @taxon.children, each_serializer: Api::TaxonJstreeSerializer
+    end
+
+    def create
+      authorize! :create, Spree::Taxon
+      @taxon = Spree::Taxon.new(params[:taxon])
+      @taxon.taxonomy_id = params[:taxonomy_id]
+      taxonomy = Spree::Taxonomy.find_by_id(params[:taxonomy_id])
+
+      if taxonomy.nil?
+        @taxon.errors[:taxonomy_id] = I18n.t(:invalid_taxonomy_id, scope: 'spree.api')
+        invalid_resource!(@taxon) && return
+      end
+
+      @taxon.parent_id = taxonomy.root.id unless params[:taxon][:parent_id]
+
+      if @taxon.save
+        render json: @taxon, serializer: Api::TaxonSerializer, status: :created
+      else
+        invalid_resource!(@taxon)
+      end
+    end
+
+    def update
+      authorize! :update, Spree::Taxon
+      if taxon.update_attributes(params[:taxon])
+        render json: taxon, serializer: Api::TaxonSerializer, status: :ok
+      else
+        invalid_resource!(taxon)
+      end
+    end
+
+    def destroy
+      authorize! :delete, Spree::Taxon
+      taxon.destroy
+      render json: taxon, serializer: Api::TaxonSerializer, status: :no_content
+    end
+
+    private
+
+    def taxonomy
+      return if params[:taxonomy_id].blank?
+
+      @taxonomy ||= Spree::Taxonomy.find(params[:taxonomy_id])
+    end
+
+    def taxon
+      @taxon ||= taxonomy.taxons.find(params[:id])
+    end
+  end
+end

app/controllers/api/variants_controller.rb

@@ -6,12 +6,12 @@ module Api
     before_filter :product
 
     def index
-      @variants = scope.includes(:option_values).ransack(params[:q]).result
+      @variants = scope.includes(option_values: :option_type).ransack(params[:q]).result
       render json: @variants, each_serializer: Api::VariantSerializer
     end
 
     def show
-      @variant = scope.includes(:option_values).find(params[:id])
+      @variant = scope.includes(option_values: :option_type).find(params[:id])
       render json: @variant, serializer: Api::VariantSerializer
     end
 
@@ -19,7 +19,7 @@ module Api
       authorize! :create, Spree::Variant
       @variant = scope.new(params[:variant])
       if @variant.save
-        render json: @variant, serializer: Api::VariantSerializer, status: 201
+        render json: @variant, serializer: Api::VariantSerializer, status: :created
       else
         invalid_resource!(@variant)
       end
@@ -29,7 +29,7 @@ module Api
       authorize! :update, Spree::Variant
       @variant = scope.find(params[:id])
       if @variant.update_attributes(params[:variant])
-        render json: @variant, serializer: Api::VariantSerializer, status: 200
+        render json: @variant, serializer: Api::VariantSerializer, status: :ok
       else
         invalid_resource!(@product)
       end
@@ -40,14 +40,14 @@ module Api
       authorize! :delete, @variant
 
       VariantDeleter.new.delete(@variant)
-      render json: @variant, serializer: Api::VariantSerializer, status: 204
+      render json: @variant, serializer: Api::VariantSerializer, status: :no_content
     end
 
     def destroy
       authorize! :delete, Spree::Variant
       @variant = scope.find(params[:id])
       @variant.destroy
-      render json: @variant, serializer: Api::VariantSerializer, status: 204
+      render json: @variant, serializer: Api::VariantSerializer, status: :no_content
     end
 
     private
@@ -58,11 +58,11 @@ module Api
 
     def scope
       if @product
-        unless current_api_user.has_spree_role?("admin") || params[:show_deleted]
-          variants = @product.variants_including_master
-        else
-          variants = @product.variants_including_master.with_deleted
-        end
+        variants = if current_api_user.has_spree_role?("admin") || params[:show_deleted]
+                     @product.variants_including_master.with_deleted
+                   else
+                     @product.variants_including_master
+                   end
       else
         variants = Spree::Variant.scoped
         if current_api_user.has_spree_role?("admin")

app/controllers/application_controller.rb

@@ -47,6 +47,7 @@ class ApplicationController < ActionController::Base
 
   def after_sign_in_path_for(resource_or_scope)
     return session[:shopfront_redirect] if session[:shopfront_redirect]
+
     stored_location_for(resource_or_scope) || signed_in_root_path(resource_or_scope)
   end
 

app/controllers/checkout_controller.rb

@@ -3,6 +3,10 @@ require 'open_food_network/address_finder'
 class CheckoutController < Spree::CheckoutController
   layout 'darkswarm'
 
+  # We need pessimistic locking to avoid race conditions.
+  # Otherwise we fail on duplicate indexes or end up with negative stock.
+  prepend_around_filter CurrentOrderLocker, only: :update
+
   prepend_before_filter :check_hub_ready_for_checkout
   prepend_before_filter :check_order_cycle_expiry
   prepend_before_filter :require_order_cycle
@@ -152,7 +156,7 @@ class CheckoutController < Spree::CheckoutController
   end
 
   def update_failed
-    clear_ship_address
+    current_order.updater.shipping_address_from_distributor
     RestartCheckout.new(@order).call
 
     respond_to do |format|
@@ -165,15 +169,6 @@ class CheckoutController < Spree::CheckoutController
     end
   end
 
-  # When we have a pickup Shipping Method,
-  #   we clone the distributor address into ship_address before_save
-  # We don't want this data in the form, so we clear it out
-  def clear_ship_address
-    unless current_order.shipping_method.andand.require_ship_address
-      current_order.ship_address = Spree::Address.default
-    end
-  end
-
   def load_order
     @order = current_order
     redirect_to(main_app.shop_path) && return unless @order && @order.checkout_allowed?

app/controllers/enterprises_controller.rb

@@ -16,6 +16,7 @@ class EnterprisesController < BaseController
 
   def shop
     return redirect_to main_app.cart_path unless enough_stock?
+
     set_noindex_meta_tag
 
     @enterprise = current_distributor

app/controllers/line_items_controller.rb

@@ -23,6 +23,7 @@ class LineItemsController < BaseController
   # List all items the user already ordered in the current order cycle
   def bought_items
     return [] unless current_order_cycle && spree_current_user && current_distributor
+
     current_order_cycle.items_bought_by_user(spree_current_user, current_distributor)
   end
 

app/controllers/shop_controller.rb

@@ -1,5 +1,3 @@
-require 'open_food_network/cached_products_renderer'
-
 class ShopController < BaseController
   layout "darkswarm"
   before_filter :require_distributor_chosen, :set_order_cycles, except: :changeable_orders_alert
@@ -9,19 +7,6 @@ class ShopController < BaseController
     redirect_to main_app.enterprise_shop_path(current_distributor)
   end
 
-  def products
-    renderer = OpenFoodNetwork::CachedProductsRenderer.new(current_distributor,
-                                                           current_order_cycle)
-
-    # If we add any more filtering logic, we should probably
-    # move it all to a lib class like 'CachedProductsFilterer'
-    products_json = filter(renderer.products_json)
-
-    render json: products_json
-  rescue OpenFoodNetwork::CachedProductsRenderer::NoProducts
-    render status: :not_found, json: ''
-  end
-
   def order_cycle
     if request.post?
       if oc = OrderCycle.with_distributor(@distributor).active.find_by_id(params[:order_cycle_id])
@@ -39,27 +24,4 @@ class ShopController < BaseController
   def changeable_orders_alert
     render layout: false
   end
-
-  private
-
-  def filtered_json(products_json)
-    if applicator.rules.any?
-      filter(products_json)
-    else
-      products_json
-    end
-  end
-
-  def filter(products_json)
-    products_hash = JSON.parse(products_json)
-    applicator.filter!(products_hash)
-    JSON.unparse(products_hash)
-  end
-
-  def applicator
-    return @applicator unless @applicator.nil?
-    @applicator = OpenFoodNetwork::TagRuleApplicator.new(current_distributor,
-                                                         "FilterProducts",
-                                                         current_customer.andand.tag_list)
-  end
 end

app/controllers/spree/admin/base_controller_decorator.rb

@@ -54,6 +54,7 @@ Spree::Admin::BaseController.class_eval do
     if Spree.const_defined?(const_name)
       return "Spree::#{const_name}".constantize
     end
+
     nil
   end
 

app/controllers/spree/admin/countries_controller.rb

@@ -0,0 +1,9 @@
+module Spree
+  module Admin
+    class CountriesController < ResourceController
+      def collection
+        super.order(:name)
+      end
+    end
+  end
+end

app/controllers/spree/admin/general_settings_controller.rb

@@ -0,0 +1,37 @@
+module Spree
+  module Admin
+    class GeneralSettingsController < Spree::Admin::BaseController
+      def edit
+        @preferences_general = [:site_name, :default_seo_title, :default_meta_keywords,
+                                :default_meta_description, :site_url, :bugherd_api_key]
+        @preferences_security = [:allow_ssl_in_production,
+                                 :allow_ssl_in_staging, :allow_ssl_in_development_and_test,
+                                 :check_for_spree_alerts]
+        @preferences_currency = [:display_currency, :hide_cents]
+      end
+
+      def update
+        params.each do |name, value|
+          next unless Spree::Config.has_preference? name
+
+          Spree::Config[name] = value
+        end
+        flash[:success] = Spree.t(:successfully_updated, resource: Spree.t(:general_settings))
+
+        redirect_to edit_admin_general_settings_path
+      end
+
+      def dismiss_alert
+        return unless request.xhr? && params[:alert_id]
+
+        dismissed = Spree::Config[:dismissed_spree_alerts] || ''
+        Spree::Config.set(dismissed_spree_alerts: dismissed.
+                                                    split(',').
+                                                    push(params[:alert_id]).
+                                                    join(','))
+        filter_dismissed_alerts
+        render nothing: true
+      end
+    end
+  end
+end

app/controllers/spree/admin/general_settings_controller_decorator.rb

@@ -1,14 +0,0 @@
-module Spree
-  module Admin
-    GeneralSettingsController.class_eval do
-    end
-
-    module GeneralSettingsEditPreferences
-      def edit
-        super
-        @preferences_general << :bugherd_api_key
-      end
-    end
-    GeneralSettingsController.prepend(GeneralSettingsEditPreferences)
-  end
-end

app/controllers/spree/admin/image_settings_controller.rb

@@ -0,0 +1,79 @@
+module Spree
+  module Admin
+    class ImageSettingsController < Spree::Admin::BaseController
+      def edit
+        @styles = ActiveSupport::JSON.decode(Spree::Config[:attachment_styles])
+        @headers = ActiveSupport::JSON.decode(Spree::Config[:s3_headers])
+      end
+
+      def update
+        update_styles(params)
+        update_headers(params) if Spree::Config[:use_s3]
+
+        Spree::Config.set(params[:preferences])
+        update_paperclip_settings
+
+        respond_to do |format|
+          format.html {
+            flash[:success] = Spree.t(:image_settings_updated)
+            redirect_to spree.edit_admin_image_settings_path
+          }
+        end
+      end
+
+      private
+
+      def update_styles(params)
+        if params[:new_attachment_styles].present?
+          params[:new_attachment_styles].each do |_index, style|
+            params[:attachment_styles][style[:name]] = style[:value] unless style[:value].empty?
+          end
+        end
+
+        styles = params[:attachment_styles]
+
+        Spree::Config[:attachment_styles] = ActiveSupport::JSON.encode(styles) unless styles.nil?
+      end
+
+      def update_headers(params)
+        if params[:new_s3_headers].present?
+          params[:new_s3_headers].each do |_index, header|
+            params[:s3_headers][header[:name]] = header[:value] unless header[:value].empty?
+          end
+        end
+
+        headers = params[:s3_headers]
+
+        Spree::Config[:s3_headers] = ActiveSupport::JSON.encode(headers) unless headers.nil?
+      end
+
+      def update_paperclip_settings
+        if Spree::Config[:use_s3]
+          s3_creds = { access_key_id: Spree::Config[:s3_access_key],
+                       secret_access_key: Spree::Config[:s3_secret],
+                       bucket: Spree::Config[:s3_bucket] }
+          Spree::Image.attachment_definitions[:attachment][:storage] = :s3
+          Spree::Image.attachment_definitions[:attachment][:s3_credentials] = s3_creds
+          Spree::Image.attachment_definitions[:attachment][:s3_headers] =
+            ActiveSupport::JSON.decode(Spree::Config[:s3_headers])
+          Spree::Image.attachment_definitions[:attachment][:bucket] = Spree::Config[:s3_bucket]
+        else
+          Spree::Image.attachment_definitions[:attachment].delete :storage
+        end
+
+        Spree::Image.attachment_definitions[:attachment][:styles] =
+          ActiveSupport::JSON.decode(Spree::Config[:attachment_styles]).symbolize_keys!
+        Spree::Image.attachment_definitions[:attachment][:path] = Spree::Config[:attachment_path]
+        Spree::Image.attachment_definitions[:attachment][:default_url] =
+          Spree::Config[:attachment_default_url]
+        Spree::Image.attachment_definitions[:attachment][:default_style] =
+          Spree::Config[:attachment_default_style]
+
+        # Spree stores attachent definitions in JSON. This converts the style name and format to
+        # strings. However, when paperclip encounters these, it doesn't recognise the format.
+        # Here we solve that problem by converting format and style name to symbols.
+        Spree::Image.reformat_styles
+      end
+    end
+  end
+end

app/controllers/spree/admin/image_settings_controller_decorator.rb

@@ -1,11 +0,0 @@
-Spree::Admin::ImageSettingsController.class_eval do
-  # Spree stores attachent definitions in JSON. This converts the style name and format to
-  # strings. However, when paperclip encounters these, it doesn't recognise the format.
-  # Here we solve that problem by converting format and style name to symbols.
-  def update_paperclip_settings_with_format_styles
-    update_paperclip_settings_without_format_styles
-    Spree::Image.reformat_styles
-  end
-
-  alias_method_chain :update_paperclip_settings, :format_styles
-end

app/controllers/spree/admin/images_controller.rb

@@ -0,0 +1,39 @@
+module Spree
+  module Admin
+    class ImagesController < ResourceController
+      # This will make resource controller redirect correctly after deleting product images.
+      # This can be removed after upgrading to Spree 2.1.
+      # See here https://github.com/spree/spree/commit/334a011d2b8e16355e4ae77ae07cd93f7cbc8fd1
+      belongs_to 'spree/product', find_by: :permalink
+
+      before_filter :load_data
+
+      create.before :set_viewable
+      update.before :set_viewable
+      destroy.before :destroy_before
+
+      private
+
+      def location_after_save
+        admin_product_images_url(@product)
+      end
+
+      def load_data
+        @product = Product.find_by_permalink(params[:product_id])
+        @variants = @product.variants.collect do |variant|
+          [variant.options_text, variant.id]
+        end
+        @variants.insert(0, [Spree.t(:all), @product.master.id])
+      end
+
+      def set_viewable
+        @image.viewable_type = 'Spree::Variant'
+        @image.viewable_id = params[:image][:viewable_id]
+      end
+
+      def destroy_before
+        @viewable = @image.viewable
+      end
+    end
+  end
+end

app/controllers/spree/admin/images_controller_decorator.rb

@@ -1,6 +0,0 @@
-Spree::Admin::ImagesController.class_eval do
-  # This will make resource controller redirect correctly after deleting product images.
-  # This can be removed after upgrading to Spree 2.1.
-  # See here https://github.com/spree/spree/commit/334a011d2b8e16355e4ae77ae07cd93f7cbc8fd1
-  belongs_to 'spree/product', find_by: :permalink
-end

app/controllers/spree/admin/mail_methods_controller.rb

@@ -0,0 +1,40 @@
+module Spree
+  module Admin
+    class MailMethodsController < Spree::Admin::BaseController
+      after_filter :initialize_mail_settings
+
+      def update
+        if params[:smtp_password].blank?
+          params.delete(:smtp_password)
+        end
+
+        params.each do |name, value|
+          next unless Spree::Config.has_preference? name
+
+          Spree::Config[name] = value
+        end
+
+        flash[:success] = Spree.t(:successfully_updated, resource: Spree.t(:mail_methods))
+        render :edit
+      end
+
+      def testmail
+        if TestMailer.test_email(try_spree_current_user).deliver
+          flash[:success] = Spree.t('admin.mail_methods.testmail.delivery_success')
+        else
+          flash[:error] = Spree.t('admin.mail_methods.testmail.delivery_error')
+        end
+      rescue StandardError => e
+        flash[:error] = Spree.t('admin.mail_methods.testmail.error') % { e: e }
+      ensure
+        redirect_to edit_admin_mail_method_url
+      end
+
+      private
+
+      def initialize_mail_settings
+        Spree::Core::MailSettings.init
+      end
+    end
+  end
+end

app/controllers/spree/admin/orders/customer_details_controller_decorator.rb

@@ -43,6 +43,7 @@ Spree::Admin::Orders::CustomerDetailsController.class_eval do
     params[:order][:guest_checkout] = registered_user.nil?
 
     return unless registered_user
+
     @order.user_id = registered_user.id
   end
 end

app/controllers/spree/admin/orders_controller_decorator.rb

@@ -3,7 +3,6 @@ require 'open_food_network/spree_api_key_loader'
 Spree::Admin::OrdersController.class_eval do
   include OpenFoodNetwork::SpreeApiKeyLoader
   helper CheckoutHelper
-  before_filter :load_spree_api_key, only: :bulk_management
   before_filter :load_order, only: %i[show edit update fire resend invoice print print_ticket]
 
   before_filter :load_distribution_choices, only: [:new, :edit, :update]
@@ -27,6 +26,10 @@ Spree::Admin::OrdersController.class_eval do
     # within the page then fetches the data it needs from Api::OrdersController
   end
 
+  def bulk_management
+    load_spree_api_key
+  end
+
   def edit
     @order.shipments.map &:refresh_rates
 

app/controllers/spree/admin/payment_methods_controller.rb

@@ -1,16 +1,68 @@
 module Spree
   module Admin
-    PaymentMethodsController.class_eval do
-      before_filter :restrict_stripe_account_change, only: [:update]
-      before_filter :force_environment, only: [:create, :update]
-      skip_before_filter :load_resource, only: [:show_provider_preferences]
+    class PaymentMethodsController < ResourceController
+      skip_before_filter :load_resource, only: [:create, :show_provider_preferences]
+      before_filter :load_data
+      before_filter :validate_payment_method_provider, only: [:create]
       before_filter :load_hubs, only: [:new, :edit, :update]
       create.before :load_hubs
 
+      respond_to :html
+
+      def create
+        force_environment
+
+        @payment_method = params[:payment_method].
+          delete(:type).
+          constantize.
+          new(params[:payment_method])
+        @object = @payment_method
+
+        invoke_callbacks(:create, :before)
+        if @payment_method.save
+          invoke_callbacks(:create, :after)
+          flash[:success] = Spree.t(:successfully_created, resource: Spree.t(:payment_method))
+          redirect_to edit_admin_payment_method_path(@payment_method)
+        else
+          invoke_callbacks(:create, :fails)
+          respond_with(@payment_method)
+        end
+      end
+
+      def update
+        restrict_stripe_account_change
+        force_environment
+
+        invoke_callbacks(:update, :before)
+        payment_method_type = params[:payment_method].delete(:type)
+        if @payment_method['type'].to_s != payment_method_type
+          @payment_method.update_column(:type, payment_method_type)
+          @payment_method = PaymentMethod.find(params[:id])
+        end
+
+        payment_method_params = params[ActiveModel::Naming.param_key(@payment_method)] || {}
+        attributes = params[:payment_method].merge(payment_method_params)
+        attributes.each do |k, _v|
+          if k.include?("password") && attributes[k].blank?
+            attributes.delete(k)
+          end
+        end
+
+        if @payment_method.update_attributes(attributes)
+          invoke_callbacks(:update, :after)
+          flash[:success] = Spree.t(:successfully_updated, resource: Spree.t(:payment_method))
+          redirect_to edit_admin_payment_method_path(@payment_method)
+        else
+          invoke_callbacks(:update, :fails)
+          respond_with(@payment_method)
+        end
+      end
+
       # Only show payment methods that user has access to and sort by distributor name
       # ! Redundant code copied from Spree::Admin::ResourceController with modifications marked
       def collection
         return parent.public_send(controller_name) if parent_data.present?
+
         collection = if model_class.respond_to?(:accessible_by) &&
                         !current_ability.has_block?(params[:action], model_class)
 
@@ -62,6 +114,14 @@ module Spree
         @calculators = PaymentMethod.calculators.sort_by(&:name)
       end
 
+      def validate_payment_method_provider
+        valid_payment_methods = Rails.application.config.spree.payment_methods.map(&:to_s)
+        return if valid_payment_methods.include?(params[:payment_method][:type])
+
+        flash[:error] = Spree.t(:invalid_payment_provider)
+        redirect_to new_admin_payment_method_path
+      end
+
       def load_hubs
         # rubocop:disable Style/TernaryParentheses
         @hubs = Enterprise.managed_by(spree_current_user).is_distributor.sort_by! do |d|
@@ -73,7 +133,8 @@ module Spree
       # Show Stripe as an option if enabled, or if the
       # current payment_method is already a Stripe method
       def show_stripe?
-        Spree::Config.stripe_connect_enabled || @payment_method.try(:type) == "Spree::Gateway::StripeConnect"
+        Spree::Config.stripe_connect_enabled ||
+          @payment_method.try(:type) == "Spree::Gateway::StripeConnect"
       end
 
       def restrict_stripe_account_change

app/controllers/spree/admin/payments_controller_decorator.rb

@@ -43,8 +43,8 @@ Spree::Admin::PaymentsController.class_eval do
     else
       flash[:error] = t(:cannot_perform_operation)
     end
-  rescue Spree::Core::GatewayError => ge
-    flash[:error] = ge.message
+  rescue Spree::Core::GatewayError => e
+    flash[:error] = e.message
   ensure
     redirect_to request.referer
   end

app/controllers/spree/admin/product_properties_controller.rb

@@ -0,0 +1,19 @@
+module Spree
+  module Admin
+    class ProductPropertiesController < ResourceController
+      belongs_to 'spree/product', find_by: :permalink
+      before_filter :find_properties
+      before_filter :setup_property, only: [:index]
+
+      private
+
+      def find_properties
+        @properties = Spree::Property.pluck(:name)
+      end
+
+      def setup_property
+        @product.product_properties.build
+      end
+    end
+  end
+end

app/controllers/spree/admin/products_controller_decorator.rb

@@ -30,6 +30,11 @@ Spree::Admin::ProductsController.class_eval do
     @show_latest_import = params[:latest_import] || false
   end
 
+  def new
+    @object.shipping_category = DefaultShippingCategory.find_or_create
+    super
+  end
+
   def create
     delete_stock_params_and_set_after do
       super
@@ -41,11 +46,12 @@ Spree::Admin::ProductsController.class_eval do
   end
 
   def update
+    original_supplier_id = @product.supplier_id
+
     delete_stock_params_and_set_after do
       super
+      ExchangeVariantDeleter.new.delete(@product) if original_supplier_id != @product.supplier_id
     end
-
-    clear_variants_unit_description if @object.variant_unit == 'items'
   end
 
   def bulk_update
@@ -73,6 +79,7 @@ Spree::Admin::ProductsController.class_eval do
     # enterprise users.
     # TODO: There has to be a better way!!!
     return @collection if @collection.present?
+
     params[:q] ||= {}
     params[:q][:deleted_at_null] ||= "1"
 
@@ -141,6 +148,7 @@ Spree::Admin::ProductsController.class_eval do
 
   def strip_new_properties
     return if spree_current_user.admin? || params[:product][:product_properties_attributes].nil?
+
     names = Spree::Property.pluck(:name)
     params[:product][:product_properties_attributes].each do |key, property|
       unless names.include? property[:property_name]
@@ -164,9 +172,9 @@ Spree::Admin::ProductsController.class_eval do
     begin
       variant.on_demand = on_demand if on_demand.present?
       variant.on_hand = on_hand.to_i if on_hand.present?
-    rescue StandardError => error
-      notify_bugsnag(error, product, variant)
-      raise error
+    rescue StandardError => e
+      notify_bugsnag(e, product, variant)
+      raise e
     end
   end
 
@@ -190,10 +198,4 @@ Spree::Admin::ProductsController.class_eval do
   def set_product_master_variant_price_to_zero
     @product.price = 0 if @product.price.nil?
   end
-
-  def clear_variants_unit_description
-    @object.variants.each do |variant|
-      variant.update_attribute :unit_description, ''
-    end
-  end
 end

app/controllers/spree/admin/properties_controller.rb

@@ -0,0 +1,6 @@
+module Spree
+  module Admin
+    class PropertiesController < ResourceController
+    end
+  end
+end

app/controllers/spree/admin/reports_controller_decorator.rb

@@ -109,7 +109,7 @@ Spree::Admin::ReportsController.class_eval do
   end
 
   def orders_and_fulfillment
-    params[:q] ||= {}
+    params[:q] ||= orders_and_fulfillment_default_filters
 
     # -- Prepare Form Options
     permissions = OpenFoodNetwork::Permissions.new(spree_current_user)
@@ -126,7 +126,8 @@ Spree::Admin::ReportsController.class_eval do
     @include_blank = I18n.t(:all)
 
     # -- Build Report with Order Grouper
-    @report = OpenFoodNetwork::OrdersAndFulfillmentsReport.new spree_current_user, params, render_content?
+    @report = OpenFoodNetwork::OrdersAndFulfillmentsReport.new(permissions,
+                                                               params, render_content?)
     @table = order_grouper_table
     csv_file_name = "#{params[:report_type]}_#{timestamp}.csv"
 
@@ -257,14 +258,14 @@ Spree::Admin::ReportsController.class_eval do
   def describe_report(report)
     name = I18n.t(:name, scope: [:admin, :reports, report])
     description = begin
-      I18n.t!(:description, scope: [:admin, :reports, report])
-    rescue I18n::MissingTranslationData
-      render_to_string(
-        partial: "#{report}_description",
-        layout: false,
-        locals: { report_types: report_types[report] }
-      ).html_safe
-    end
+                    I18n.t!(:description, scope: [:admin, :reports, report])
+                  rescue I18n::MissingTranslationData
+                    render_to_string(
+                      partial: "#{report}_description",
+                      layout: false,
+                      locals: { report_types: report_types[report] }
+                    ).html_safe
+                  end
     { name: name, url: url_for_report(report), description: description }
   end
 
@@ -277,4 +278,10 @@ Spree::Admin::ReportsController.class_eval do
   def timestamp
     Time.zone.now.strftime("%Y%m%d")
   end
+
+  def orders_and_fulfillment_default_filters
+    now = Time.zone.now
+    { completed_at_gt: (now - 1.month).beginning_of_day,
+      completed_at_lt: (now + 1.day).beginning_of_day }
+  end
 end

app/controllers/spree/admin/resource_controller_decorator.rb

@@ -16,5 +16,5 @@ end
 Spree::Admin::ResourceController.prepend(AuthorizeOnLoadResource)
 
 Spree::Admin::ResourceController.class_eval do
-  rescue_from CanCan::AccessDenied, :with => :unauthorized
+  rescue_from CanCan::AccessDenied, with: :unauthorized
 end

app/controllers/spree/admin/return_authorizations_controller.rb

@@ -0,0 +1,24 @@
+module Spree
+  module Admin
+    class ReturnAuthorizationsController < ResourceController
+      belongs_to 'spree/order', find_by: :number
+
+      update.after :associate_inventory_units
+      create.after :associate_inventory_units
+
+      def fire
+        @return_authorization.public_send("#{params[:e]}!")
+        flash[:success] = Spree.t(:return_authorization_updated)
+        redirect_to :back
+      end
+
+      protected
+
+      def associate_inventory_units
+        (params[:return_quantity] || []).each do |variant_id, qty|
+          @return_authorization.add_variant(variant_id.to_i, qty.to_i)
+        end
+      end
+    end
+  end
+end

app/controllers/spree/admin/shipping_categories_controller.rb

@@ -0,0 +1,6 @@
+module Spree
+  module Admin
+    class ShippingCategoriesController < ResourceController
+    end
+  end
+end

app/controllers/spree/admin/shipping_methods_controller.rb

@@ -0,0 +1,86 @@
+module Spree
+  module Admin
+    class ShippingMethodsController < ResourceController
+      before_filter :load_data, except: [:index]
+      before_filter :set_shipping_category, only: [:create, :update]
+      before_filter :set_zones, only: [:create, :update]
+      before_filter :load_hubs, only: [:new, :edit, :create, :update]
+
+      # Sort shipping methods by distributor name
+      def collection
+        collection = super
+        collection = collection.managed_by(spree_current_user).by_name
+
+        if params.key? :enterprise_id
+          distributor = Enterprise.find params[:enterprise_id]
+          collection = collection.for_distributor(distributor)
+        end
+
+        collection
+      end
+
+      def new
+        @object.shipping_categories = [DefaultShippingCategory.find_or_create]
+        super
+      end
+
+      def destroy
+        # Our reports are not adapted to soft deleted shipping_methods so here we prevent
+        #   the deletion (even soft) of shipping_methods that are referenced in orders
+        if order = order_referenced_by_shipping_method
+          flash[:error] = I18n.t(:shipping_method_destroy_error, number: order.number)
+          redirect_to(collection_url) && return
+        end
+
+        @object.touch :deleted_at
+        flash[:success] = flash_message_for(@object, :successfully_removed)
+
+        respond_with(@object) do |format|
+          format.html { redirect_to collection_url }
+        end
+      end
+
+      private
+
+      def order_referenced_by_shipping_method
+        Order.joins(shipments: :shipping_rates)
+          .where( spree_shipping_rates: { shipping_method_id: @object } )
+          .first
+      end
+
+      def load_hubs
+        # rubocop:disable Style/TernaryParentheses
+        @hubs = Enterprise.managed_by(spree_current_user).is_distributor.sort_by! do |d|
+          [(@shipping_method.has_distributor? d) ? 0 : 1, d.name]
+        end
+        # rubocop:enable Style/TernaryParentheses
+      end
+
+      def set_shipping_category
+        return true if params["shipping_method"][:shipping_categories] == ""
+
+        @shipping_method.shipping_categories =
+          Spree::ShippingCategory.where(id: params["shipping_method"][:shipping_categories])
+        @shipping_method.save
+        params[:shipping_method].delete(:shipping_categories)
+      end
+
+      def set_zones
+        return true if params["shipping_method"][:zones] == ""
+
+        @shipping_method.zones = Spree::Zone.where(id: params["shipping_method"][:zones])
+        @shipping_method.save
+        params[:shipping_method].delete(:zones)
+      end
+
+      def location_after_save
+        edit_admin_shipping_method_path(@shipping_method)
+      end
+
+      def load_data
+        @available_zones = Zone.order(:name)
+        @calculators = ShippingMethod.calculators.sort_by(&:name)
+      end
+    end
+  end
+end

app/controllers/spree/admin/shipping_methods_controller_decorator.rb

@@ -1,42 +0,0 @@
-module Spree
-  module Admin
-    ShippingMethodsController.class_eval do
-      before_filter :do_not_destroy_referenced_shipping_methods, only: :destroy
-      before_filter :load_hubs, only: [:new, :edit, :create, :update]
-
-      # Sort shipping methods by distributor name
-      def collection
-        collection = super
-        collection = collection.managed_by(spree_current_user).by_name
-
-        if params.key? :enterprise_id
-          distributor = Enterprise.find params[:enterprise_id]
-          collection = collection.for_distributor(distributor)
-        end
-
-        collection
-      end
-
-      # Spree allows soft deletes of shipping_methods but our reports are not adapted to that
-      #   Here we prevent the deletion (even soft) of shipping_methods that are referenced in orders
-      def do_not_destroy_referenced_shipping_methods
-        order = Order.joins(shipments: :shipping_rates)
-          .where( spree_shipping_rates: { shipping_method_id: @object } )
-          .first
-        return unless order
-        flash[:error] = I18n.t(:shipping_method_destroy_error, number: order.number)
-        redirect_to(collection_url) && return
-      end
-
-      private
-
-      def load_hubs
-        # rubocop:disable Style/TernaryParentheses
-        @hubs = Enterprise.managed_by(spree_current_user).is_distributor.sort_by! do |d|
-          [(@shipping_method.has_distributor? d) ? 0 : 1, d.name]
-        end
-        # rubocop:enable Style/TernaryParentheses
-      end
-    end
-  end
-end

app/controllers/spree/admin/states_controller.rb

@@ -0,0 +1,29 @@
+module Spree
+  module Admin
+    class StatesController < ResourceController
+      belongs_to 'spree/country'
+      before_filter :load_data
+
+      def index
+        respond_with(@collection) do |format|
+          format.html
+          format.js { render partial: 'state_list' }
+        end
+      end
+
+      protected
+
+      def location_after_save
+        admin_country_states_url(@country)
+      end
+
+      def collection
+        super.order(:name)
+      end
+
+      def load_data
+        @countries = Country.order(:name)
+      end
+    end
+  end
+end

app/controllers/spree/admin/tax_categories_controller.rb

@@ -0,0 +1,19 @@
+module Spree
+  module Admin
+    class TaxCategoriesController < ResourceController
+      def destroy
+        if @object.destroy
+          flash[:success] = flash_message_for(@object, :successfully_removed)
+          respond_with(@object) do |format|
+            format.html { redirect_to collection_url }
+            format.js   { render partial: "spree/admin/shared/destroy" }
+          end
+        else
+          respond_with(@object) do |format|
+            format.html { redirect_to collection_url }
+          end
+        end
+      end
+    end
+  end
+end

app/controllers/spree/admin/tax_rates_controller.rb

@@ -0,0 +1,26 @@
+module Spree
+  module Admin
+    class TaxRatesController < ResourceController
+      before_filter :load_data
+
+      update.after :update_after
+      create.after :create_after
+
+      private
+
+      def load_data
+        @available_zones = Zone.order(:name)
+        @available_categories = TaxCategory.order(:name)
+        @calculators = TaxRate.calculators.sort_by(&:name)
+      end
+
+      def update_after
+        Rails.cache.delete('vat_rates')
+      end
+
+      def create_after
+        Rails.cache.delete('vat_rates')
+      end
+    end
+  end
+end

app/controllers/spree/admin/tax_settings_controller.rb

@@ -0,0 +1,15 @@
+module Spree
+  module Admin
+    class TaxSettingsController < Spree::Admin::BaseController
+      def update
+        Spree::Config.set(params[:preferences])
+
+        respond_to do |format|
+          format.html {
+            redirect_to edit_admin_tax_settings_path
+          }
+        end
+      end
+    end
+  end
+end

app/controllers/spree/admin/taxonomies_controller.rb

@@ -0,0 +1,21 @@
+module Spree
+  module Admin
+    class TaxonomiesController < ResourceController
+      respond_to :json, only: [:get_children]
+
+      def get_children
+        @taxons = Taxon.find(params[:parent_id]).children
+      end
+
+      private
+
+      def location_after_save
+        if @taxonomy.created_at == @taxonomy.updated_at
+          edit_admin_taxonomy_url(@taxonomy)
+        else
+          admin_taxonomies_url
+        end
+      end
+    end
+  end
+end

app/controllers/spree/admin/taxons_controller.rb

@@ -0,0 +1,118 @@
+module Spree
+  module Admin
+    class TaxonsController < Spree::Admin::BaseController
+      respond_to :html, :json, :js
+
+      def search
+        @taxons = if params[:ids]
+                    Spree::Taxon.where(id: params[:ids].split(','))
+                  else
+                    Spree::Taxon.limit(20).search(name_cont: params[:q]).result
+                  end
+      end
+
+      def create
+        @taxonomy = Taxonomy.find(params[:taxonomy_id])
+        @taxon = @taxonomy.taxons.build(params[:taxon])
+        if @taxon.save
+          respond_with(@taxon) do |format|
+            format.json { render json: @taxon.to_json }
+          end
+        else
+          flash[:error] = Spree.t('errors.messages.could_not_create_taxon')
+          respond_with(@taxon) do |format|
+            format.html do
+              if redirect_to @taxonomy
+                edit_admin_taxonomy_url(@taxonomy)
+              else
+                admin_taxonomies_url
+              end
+            end
+          end
+        end
+      end
+
+      def edit
+        @taxonomy = Taxonomy.find(params[:taxonomy_id])
+        @taxon = @taxonomy.taxons.find(params[:id])
+        @permalink_part = @taxon.permalink.split("/").last
+      end
+
+      def update
+        @taxonomy = Taxonomy.find(params[:taxonomy_id])
+        @taxon = @taxonomy.taxons.find(params[:id])
+        parent_id = params[:taxon][:parent_id]
+        new_position = params[:taxon][:position]
+
+        if parent_id || new_position # taxon is being moved
+          new_parent = parent_id.nil? ? @taxon.parent : Taxon.find(parent_id.to_i)
+          new_position = new_position.nil? ? -1 : new_position.to_i
+
+          # Bellow is a very complicated way of finding where in nested set we
+          # should actually move the taxon to achieve sane results,
+          # JS is giving us the desired position, which was awesome for previous setup,
+          # but now it's quite complicated to find where we should put it as we have
+          # to differenciate between moving to the same branch, up down and into
+          # first position.
+          new_siblings = new_parent.children
+          if new_position <= 0 && new_siblings.empty?
+            @taxon.move_to_child_of(new_parent)
+          elsif new_parent.id != @taxon.parent_id
+            if new_position.zero?
+              @taxon.move_to_left_of(new_siblings.first)
+            else
+              @taxon.move_to_right_of(new_siblings[new_position - 1])
+            end
+          elsif new_position < new_siblings.index(@taxon)
+            @taxon.move_to_left_of(new_siblings[new_position]) # we move up
+          else
+            @taxon.move_to_right_of(new_siblings[new_position - 1]) # we move down
+          end
+          # Reset legacy position, if any extensions still rely on it
+          new_parent.children.reload.each{ |t| t.update_column(:position, t.position) }
+
+          if parent_id
+            @taxon.reload
+            @taxon.set_permalink
+            @taxon.save!
+            @update_children = true
+          end
+        end
+
+        if params.key? "permalink_part"
+          parent_permalink = @taxon.permalink.split("/")[0...-1].join("/")
+          parent_permalink += "/" if parent_permalink.present?
+          params[:taxon][:permalink] = parent_permalink + params[:permalink_part]
+        end
+        # check if we need to rename child taxons if parent name or permalink changes
+        if params[:taxon][:name] != @taxon.name || params[:taxon][:permalink] != @taxon.permalink
+          @update_children = true
+        end
+
+        if @taxon.update_attributes(params[:taxon])
+          flash[:success] = flash_message_for(@taxon, :successfully_updated)
+        end
+
+        # rename child taxons
+        if @update_children
+          @taxon.descendants.each do |taxon|
+            taxon.reload
+            taxon.set_permalink
+            taxon.save!
+          end
+        end
+
+        respond_with(@taxon) do |format|
+          format.html { redirect_to edit_admin_taxonomy_url(@taxonomy) }
+          format.json { render json: @taxon.to_json }
+        end
+      end
+
+      def destroy
+        @taxon = Taxon.find(params[:id])
+        @taxon.destroy
+        respond_with(@taxon) { |format| format.json { render json: '' } }
+      end
+    end
+  end
+end

app/controllers/spree/admin/users_controller.rb

@@ -46,21 +46,26 @@ module Spree
             @user.spree_roles = roles.reject(&:blank?).collect{ |r| Spree::Role.find(r) }
           end
 
-          flash.now[:success] = Spree.t(:account_updated)
+          message = if new_email_unconfirmed?
+                      Spree.t(:email_updated)
+                    else
+                      Spree.t(:account_updated)
+                    end
+          flash.now[:success] = message
         end
         render :edit
       end
 
       def generate_api_key
         if @user.generate_spree_api_key!
-          flash[:success] = Spree.t('api.key_generated')
+          flash[:success] = t('spree.api.key_generated')
         end
         redirect_to edit_admin_user_path(@user)
       end
 
       def clear_api_key
         if @user.clear_spree_api_key!
-          flash[:success] = Spree.t('api.key_cleared')
+          flash[:success] = t('spree.api.key_cleared')
         end
         redirect_to edit_admin_user_path(@user)
       end
@@ -69,6 +74,7 @@ module Spree
 
       def collection
         return @collection if @collection.present?
+
         if request.xhr? && params[:q].present?
           # Disabling proper nested include here due to rails 3.1 bug
           @collection = Spree::User.
@@ -120,12 +126,17 @@ module Spree
 
       def sign_in_if_change_own_password
         return unless spree_current_user == @user && @user.password.present?
+
         sign_in(@user, event: :authentication, bypass: true)
       end
 
       def load_roles
         @roles = Spree::Role.scoped
       end
+
+      def new_email_unconfirmed?
+        params[:user][:email] != @user.email
+      end
     end
   end
 end

app/controllers/spree/admin/zones_controller.rb

@@ -0,0 +1,26 @@
+module Spree
+  module Admin
+    class ZonesController < ResourceController
+      before_filter :load_data, except: [:index]
+
+      def new
+        @zone.zone_members.build
+      end
+
+      protected
+
+      def collection
+        params[:q] ||= {}
+        params[:q][:s] ||= "ascend_by_name"
+        @search = super.ransack(params[:q])
+        @zones = @search.result.page(params[:page]).per(Spree::Config[:orders_per_page])
+      end
+
+      def load_data
+        @countries = Country.order(:name)
+        @states = State.order(:name)
+        @zones = Zone.order(:name)
+      end
+    end
+  end
+end

app/controllers/spree/api/base_controller.rb

@@ -1,130 +0,0 @@
-require_dependency 'spree/api/controller_setup'
-
-module Spree
-  module Api
-    class BaseController < ActionController::Metal
-      include Spree::Api::ControllerSetup
-      include Spree::Core::ControllerHelpers::SSL
-      include ::ActionController::Head
-
-      self.responder = Spree::Api::Responders::AppResponder
-
-      respond_to :json
-
-      attr_accessor :current_api_user
-
-      before_filter :set_content_type
-      before_filter :check_for_user_or_api_key, :if => :requires_authentication?
-      before_filter :authenticate_user
-      after_filter  :set_jsonp_format
-
-      rescue_from Exception, :with => :error_during_processing
-      rescue_from CanCan::AccessDenied, :with => :unauthorized
-      rescue_from ActiveRecord::RecordNotFound, :with => :not_found
-
-      helper Spree::Api::ApiHelpers
-
-      ssl_allowed
-
-      def set_jsonp_format
-        if params[:callback] && request.get?
-          self.response_body = "#{params[:callback]}(#{response_body})"
-          headers["Content-Type"] = 'application/javascript'
-        end
-      end
-
-      def map_nested_attributes_keys(klass, attributes)
-        nested_keys = klass.nested_attributes_options.keys
-        attributes.inject({}) do |h, (k, v)|
-          key = nested_keys.include?(k.to_sym) ? "#{k}_attributes" : k
-          h[key] = v
-          h
-        end.with_indifferent_access
-      end
-
-      private
-
-      def set_content_type
-        content_type = case params[:format]
-                       when "json"
-                         "application/json"
-                       when "xml"
-                         "text/xml"
-                       end
-        headers["Content-Type"] = content_type
-      end
-
-      def check_for_user_or_api_key
-        # User is already authenticated with Spree, make request this way instead.
-        return true if @current_api_user = try_spree_current_user ||
-                                           !requires_authentication?
-
-        return if api_key.present?
-        render("spree/api/errors/must_specify_api_key", status: :unauthorized) && return
-      end
-
-      def authenticate_user
-        return if @current_api_user
-
-        if requires_authentication? || api_key.present?
-          unless @current_api_user = Spree.user_class.find_by_spree_api_key(api_key.to_s)
-            render("spree/api/errors/invalid_api_key", status: :unauthorized) && return
-          end
-        else
-          # An anonymous user
-          @current_api_user = Spree.user_class.new
-        end
-      end
-
-      def unauthorized
-        render("spree/api/errors/unauthorized", status: :unauthorized) && return
-      end
-
-      def error_during_processing(exception)
-        render(text: { exception: exception.message }.to_json,
-               status: :unprocessable_entity) && return
-      end
-
-      def requires_authentication?
-        true
-      end
-
-      def not_found
-        render("spree/api/errors/not_found", status: :not_found) && return
-      end
-
-      def current_ability
-        Spree::Ability.new(current_api_user)
-      end
-
-      def invalid_resource!(resource)
-        @resource = resource
-        render "spree/api/errors/invalid_resource", status: :unprocessable_entity
-      end
-
-      def api_key
-        request.headers["X-Spree-Token"] || params[:token]
-      end
-      helper_method :api_key
-
-      def find_product(id)
-        product_scope.find_by_permalink!(id.to_s)
-      rescue ActiveRecord::RecordNotFound
-        product_scope.find(id)
-      end
-
-      def product_scope
-        if current_api_user.has_spree_role?("admin")
-          scope = Product
-          if params[:show_deleted]
-            scope = scope.with_deleted
-          end
-        else
-          scope = Product.active
-        end
-
-        scope.includes(:master)
-      end
-    end
-  end
-end

app/controllers/spree/api/shipments_controller.rb

@@ -1,108 +0,0 @@
-require 'open_food_network/scope_variant_to_hub'
-
-module Spree
-  module Api
-    class ShipmentsController < Spree::Api::BaseController
-      respond_to :json
-
-      before_filter :find_order
-      before_filter :find_and_update_shipment, only: [:ship, :ready, :add, :remove]
-
-      def create
-        variant = scoped_variant(params[:variant_id])
-        quantity = params[:quantity].to_i
-        @shipment = get_or_create_shipment(params[:stock_location_id])
-
-        @order.contents.add(variant, quantity, nil, @shipment)
-
-        @shipment.refresh_rates
-        @shipment.save!
-
-        respond_with(@shipment.reload, default_template: :show)
-      end
-
-      def update
-        authorize! :read, Shipment
-        @shipment = @order.shipments.find_by_number!(params[:id])
-        params[:shipment] ||= []
-        unlock = params[:shipment].delete(:unlock)
-
-        if unlock == 'yes'
-          @shipment.adjustment.open
-        end
-
-        @shipment.update_attributes(params[:shipment])
-
-        if unlock == 'yes'
-          @shipment.adjustment.close
-        end
-
-        @shipment.reload
-        respond_with(@shipment, default_template: :show)
-      end
-
-      def ready
-        authorize! :read, Shipment
-        unless @shipment.ready?
-          if @shipment.can_ready?
-            @shipment.ready!
-          else
-            render "spree/api/shipments/cannot_ready_shipment", status: :unprocessable_entity
-            return
-          end
-        end
-        respond_with(@shipment, default_template: :show)
-      end
-
-      def ship
-        authorize! :read, Shipment
-        unless @shipment.shipped?
-          @shipment.ship!
-        end
-        respond_with(@shipment, default_template: :show)
-      end
-
-      def add
-        variant = scoped_variant(params[:variant_id])
-        quantity = params[:quantity].to_i
-
-        @order.contents.add(variant, quantity, nil, @shipment)
-
-        respond_with(@shipment, default_template: :show)
-      end
-
-      def remove
-        variant = scoped_variant(params[:variant_id])
-        quantity = params[:quantity].to_i
-
-        @order.contents.remove(variant, quantity, @shipment)
-        @shipment.reload if @shipment.persisted?
-
-        respond_with(@shipment, default_template: :show)
-      end
-
-      private
-
-      def find_order
-        @order = Spree::Order.find_by_number!(params[:order_id])
-        authorize! :read, @order
-      end
-
-      def find_and_update_shipment
-        @shipment = @order.shipments.find_by_number!(params[:id])
-        @shipment.update_attributes(params[:shipment])
-        @shipment.reload
-      end
-
-      def scoped_variant(variant_id)
-        variant = Spree::Variant.find(variant_id)
-        OpenFoodNetwork::ScopeVariantToHub.new(@order.distributor).scope(variant)
-        variant
-      end
-
-      def get_or_create_shipment(stock_location_id)
-        @order.shipment || @order.shipments.create(stock_location_id: stock_location_id)
-      end
-    end
-  end
-end

app/controllers/spree/api/taxons_controller.rb

@@ -1,75 +0,0 @@
-module Spree
-  module Api
-    class TaxonsController < Spree::Api::BaseController
-      respond_to :json
-
-      def index
-        if taxonomy
-          @taxons = taxonomy.root.children
-        else
-          if params[:ids]
-            @taxons = Taxon.where(id: params[:ids].split(","))
-          else
-            @taxons = Taxon.ransack(params[:q]).result
-          end
-        end
-        respond_with(@taxons)
-      end
-
-      def show
-        @taxon = taxon
-        respond_with(@taxon)
-      end
-
-      def jstree
-        show
-      end
-
-      def create
-        authorize! :create, Taxon
-        @taxon = Taxon.new(params[:taxon])
-        @taxon.taxonomy_id = params[:taxonomy_id]
-        taxonomy = Taxonomy.find_by_id(params[:taxonomy_id])
-
-        if taxonomy.nil?
-          @taxon.errors[:taxonomy_id] = I18n.t(:invalid_taxonomy_id, scope: 'spree.api')
-          invalid_resource!(@taxon) && return
-        end
-
-        @taxon.parent_id = taxonomy.root.id unless params[:taxon][:parent_id]
-
-        if @taxon.save
-          respond_with(@taxon, status: 201, default_template: :show)
-        else
-          invalid_resource!(@taxon)
-        end
-      end
-
-      def update
-        authorize! :update, Taxon
-        if taxon.update_attributes(params[:taxon])
-          respond_with(taxon, status: 200, default_template: :show)
-        else
-          invalid_resource!(taxon)
-        end
-      end
-
-      def destroy
-        authorize! :delete, Taxon
-        taxon.destroy
-        respond_with(taxon, status: 204)
-      end
-
-      private
-
-      def taxonomy
-        return if params[:taxonomy_id].blank?
-        @taxonomy ||= Taxonomy.find(params[:taxonomy_id])
-      end
-
-      def taxon
-        @taxon ||= taxonomy.taxons.find(params[:id])
-      end
-    end
-  end
-end

app/controllers/spree/api/users_controller.rb

@@ -1,7 +0,0 @@
-module Spree
-  module Api
-    class UsersController < Spree::Api::BaseController
-      respond_to :json
-    end
-  end
-end

app/controllers/spree/checkout_controller.rb

@@ -18,7 +18,7 @@ module Spree
 
     helper 'spree/orders'
 
-    rescue_from Spree::Core::GatewayError, :with => :rescue_from_spree_gateway_error
+    rescue_from Spree::Core::GatewayError, with: :rescue_from_spree_gateway_error
 
     def edit
       flash.keep

app/controllers/spree/credit_cards_controller.rb

@@ -19,6 +19,7 @@ module Spree
     def update
       @credit_card = Spree::CreditCard.find_by_id(params[:id])
       return update_failed unless @credit_card
+
       authorize! :update, @credit_card
 
       if @credit_card.update_attributes(params[:credit_card])
@@ -63,6 +64,7 @@ module Spree
 
     def stored_card_attributes
       return {} unless @customer.try(:default_source)
+
       {
         month: params[:exp_month],
         year: params[:exp_year],

app/controllers/spree/orders_controller.rb

@@ -9,7 +9,7 @@ module Spree
     ssl_required :show
 
     before_filter :check_authorization
-    rescue_from ActiveRecord::RecordNotFound, :with => :render_404
+    rescue_from ActiveRecord::RecordNotFound, with: :render_404
     helper 'spree/products', 'spree/orders'
 
     respond_to :html
@@ -200,6 +200,7 @@ module Spree
     def order_to_update
       return @order_to_update if defined? @order_to_update
       return @order_to_update = current_order unless params[:id]
+
       @order_to_update = changeable_order_from_number
     end
 
@@ -208,6 +209,7 @@ module Spree
     def changeable_order_from_number
       order = Spree::Order.complete.find_by_number(params[:id])
       return nil unless order.andand.changes_allowed? && can?(:update, order)
+
       order
     end
 

app/controllers/spree/paypal_controller_decorator.rb

@@ -38,6 +38,7 @@ Spree::PaypalController.class_eval do
   # the payment details have been confirmed, but before any payments have been processed
   def destroy_orphaned_paypal_payments
     return unless payment_method.is_a?(Spree::Gateway::PayPalExpress)
+
     orphaned_payments = current_order.payments.where(payment_method_id: payment_method.id, source_id: nil)
     orphaned_payments.each(&:destroy)
   end